open-telemetry · cyrille-leclerc · Oct 20, 2025 · Oct 20, 2025 · Oct 22, 2025 · cyrille-leclerc
@@ -157,8 +157,7 @@ VALKEY_ADDR=valkey-cart:${VALKEY_PORT}
 # Postgres
 POSTGRES_HOST=postgresql
 POSTGRES_PORT=5432
-POSTGRES_DB=otel
-POSTGRES_PASSWORD=otel
+POSTGRES_PASSWORD=posgres_password
 POSTGRES_DOCKERFILE=./src/postgres/Dockerfile
 
 # ********************

@@ -16,6 +16,11 @@ the release.
 * [chore] Upgrade OpenFeature and add fix deprecation warnings for dependency
   injection
   ([#2644](https://github.com/open-telemetry/opentelemetry-demo/pull/2644))
+* [postgres] Showcase Postgresql monitoring using a dedicated monitoring
+  user and the role `pg_monitor`
+  ([#2665](https://github.com/open-telemetry/opentelemetry-demo/pull/2665))
+* [postgres] More realistic database name `otel` -> `shop_db`
+  ([#2665](https://github.com/open-telemetry/opentelemetry-demo/pull/2665))
 
 ## 2.1.3
 

@@ -37,7 +37,7 @@ services:
       - OTEL_EXPORTER_OTLP_METRICS_TEMPORALITY_PREFERENCE
       - OTEL_RESOURCE_ATTRIBUTES
       - OTEL_SERVICE_NAME=accounting
-      - DB_CONNECTION_STRING=Host=${POSTGRES_HOST};Username=otelu;Password=otelp;Database=${POSTGRES_DB}
+      - DB_CONNECTION_STRING=Host=${POSTGRES_HOST};Username=shop_user;Password=shop_password;Database=shop_db
       - OTEL_DOTNET_AUTO_TRACES_ENTITYFRAMEWORKCORE_INSTRUMENTATION_ENABLED=false
     depends_on:
       otel-collector:
@@ -721,9 +721,7 @@ services:
     ports:
       - ${POSTGRES_PORT}
     environment:
-      - POSTGRES_USER=root
       - POSTGRES_PASSWORD
-      - POSTGRES_DB
     logging: *logging
 
   # Valkey used by Cart service
@@ -822,6 +820,7 @@ services:
       - OTEL_COLLECTOR_PORT_HTTP
       - POSTGRES_HOST
       - POSTGRES_PORT
+      - POSTGRES_USER
       - POSTGRES_PASSWORD
       - GOMEMLIMIT=160MiB
 

@@ -18549,7 +18549,7 @@ spec:
             - name: OTEL_EXPORTER_OTLP_ENDPOINT
               value: http://$(OTEL_COLLECTOR_NAME):4318
             - name: DB_CONNECTION_STRING
-              value: Host=postgresql;Username=otelu;Password=otelp;Database=otel
+              value: Host=postgresql;Username=shop_db;Password=shop_db_p;Database=shop_db
             - name: OTEL_DOTNET_AUTO_TRACES_ENTITYFRAMEWORKCORE_INSTRUMENTATION_ENABLED
               value: "false"
             - name: OTEL_RESOURCE_ATTRIBUTES

@@ -22,8 +22,8 @@ receivers:
     endpoint: unix:///var/run/docker.sock
   postgresql:
     endpoint: ${POSTGRES_HOST}:${POSTGRES_PORT}
-    username: root
-    password: ${POSTGRES_PASSWORD}
+    username: monitoring_user
+    password: monitoring_password
     metrics:
       postgresql.blks_hit:
         enabled: true

@@ -1,15 +1,42 @@
 -- Copyright The OpenTelemetry Authors
 -- SPDX-License-Identifier: Apache-2.0
 
-CREATE USER otelu WITH PASSWORD 'otelp';
+-- Create the shop_db database if it does not exist (uses psql \gexec)
+SELECT 'CREATE DATABASE shop_db' WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'shop_db')\gexec
 
+-- Create shop_user (idempotent)
+DO
+$$
+BEGIN
+  IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'shop_user') THEN
+    CREATE ROLE shop_user LOGIN PASSWORD 'shop_password';
+  END IF;
+END
+$$;
 
--- Create a table
-CREATE TABLE "order" (
+-- Ensure monitoring_user exists (idempotent)
+DO
+$$
+BEGIN
+  IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'monitoring_user') THEN
+    CREATE ROLE monitoring_user LOGIN PASSWORD 'monitoring_password';
+  END IF;
+END
+$$;
+
+-- Give connect privileges on the database to the users
+GRANT CONNECT ON DATABASE shop_db TO shop_user;
+GRANT CONNECT ON DATABASE shop_db TO monitoring_user;
+
+-- Switch to the shop_db database to create tables and grant schema/table privileges
+\connect shop_db
+
+-- Create tables inside shop_db (idempotent)
+CREATE TABLE IF NOT EXISTS "order" (
     order_id TEXT PRIMARY KEY
 );
 
-CREATE TABLE shipping (
+CREATE TABLE IF NOT EXISTS shipping (
     shipping_tracking_id TEXT PRIMARY KEY,
     shipping_cost_currency_code TEXT NOT NULL,
     shipping_cost_units BIGINT NOT NULL,
@@ -23,7 +50,7 @@ CREATE TABLE shipping (
     FOREIGN KEY (order_id) REFERENCES "order"(order_id) ON DELETE CASCADE
 );
 
-CREATE TABLE orderitem (
+CREATE TABLE IF NOT EXISTS orderitem (
     item_cost_currency_code TEXT NOT NULL,
     item_cost_units BIGINT NOT NULL,
     item_cost_nanos INT NOT NULL,
@@ -34,4 +61,13 @@ CREATE TABLE orderitem (
     FOREIGN KEY (order_id) REFERENCES "order"(order_id) ON DELETE CASCADE
 );
 
-GRANT SELECT, INSERT, UPDATE ON ALL TABLES IN SCHEMA public TO otelu;
+-- Grant read/write privileges on existing and future tables to shop_user
+GRANT SELECT, INSERT, UPDATE ON ALL TABLES IN SCHEMA public TO shop_user;
+ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT, INSERT, UPDATE ON TABLES TO shop_user;
+
+-- Grant monitoring privileges to monitoring_user
+GRANT pg_monitor TO monitoring_user;
+GRANT USAGE ON SCHEMA public TO monitoring_user;
+GRANT SELECT ON ALL TABLES IN SCHEMA public TO monitoring_user;
+ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO monitoring_user;
+