@@ -13,14 +13,39 @@ set -euo pipefail
1313: " ${POSTGRES_PASSWORD:? Must set POSTGRES_PASSWORD} "
1414: " ${EVENTS_MIGRATOR_POSTGRES_PASSWORD:? Must set EVENTS_MIGRATOR_POSTGRES_PASSWORD} "
1515: " ${EVENTS_APP_POSTGRES_PASSWORD:? Must set EVENTS_APP_POSTGRES_PASSWORD} "
16+ : " ${ANALYTICS_POSTGRES_PASSWORD:? Must set ANALYTICS_POSTGRES_PASSWORD} "
17+ : " ${ANALYTICS_POSTGRES_USER:? Must set ANALYTICS_POSTGRES_USER} "
1618: " ${EVENTS_APP_ROLE:= events_app} "
1719: " ${EVENTS_MIGRATOR_ROLE:= events_migrator} "
20+ : " ${KEEP_ALIVE_SECONDS:= 0} " # Prevent Swarm from marking this task as failed due to early exit
1821: " ${TARGET_DB:= events} "
1922
2023
2124TARGET_DB=${TARGET_DB// -/ _}
2225export PGPASSWORD=" $POSTGRES_PASSWORD "
2326
27+
28+ create_or_update_role () {
29+ local role=$1
30+ local password=$2
31+ local db=$3
32+ echo " Creating or updating role '$role ' with access to database '$db '..."
33+ PGPASSWORD=" $POSTGRES_PASSWORD " " $POSTGRES_HOST " " $POSTGRES_PORT "
34+ -U " $POSTGRES_USER " << EOSQL
35+ DO \$\$
36+ BEGIN
37+ IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = '${role} ') THEN
38+ EXECUTE format('CREATE ROLE %I LOGIN PASSWORD %L', '${role} ', '${password} ');
39+ ELSE
40+ EXECUTE format('ALTER ROLE %I WITH PASSWORD %L', '${role} ', '${password} ');
41+ END IF;
42+
43+ EXECUTE format('GRANT CONNECT ON DATABASE %I TO %I', '${db} ', '${role} ');
44+ END
45+ \$\$ ;
46+ EOSQL
47+ }
48+
2449echo " Waiting for PostgreSQL to be ready at ${POSTGRES_HOST} :${POSTGRES_PORT} ..."
2550until psql -h " $POSTGRES_HOST " " $POSTGRES_PORT "
2651 -U " $POSTGRES_USER " ' \q' 2> /dev/null; do
@@ -35,60 +60,19 @@ DB_EXISTS=$(psql -qtAX -h "$POSTGRES_HOST" -p "$POSTGRES_PORT" \
3560 -U " $POSTGRES_USER "
3661 -c " SELECT 1 FROM pg_database WHERE datname = '$TARGET_DB ';" )
3762
38- # --- Check role existence ---
39- MIGRATOR_ROLE_EXISTS=$(
40- psql -qtAX -h " $POSTGRES_HOST " " $POSTGRES_PORT "
41- -U " $POSTGRES_USER "
42- -c " SELECT 1 FROM pg_roles WHERE rolname = '${EVENTS_MIGRATOR_ROLE} ';"
43- )
44- APP_ROLE_EXISTS=$(
45- psql -qtAX -h " $POSTGRES_HOST " " $POSTGRES_PORT "
46- -U " $POSTGRES_USER "
47- -c " SELECT 1 FROM pg_roles WHERE rolname = '${EVENTS_APP_ROLE} ';"
48- )
49-
5063echo " [1/3] Cluster-wide setup..."
5164if [[ " $DB_EXISTS " == " 1" ; then
52- echo " ✅ Database '$TARGET_DB ' already exists. Updating passwords."
53- # Create roles if missing, alter password if they exist
54- if [ " $MIGRATOR_ROLE_EXISTS " != " 1" ; then
55- echo " Creating role ${EVENTS_MIGRATOR_ROLE} ..."
56- psql -v ON_ERROR_STOP=1 -h " $POSTGRES_HOST " " $POSTGRES_PORT "
57- -U " $POSTGRES_USER "
58- -c " CREATE ROLE ${EVENTS_MIGRATOR_ROLE} WITH LOGIN PASSWORD '${EVENTS_MIGRATOR_POSTGRES_PASSWORD} ';"
59- else
60- echo " ALTERING password for ${EVENTS_MIGRATOR_ROLE} ..."
61- psql -v ON_ERROR_STOP=1 -h " $POSTGRES_HOST " " $POSTGRES_PORT "
62- -U " $POSTGRES_USER "
63- -c " ALTER ROLE ${EVENTS_MIGRATOR_ROLE} WITH PASSWORD '${EVENTS_MIGRATOR_POSTGRES_PASSWORD} ';"
64- fi
65-
66- if [ " $APP_ROLE_EXISTS " != " 1" ; then
67- echo " Creating role ${EVENTS_APP_ROLE} ..."
68- psql -v ON_ERROR_STOP=1 -h " $POSTGRES_HOST " " $POSTGRES_PORT "
69- -U " $POSTGRES_USER "
70- -c " CREATE ROLE ${EVENTS_APP_ROLE} WITH LOGIN PASSWORD '${EVENTS_APP_POSTGRES_PASSWORD} ';"
71- else
72- echo " ALTERING password for ${EVENTS_APP_ROLE} ..."
73- psql -v ON_ERROR_STOP=1 -h " $POSTGRES_HOST " " $POSTGRES_PORT "
74- -U " $POSTGRES_USER "
75- -c " ALTER ROLE ${EVENTS_APP_ROLE} WITH PASSWORD '${EVENTS_APP_POSTGRES_PASSWORD} ';"
76- fi
77-
78- echo " Passwords updated. Skipping initialization."
65+ echo " ✅ Database '$TARGET_DB ' already exists."
7966else
8067 echo " Database '$TARGET_DB ' does not exist. Proceeding with initialization."
81- psql -v ON_ERROR_STOP=1 -h " $POSTGRES_HOST " " $POSTGRES_PORT "
82- -U " $POSTGRES_USER " << EOF || { echo "❌ Cluster-wide SQL failed"; exit 1; }
83- CREATE DATABASE "$TARGET_DB ";
84-
85- CREATE ROLE ${EVENTS_MIGRATOR_ROLE} WITH LOGIN PASSWORD '${EVENTS_MIGRATOR_POSTGRES_PASSWORD} ';
86- CREATE ROLE ${EVENTS_APP_ROLE} WITH LOGIN PASSWORD '${EVENTS_APP_POSTGRES_PASSWORD} ';
87-
88- GRANT CONNECT ON DATABASE "$TARGET_DB " TO ${EVENTS_MIGRATOR_ROLE} , ${EVENTS_APP_ROLE} ;
89- EOF
68+ psql -v ON_ERROR_STOP=1 -h " $POSTGRES_HOST " " $POSTGRES_PORT " " $POSTGRES_USER "
69+ -c " CREATE DATABASE ${TARGET_DB} ;" || echo " ❌ Cluster-wide SQL failed" ; exit 1;
9070fi
9171
72+ create_or_update_role " $EVENTS_MIGRATOR_ROLE " " $EVENTS_MIGRATOR_POSTGRES_PASSWORD " " $TARGET_DB "
73+ create_or_update_role " $EVENTS_APP_ROLE " " $EVENTS_APP_POSTGRES_PASSWORD " " $TARGET_DB "
74+ create_or_update_role " $ANALYTICS_POSTGRES_USER " " $ANALYTICS_POSTGRES_PASSWORD " " $TARGET_DB "
75+
9276echo " Checking if schema app in DB '$TARGET_DB ' exists..."
9377SCHEMA_EXISTS=$( psql -qtAX -h " $POSTGRES_HOST " " $POSTGRES_PORT "
9478 -U " $POSTGRES_USER " $TARGET_DB \
@@ -115,4 +99,6 @@ GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA app TO ${EVENTS_APP
11599ALTER DEFAULT PRIVILEGES IN SCHEMA app GRANT SELECT, INSERT, UPDATE, DELETE ON TABLES TO ${EVENTS_APP_ROLE} ;
116100EOF
117101
118- echo " ✅ PostgreSQL setup completed successfully."
102+ sleep " $KEEP_ALIVE_SECONDS "
103+
104+ echo " ✅ PostgreSQL setup completed successfully."
0 commit comments