blsmith/dc-deployments-automation
1
0
Fork 0
mirror of https://bitbucket.org/atlassian/dc-deployments-automation.git synced 2025-12-14 08:53:07 -06:00
Code Issues Packages Projects Releases Wiki Activity

Merged in bugfix/ITOPSENG-277-itops-required-changes-for-confluence (pull request #58)

Browse Source 
ITOPSENG-277 fix schema owner and grant logic

Approved-by: Ben Partridge <bpartridge@atlassian.com>
This commit is contained in:
Brett Meehan
2019-12-10 23:59:02 +00:00
parent 5936cb0409 6e20e92a76
commit 3484d422c8
1 changed files with 25 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
roles/database_init/tasks/main.yml
View File

@@ -10,30 +10,6 @@
password: "{{ atl_jdbc_password }}" password: "{{ atl_jdbc_password }}"
expires: 'infinity' expires: 'infinity'
- name: Assert ownership of public schema
postgresql_query:
login_host: "{{ atl_db_host }}"
login_user: "{{ atl_db_root_user }}"
login_password: "{{ atl_db_root_password }}"
db: "{{ atl_db_root_db_name }}"
query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};"
- name: Grant privs to root user on public schema
postgresql_query:
login_host: "{{ atl_db_host }}"
login_user: "{{ atl_db_root_user }}"
login_password: "{{ atl_db_root_password }}"
db: "{{ atl_db_root_db_name }}"
query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};"
- name: Grant privs to application user on public schema
postgresql_query:
login_host: "{{ atl_db_host }}"
login_user: "{{ atl_db_root_user }}"
login_password: "{{ atl_db_root_password }}"
db: "{{ atl_db_root_db_name }}"
query: "GRANT ALL ON SCHEMA public TO {{ atl_jdbc_user }};"
- block: - block:
- name: Update root privs for new user - name: Update root privs for new user
@@ -62,3 +38,28 @@
tags: tags:
- new_only - new_only
- name: Assert ownership of public schema
postgresql_query:
login_host: "{{ atl_db_host }}"
login_user: "{{ atl_db_root_user }}"
login_password: "{{ atl_db_root_password }}"
db: "{{ atl_jdbc_db_name }}"
query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};"
- name: Grant privs to root user on public schema
postgresql_query:
login_host: "{{ atl_db_host }}"
login_user: "{{ atl_db_root_user }}"
login_password: "{{ atl_db_root_password }}"
db: "{{ atl_jdbc_db_name }}"
query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};"
- name: Grant privs to application user on public schema
postgresql_query:
login_host: "{{ atl_db_host }}"
login_user: "{{ atl_db_root_user }}"
login_password: "{{ atl_db_root_password }}"
db: "{{ atl_jdbc_db_name }}"
query: "GRANT ALL ON SCHEMA public TO {{ atl_jdbc_user }};"