Skip to content

fix: 2nd pass when pulling initial schema #4357

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 24, 2025
Merged

fix: 2nd pass when pulling initial schema #4357

merged 2 commits into from
Oct 24, 2025

Conversation

@sweatybridge
Copy link
Contributor

@sweatybridge sweatybridge commented Oct 24, 2025
edited
Loading

What kind of change does this PR introduce?

Bug fix

What is the new behavior?

We have these default privileges for all new tables created in public schema.

alter default privileges in schema public grant all on tables to postgres, anon, authenticated, service_role;

As a user, I may want to create a new table but revoke grants to anon role. For eg. my migration could look like this

create table public.test();
revoke all on table public.test from anon;

Now if I run the diff tool against an empty database, our inspection query finds a new table created with grants to authenticated and service_role only. So it generates the following sql

create table public.test();
grant all on table public.test to authenticated;
grant all on table public.test to service_role;

This is actually inconsistent with my desired state because the table public.test will still be granted to anon role due to the default privilege.

Hence, we are doing a 2nd pass to properly capture the revoke statements.

Additional context

Add any other context or screenshots.

@sweatybridge sweatybridge requested a review from a team as a code owner October 24, 2025 09:00
@coveralls
Copy link

coveralls commented Oct 24, 2025
edited
Loading

Pull Request Test Coverage Report for Build 18775145968

Details

  • 1 of 1 (100.0%) changed or added relevant line in 1 file are covered.
  • 7 unchanged lines in 2 files lost coverage.
  • Overall coverage decreased (-0.03%) to 54.703%
Files with Coverage Reduction New Missed Lines %
internal/storage/rm/rm.go 2 80.61%
internal/gen/keys/keys.go 5 12.9%
Totals Coverage Status
Change from base Build 18771499447: -0.03%
Covered Lines: 6386
Relevant Lines: 11674
💛 - Coveralls

avallete
avallete reviewed Oct 24, 2025
View reviewed changes
@sweatybridge sweatybridge merged commit 6d83868 into develop Oct 24, 2025
27 of 28 checks passed
@sweatybridge sweatybridge deleted the 2pass branch October 24, 2025 10:05
@github-actions github-actions bot mentioned this pull request Oct 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@avallete avallete avallete approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sweatybridge @coveralls @avallete