Page MenuHomeSoftware Heritage

Add mirror-test vm and a dedicated schema on the staging database
ClosedPublic

Authored by vsellier on Apr 22 2021, 8:24 PM.

Details

Summary

Related to T3283

Test Plan
  • mirror-test is a new vm so it's not testable
  • changes for db1 (creation of the new database schema):
diff origin/production/db1.internal.staging.swh.network current/db1.internal.staging.swh.network
*******************************************
  Concat::Fragment[_postgres] =>
   parameters =>
     content =>
      @@ -7,3 +7,4 @@
       swh-indexer = host=localhost port=5433 auth_user=postgres
       swh-web = host=localhost port=5433 auth_user=postgres
      +swh-mirror = host=localhost port=5433 auth_user=postgres
      _
*******************************************
  Concat_fragment[_postgres] =>
   parameters =>
     content =>
      @@ -7,3 +7,4 @@
       swh-indexer = host=localhost port=5433 auth_user=postgres
       swh-web = host=localhost port=5433 auth_user=postgres
      +swh-mirror = host=localhost port=5433 auth_user=postgres
      _
*******************************************
  Pgbouncer::Databases[pgbouncer_module_databases] =>
   parameters =>
     databases =>
      - [{"source_db"=>"swh", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh"}, {"source_db"=>"swh-scheduler", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-scheduler"}, {"source_db"=>"swh-vault", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-vault"}, {"source_db"=>"swh-lister", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-lister"}, {"source_db"=>"swh-deposit", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-deposit"}, {"source_db"=>"swh-indexer", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-indexer"}, {"source_db"=>"swh-web", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-web"}]
      + [{"source_db"=>"swh", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh"}, {"source_db"=>"swh-scheduler", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-scheduler"}, {"source_db"=>"swh-vault", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-vault"}, {"source_db"=>"swh-lister", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-lister"}, {"source_db"=>"swh-deposit", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-deposit"}, {"source_db"=>"swh-indexer", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-indexer"}, {"source_db"=>"swh-web", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"staging-swh-web"}, {"source_db"=>"swh-mirror", "host"=>"localhost", "auth_user"=>"postgres", "port"=>5433, "alias"=>"swh-mirror"}]
*******************************************
+ Postgresql::Server::Database[swh-mirror] =>
   parameters =>
     "connect_settings": {
     },
     "dbname": "swh-mirror",
     "istemplate": false,
     "owner": "swh-mirror",
     "template": "template0"
*******************************************
+ Postgresql::Server::Database_grant[GRANT swh-mirror - ALL - swh-mirror] =>
   parameters =>
     "db": "swh-mirror",
     "privilege": "ALL",
     "role": "swh-mirror"
*******************************************
+ Postgresql::Server::Database_grant[swh-mirror] =>
   parameters =>
     "db": "swh-mirror",
     "privilege": "connect",
     "role": "guest"
*******************************************
+ Postgresql::Server::Db[swh-mirror] =>
   parameters =>
     "dbname": "swh-mirror",
     "grant": "ALL",
     "istemplate": false,
     "owner": "swh-mirror",
     "password": "swh-deploy-mirror-db-password",
     "template": "template0",
     "user": "swh-mirror"
*******************************************
+ Postgresql::Server::Grant[database:GRANT swh-mirror - ALL - swh-mirror] =>
   parameters =>
     "connect_settings": {
     },
     "db": "swh-mirror",
     "ensure": "present",
     "object_arguments": [
    
     ],
     "object_name": "swh-mirror",
     "object_type": "DATABASE",
     "onlyif_exists": false,
     "port": 5433,
     "privilege": "ALL",
     "psql_db": "postgres",
     "psql_user": "postgres",
     "role": "swh-mirror"
*******************************************
+ Postgresql::Server::Grant[database:swh-mirror] =>
   parameters =>
     "connect_settings": {
     },
     "db": "swh-mirror",
     "ensure": "present",
     "object_arguments": [
    
     ],
     "object_name": "swh-mirror",
     "object_type": "DATABASE",
     "onlyif_exists": false,
     "port": 5433,
     "privilege": "connect",
     "psql_db": "postgres",
     "psql_user": "postgres",
     "role": "guest"
*******************************************
+ Postgresql::Server::Role[swh-mirror] =>
   parameters =>
     "connect_settings": {
     },
     "connection_limit": "-1",
     "createdb": false,
     "createrole": false,
     "db": "postgres",
     "ensure": "present",
     "inherit": true,
     "login": true,
     "password_hash": "swh-deploy-mirror-db-password",
     "replication": false,
     "superuser": false,
     "update_password": true,
     "username": "swh-mirror"
*******************************************
+ Postgresql_psql[ALTER DATABASE "swh-mirror" OWNER TO "swh-mirror"] =>
   parameters =>
     "connect_settings": {
     },
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_database JOIN pg_roles rol ON datdba = rol.oid W...
*******************************************
+ Postgresql_psql[ALTER ROLE "swh-mirror" CONNECTION LIMIT -1] =>
   parameters =>
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror' AND rolconnli...
*******************************************
+ Postgresql_psql[ALTER ROLE "swh-mirror" INHERIT] =>
   parameters =>
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror' AND rolinheri...
*******************************************
+ Postgresql_psql[ALTER ROLE "swh-mirror" LOGIN] =>
   parameters =>
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror' AND rolcanlog...
*******************************************
+ Postgresql_psql[ALTER ROLE "swh-mirror" NOCREATEDB] =>
   parameters =>
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror' AND rolcreate...
*******************************************
+ Postgresql_psql[ALTER ROLE "swh-mirror" NOCREATEROLE] =>
   parameters =>
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror' AND rolcreate...
*******************************************
+ Postgresql_psql[ALTER ROLE "swh-mirror" NOREPLICATION] =>
   parameters =>
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror' AND rolreplic...
*******************************************
+ Postgresql_psql[ALTER ROLE "swh-mirror" NOSUPERUSER] =>
   parameters =>
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror' AND rolsuper ...
*******************************************
+ Postgresql_psql[ALTER ROLE swh-mirror ENCRYPTED PASSWORD ****] =>
   parameters =>
     "command": "ALTER ROLE \"swh-mirror\" ENCRYPTED PASSWORD '$NEWPGPASSWD'",
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "environment": "NEWPGPASSWD=swh-deploy-mirror-db-password",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_shadow WHERE usename = 'swh-mirror' AND passwd =...
*******************************************
+ Postgresql_psql[CREATE DATABASE "swh-mirror"] =>
   parameters =>
     "command": "CREATE DATABASE \"swh-mirror\" WITH TEMPLATE = \"template0\"   "...
     "connect_settings": {
     },
     "db": "postgres",
     "notify": [
       "Postgresql_psql[REVOKE CONNECT ON DATABASE \"swh-mirror\" FROM public]"
     ],
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_database WHERE datname = 'swh-mirror'"
*******************************************
+ Postgresql_psql[CREATE ROLE swh-mirror ENCRYPTED PASSWORD ****] =>
   parameters =>
     "command": "CREATE ROLE \"swh-mirror\" ENCRYPTED PASSWORD '$NEWPGPASSWD' LOG...
     "connect_settings": {
     },
     "cwd": "/tmp",
     "db": "postgres",
     "environment": "NEWPGPASSWD=swh-deploy-mirror-db-password",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_roles WHERE rolname = 'swh-mirror'"
*******************************************
+ Postgresql_psql[REVOKE CONNECT ON DATABASE "swh-mirror" FROM public] =>
   parameters =>
     "connect_settings": {
     },
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "refreshonly": true
*******************************************
+ Postgresql_psql[UPDATE pg_database SET datistemplate = false WHERE datname = 'swh-mirror'] =>
   parameters =>
     "connect_settings": {
     },
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 FROM pg_database WHERE datname = 'swh-mirror' AND datist...
*******************************************
+ Postgresql_psql[grant:database:GRANT swh-mirror - ALL - swh-mirror] =>
   parameters =>
     "command": "GRANT ALL ON DATABASE \"swh-mirror\" TO \"swh-mirror\"",
     "connect_settings": {
     },
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 WHERE has_database_privilege('swh-mirror', 'swh-mirror',...
*******************************************
+ Postgresql_psql[grant:database:swh-mirror] =>
   parameters =>
     "command": "GRANT CONNECT ON DATABASE \"swh-mirror\" TO \"guest\"",
     "connect_settings": {
     },
     "db": "postgres",
     "port": 5433,
     "psql_group": "postgres",
     "psql_path": "/usr/bin/psql",
     "psql_user": "postgres",
     "unless": "SELECT 1 WHERE has_database_privilege('guest', 'swh-mirror', 'CON...
*******************************************

Diff Detail

Repository
rSPSITE puppet-swh-site
Branch
staging
Lint
No Linters Available
Unit
No Unit Test Coverage
Build Status
Buildable 20952
Build 32516: arc lint + arc unit

Event Timeline

vsellier created this revision.
ardumont added a subscriber: ardumont.

lgtm

data/hostname/mirror-test.internal.staging.swh.network.yaml
61

Note sure this needs all that list but fine ;)

This revision is now accepted and ready to land.Apr 23 2021, 9:04 AM
data/hostname/mirror-test.internal.staging.swh.network.yaml
61

yes right, I will limit the list to the main database only.

limit the pre-configured databases to the main database + swh-mirror