From 95e785e270a6a24ed0ac8ebdb4b8e5af4d96b1fb Mon Sep 17 00:00:00 2001 From: Bobbie Soedirgo Date: Wed, 2 Apr 2025 15:25:44 +0800 Subject: [PATCH 1/3] feat(migrations): alter internal evt trig owner --- ...0085357_revoke_writes_on_cron_job_from_postgres.sql | 1 + ...internal_event_triggers_owner_to_supabase_admin.sql | 10 ++++++++++ nix/tests/expected/evtrigs.out | 4 ++-- 3 files changed, 13 insertions(+), 2 deletions(-) create mode 100644 migrations/db/migrations/20250402065937_alter_internal_event_triggers_owner_to_supabase_admin.sql diff --git a/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql b/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql index 25b827110..4aea5d10c 100644 --- a/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql +++ b/migrations/db/migrations/20231020085357_revoke_writes_on_cron_job_from_postgres.sql @@ -40,6 +40,7 @@ END; $$; drop event trigger if exists issue_pg_cron_access; +alter function extensions.grant_pg_cron_access owner to supabase_admin; CREATE EVENT TRIGGER issue_pg_cron_access ON ddl_command_end WHEN TAG IN ('CREATE EXTENSION') EXECUTE FUNCTION extensions.grant_pg_cron_access(); diff --git a/migrations/db/migrations/20250402065937_alter_internal_event_triggers_owner_to_supabase_admin.sql b/migrations/db/migrations/20250402065937_alter_internal_event_triggers_owner_to_supabase_admin.sql new file mode 100644 index 000000000..9308f07d4 --- /dev/null +++ b/migrations/db/migrations/20250402065937_alter_internal_event_triggers_owner_to_supabase_admin.sql @@ -0,0 +1,10 @@ +-- migrate:up +drop event trigger if exists issue_pg_net_access; + +alter function extensions.grant_pg_net_access owner to supabase_admin; + +CREATE EVENT TRIGGER issue_pg_net_access ON ddl_command_end + WHEN TAG IN ('CREATE EXTENSION') + EXECUTE FUNCTION extensions.grant_pg_net_access(); + +-- migrate:down diff --git a/nix/tests/expected/evtrigs.out b/nix/tests/expected/evtrigs.out index 7f8025834..3e3f523fc 100644 --- a/nix/tests/expected/evtrigs.out +++ b/nix/tests/expected/evtrigs.out @@ -12,14 +12,14 @@ join pg_namespace n_func where p.prorettype = 'event_trigger'::regtype; evtname | evtowner | evtfunction_schema | evtfunction | function_owner ----------------------------------------+----------------+--------------------+------------------------------------+---------------- - issue_pg_net_access | postgres | extensions | grant_pg_net_access | postgres issue_pg_graphql_access | supabase_admin | extensions | grant_pg_graphql_access | supabase_admin issue_graphql_placeholder | supabase_admin | extensions | set_graphql_placeholder | supabase_admin pgrst_ddl_watch | supabase_admin | extensions | pgrst_ddl_watch | supabase_admin pgrst_drop_watch | supabase_admin | extensions | pgrst_drop_watch | supabase_admin graphql_watch_ddl | supabase_admin | graphql | graphql.increment_schema_version | supabase_admin graphql_watch_drop | supabase_admin | graphql | graphql.increment_schema_version | supabase_admin - issue_pg_cron_access | supabase_admin | extensions | grant_pg_cron_access | postgres + issue_pg_cron_access | supabase_admin | extensions | grant_pg_cron_access | supabase_admin + issue_pg_net_access | supabase_admin | extensions | grant_pg_net_access | supabase_admin pg_tle_event_trigger_for_drop_function | supabase_admin | pgtle | pgtle.pg_tle_feature_info_sql_drop | supabase_admin pgaudit_ddl_command_end | supabase_admin | public | pgaudit_ddl_command_end | supabase_admin pgaudit_sql_drop | supabase_admin | public | pgaudit_sql_drop | supabase_admin From b1f5b76dc0ad03bbc31b3954901c465cbe4d4964 Mon Sep 17 00:00:00 2001 From: steve-chavez Date: Fri, 11 Apr 2025 17:19:19 -0500 Subject: [PATCH 2/3] feat: bump to supautils v2.9.1 --- nix/ext/supautils.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nix/ext/supautils.nix b/nix/ext/supautils.nix index f3f5f1482..40973a1af 100644 --- a/nix/ext/supautils.nix +++ b/nix/ext/supautils.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "supautils"; - version = "2.6.0"; + version = "2.9.1"; buildInputs = [ postgresql ]; @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { owner = "supabase"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-QNfUpQjqHNzbNqBvjb5a3GtNH9hjbBMDUK19xUU3LpI="; + hash = "sha256-Rw7dmIUg9bJ7SuiHxCsZtnVhdG9hg4WlptiB/MxVmPc="; }; installPhase = '' mkdir -p $out/lib - install -D *${postgresql.dlSuffix} -t $out/lib + install -D build/*${postgresql.dlSuffix} -t $out/lib ''; meta = with lib; { From 11ab7a85e3edf832485298f3b2cd7d92e4cd90b2 Mon Sep 17 00:00:00 2001 From: Bobbie Soedirgo Date: Wed, 23 Apr 2025 19:46:36 +0800 Subject: [PATCH 3/3] tmp --- ansible/vars.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/vars.yml b/ansible/vars.yml index d0251b3dc..1ab59ca81 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -9,9 +9,9 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.0.1.067-orioledb" - postgres17: "17.4.1.017" - postgres15: "15.8.1.074" + postgresorioledb-17: "17.0.1.067-orioledb-supautils-2" + postgres17: "17.4.1.017-supautils-2" + postgres15: "15.8.1.074-supautils-2" # Non Postgres Extensions pgbouncer_release: "1.19.0"