Skip to content

Commit 71d7adb

Browse files
mblaze-damblaze-da
authored
add a psql subcommand to cncluster script for convenient DB inspection (#2672)
* add a psql subcommand to cncluster script for convenient DB inspection [static] Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com> * fix a hardcoded namespace in cncluster psql [static] Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com> * correct the DB name resolution in the cncluster psql command [static] Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com> * infer the schema name for search_path in cncluster psql subcommand based on application name [static] Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com> --------- Signed-off-by: Mateusz Błażejewski <mateusz.blazejewski@digitalasset.com>
1 parent 17b6627 commit 71d7adb

File tree

1 file changed

+150
-1
lines changed

1 file changed

+150
-1
lines changed

build-tools/cncluster

Lines changed: 150 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1474,6 +1474,8 @@ function subcmd_debug_shell() {
14741474
fi
14751475
repo="ghcr.io/digital-asset/decentralized-canton-sync-dev/docker"
14761476

1477+
local SHELL_COMMAND="${*:-/bin/bash}"
1478+
14771479
_info "Deploying debug pod on version $VERSION_NUMBER"
14781480
kubectl apply --wait -f - <<EOF
14791481
apiVersion: v1
@@ -1495,10 +1497,11 @@ spec:
14951497
effect: "NoSchedule"
14961498
EOF
14971499

1500+
# shellcheck disable=SC2086
14981501
( _info "Waiting for debug pod to become ready" && \
14991502
kubectl wait --for=condition=Ready pod splice-debug --timeout=30s && \
15001503
_info "Opening terminal on debug pod" && \
1501-
kubectl exec -it splice-debug -- /bin/bash ) || true
1504+
kubectl exec -it splice-debug -- $SHELL_COMMAND ) || true
15021505

15031506
_info "Deleting debug pod"
15041507
kubectl delete pod splice-debug
@@ -2188,6 +2191,152 @@ EOF
21882191
_update_cluster_config "$deployment_config" "operatorDeployment"
21892192
}
21902193

2194+
###
2195+
2196+
subcommand_whitelist[psql]=""
2197+
function subcmd_psql() {
2198+
_cluster_must_exist
2199+
2200+
if [ $# -ne 2 ]; then
2201+
_error "Usage: $SCRIPTNAME psql <namespace> <application>"
2202+
exit 1
2203+
fi
2204+
2205+
local NAMESPACE="$1"
2206+
local APPLICATION="$2"
2207+
2208+
_info "Retrieving DB connection info from pod description..."
2209+
local DB_INIT_COMMAND
2210+
DB_INIT_COMMAND=$(
2211+
kubectl describe pod \
2212+
--namespace "${NAMESPACE}" \
2213+
--selector "app=${APPLICATION}" \
2214+
| grep -i psql \
2215+
| sed -nE 's/^.*(psql.?*) 2>&1.*$/\1/p'
2216+
)
2217+
2218+
if [ -z "${DB_INIT_COMMAND}" ]; then
2219+
_error "Application ${APPLICATION} in namespace ${NAMESPACE} does not have an associated database."
2220+
exit 1
2221+
fi
2222+
2223+
eval "set -- $DB_INIT_COMMAND"
2224+
while [ $# -gt 0 ]; do
2225+
case "$1" in
2226+
-h|--host)
2227+
local DB_HOST="$2"
2228+
shift 2
2229+
;;
2230+
-h=*|--host=*)
2231+
local DB_HOST="${1#*=}"
2232+
shift
2233+
;;
2234+
-p|--port)
2235+
local DB_PORT="$2"
2236+
shift 2
2237+
;;
2238+
-p=*|--port=*)
2239+
local DB_PORT="${1#*=}"
2240+
shift
2241+
;;
2242+
-U|--username)
2243+
local DB_USERNAME="$2"
2244+
shift 2
2245+
;;
2246+
-U=*|--username=*)
2247+
local DB_USERNAME="${1#*=}"
2248+
shift
2249+
;;
2250+
-c|--command)
2251+
local DB_CREATE_STATEMENT="$2"
2252+
shift 2
2253+
;;
2254+
-c=*|--command=*)
2255+
local DB_CREATE_STATEMENT="${1#*=}"
2256+
shift
2257+
;;
2258+
*)
2259+
shift
2260+
;;
2261+
esac
2262+
done
2263+
2264+
if [ -z "${DB_HOST:-}" ]; then
2265+
_error "Failed to retrieve DB hostname from pod description."
2266+
exit 1
2267+
fi
2268+
2269+
if [ -z "${DB_PORT:-}" ]; then
2270+
_error "Failed to retrieve DB port from pod description."
2271+
exit 1
2272+
fi
2273+
2274+
if [ -z "${DB_USERNAME:-}" ]; then
2275+
_error "Failed to retrieve DB username from pod description."
2276+
exit 1
2277+
fi
2278+
2279+
# shellcheck disable=SC2086
2280+
set -- $DB_CREATE_STATEMENT
2281+
if [ "${1,,}" == "create" ] && [ "${2,,}" == "database" ] && [ -n "$3" ]; then
2282+
DB_NAME="$3"
2283+
else
2284+
_error "Failed to retrieve DB name from pod description."
2285+
exit 1
2286+
fi
2287+
2288+
local PASSWORD_REF
2289+
PASSWORD_REF=$(
2290+
kubectl get deployment \
2291+
--namespace "${NAMESPACE}" \
2292+
--output 'jsonpath={.spec.template.spec.initContainers[].env[?(@.name == "PGPASSWORD")].valueFrom.secretKeyRef}' \
2293+
"${APPLICATION}"
2294+
)
2295+
local SECRET_NAME
2296+
SECRET_NAME=$(jq -r '.name' <<< "$PASSWORD_REF")
2297+
local SECRET_KEY
2298+
SECRET_KEY=$(jq -r '.key' <<< "$PASSWORD_REF")
2299+
2300+
_info "Retrieving DB password from secret [${SECRET_NAME}]..."
2301+
local DB_PASSWORD
2302+
DB_PASSWORD=$(
2303+
kubectl get secret \
2304+
--namespace "${NAMESPACE}" \
2305+
--output "jsonpath={.data.${SECRET_KEY}}" \
2306+
"${SECRET_NAME}" \
2307+
| base64 --decode
2308+
)
2309+
2310+
if [ -z "${DB_PASSWORD}" ]; then
2311+
_error "Failed to retrieve DB password."
2312+
exit 1
2313+
fi
2314+
2315+
case "${APPLICATION}" in
2316+
participant-*)
2317+
local SEARCH_PATH="participant"
2318+
;;
2319+
sequencer-*)
2320+
local SEARCH_PATH="sequencer"
2321+
;;
2322+
mediator-*)
2323+
local SEARCH_PATH="mediator"
2324+
;;
2325+
*)
2326+
local SEARCH_PATH="$DB_NAME"
2327+
;;
2328+
esac
2329+
2330+
subcmd_debug_shell /bin/env \
2331+
PGPASSWORD="$DB_PASSWORD" \
2332+
PGOPTIONS="--search_path=${SEARCH_PATH},public" \
2333+
psql \
2334+
--host="$DB_HOST" \
2335+
--port="$DB_PORT" \
2336+
--username="$DB_USERNAME" \
2337+
--dbname="$DB_NAME"
2338+
}
2339+
21912340
################################
21922341
### Main
21932342
################################

0 commit comments

Comments
 (0)