github-personal/cozystack
1
0
Fork 0
mirror of https://github.com/outbackdingo/cozystack.git synced 2026-01-27 18:18:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

[postgres] Restrict password change for user postgres (#1164)

Browse Source 
Restrict password change for user postgres

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit

* **Chores**
  * Updated the chart version for Postgres from 0.16.0 to 0.17.0.
* Updated the versions map to reference the latest commit and added the
new version.

* **Bug Fixes**
* Enhanced initialization script to forbid creating a user named
"postgres," providing clear error messaging.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
This commit is contained in:
Andrei Kvapil
2025-07-08 09:25:11 +03:00
committed by GitHub
parent 45031055f8 f6eaca3843
commit 91a07dcda6
3 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packages/apps/postgres/Chart.yaml
View File

@@ -16,7 +16,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.16.0
version: 0.17.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to

4
packages/apps/postgres/templates/init-script.yaml
View File

@@ -38,7 +38,7 @@ stringData:
until pg_isready ; do sleep 5; done
echo "== create users"
{{- if .Values.users }}
{{- if and .Values.users (not (hasKey .Values.users "postgres")) }}
psql -v ON_ERROR_STOP=1 <<\EOT
{{- range $user, $u := .Values.users }}
SELECT 'CREATE ROLE "{{ $user }}" LOGIN INHERIT;'
@@ -47,6 +47,8 @@ stringData:
COMMENT ON ROLE "{{ $user }}" IS 'user managed by helm';
{{- end }}
EOT
{{- else if and .Values.users (hasKey .Values.users "postgres") }}
{{- fail "`users.postgres` is forbidden by policy. Use a different username." }}
{{- end }}
echo "== delete users"

3
packages/apps/versions_map
View File

@@ -102,7 +102,8 @@ postgres 0.12.0 6130f43d
postgres 0.12.1 632224a3
postgres 0.14.0 62cb694d
postgres 0.15.1 4369b031
postgres 0.16.0 HEAD
postgres 0.16.0 70f82667
postgres 0.17.0 HEAD
rabbitmq 0.1.0 263e47be
rabbitmq 0.2.0 53f2365e
rabbitmq 0.3.0 6c5cf5bf