Organize directories

packages/metamigo-db/scripts/afterCurrent.sh

@@ -0,0 +1,28 @@
+#!/bin/bash
+
+set -eu
+
+psql -Xv ON_ERROR_STOP=1 "${GM_DBURL}" <<EOF
+
+INSERT INTO app_public.users(email, name, user_role, is_active, created_by)
+VALUES('abel@guardianproject.info', 'Abel', 'admin'::app_public.role_type, true, 'afterCurrent Hook')
+on conflict (email) do nothing;
+
+INSERT INTO app_public.users(email, name, user_role, is_active, created_by)
+VALUES('darren@redaranj.com', 'Darren', 'admin'::app_public.role_type, true, 'afterCurrent Hook')
+on conflict (email) do nothing;
+
+INSERT INTO app_public.users(email, name, user_role, is_active, created_by)
+VALUES('jking@chambana.net', 'Josh', 'admin'::app_public.role_type, true, 'afterCurrent Hook')
+on conflict (email) do nothing;
+
+INSERT INTO app_public.settings(name, value)
+VALUES('app-setting', to_jsonb('this is a setting value stored as json text'::text))
+on conflict (name) do nothing;
+
+EOF
+
+if [[ -f "${PWD}/scripts/afterCurrent-private.sh" ]]; then
+	# shellcheck source=/dev/null
+	source "${PWD}/scripts/afterCurrent-private.sh"
+fi

packages/metamigo-db/scripts/afterReset.sql

@@ -0,0 +1,12 @@
+REVOKE ALL ON DATABASE :DATABASE_NAME FROM PUBLIC;
+GRANT CONNECT ON DATABASE :DATABASE_NAME TO :DATABASE_OWNER;
+GRANT CONNECT ON DATABASE :DATABASE_NAME TO :DATABASE_AUTHENTICATOR;
+GRANT ALL ON DATABASE :DATABASE_NAME TO :DATABASE_OWNER;
+grant app_anonymous to :DATABASE_VISITOR;
+grant app_user to :DATABASE_VISITOR;
+grant app_admin to :DATABASE_VISITOR;
+CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp" WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS citext WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS pgcrypto WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS tablefunc WITH SCHEMA public;

packages/metamigo-db/scripts/bootstrap.sh

@@ -0,0 +1,69 @@
+#!/bin/bash
+set -eu
+
+DATABASE_HOST=${POSTGRES_HOST:-}
+DATABASE_PORT=${POSTGRES_PORT:-5432}
+DATABASE_SUPERUSER=${POSTGRES_USER:-postgres}
+DATABASE_SUPERUSER_PASSWORD=${POSTGRES_PASSWORD:-metamigo}
+
+export PGPASSWORD=$DATABASE_SUPERUSER_PASSWORD
+
+# this script is run under two circumstances: with a local postgres and a remote postgres
+# local postgres: we should use the unix domain socket to connect
+# remote postgres: we should pass the --host param
+
+HOST_PARAM="--host="
+if [[ ! -z ${DATABASE_HOST} ]]; then
+	HOST_PARAM="--host=${DATABASE_HOST}"
+fi
+
+# wait for postgres process to settle
+set +e
+echo "pg_isready $HOST_PARAM --username $POSTGRES_USER --dbname template1"
+pg_isready "$HOST_PARAM" --username "$POSTGRES_USER" --dbname template1
+while ! pg_isready "$HOST_PARAM" --username "$POSTGRES_USER" --dbname template1; do
+	echo "$(date) - waiting for database to start"
+	sleep 10
+done
+set -e
+
+echo
+echo
+echo "Creating the database and the roles"
+# We're using 'template1' because we know it should exist. We should not actually change this database.
+psql -Xv ON_ERROR_STOP=1 "$HOST_PARAM" --username "$POSTGRES_USER" --dbname template1 <<EOF
+
+CREATE ROLE ${DATABASE_OWNER} WITH LOGIN PASSWORD '${DATABASE_OWNER_PASSWORD}';
+GRANT ${DATABASE_OWNER} TO ${DATABASE_SUPERUSER};
+CREATE ROLE ${DATABASE_AUTHENTICATOR} WITH LOGIN PASSWORD '${DATABASE_AUTHENTICATOR_PASSWORD}' NOINHERIT;
+CREATE ROLE ${DATABASE_VISITOR};
+GRANT ${DATABASE_VISITOR} TO ${DATABASE_AUTHENTICATOR};
+-- Create database
+CREATE DATABASE ${DATABASE_NAME} OWNER ${DATABASE_OWNER};
+-- Database permissions
+REVOKE ALL ON DATABASE ${DATABASE_NAME} FROM PUBLIC;
+GRANT ALL ON DATABASE ${DATABASE_NAME} TO ${DATABASE_OWNER};
+GRANT CONNECT ON DATABASE ${DATABASE_NAME} TO ${DATABASE_AUTHENTICATOR};
+EOF
+
+echo
+echo
+echo "Installing extensions into the database"
+psql -Xv ON_ERROR_STOP=1 "$HOST_PARAM" --username "$POSTGRES_USER" --dbname "$DATABASE_NAME" <<EOF
+CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog;
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp" WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS citext WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS pgcrypto WITH SCHEMA public;
+CREATE EXTENSION IF NOT EXISTS tablefunc WITH SCHEMA public;
+EOF
+
+echo
+echo
+echo "Creating roles in the database"
+psql -Xv ON_ERROR_STOP=1 "$HOST_PARAM" --username "$POSTGRES_USER" --dbname "$DATABASE_NAME" <<EOF
+CREATE ROLE app_anonymous;
+CREATE ROLE app_user WITH IN ROLE app_anonymous;
+CREATE ROLE app_admin WITH IN ROLE app_user;
+GRANT app_anonymous TO ${DATABASE_AUTHENTICATOR};
+GRANT app_admin TO ${DATABASE_AUTHENTICATOR};
+EOF

packages/metamigo-db/scripts/dump-db

@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+if [ "$GM_DBURL" = "" ]; then
+  echo "This script should only be ran from inside graphile-migrate";
+  exit 1;
+fi
+
+export COMPOSE_PROJECT_NAME
+
+# When ran inside docker-compose we need to be able to run a different pg_dump binary
+${PG_DUMP:-pg_dump} \
+  --no-sync \
+  --schema-only \
+  --no-owner \
+  --exclude-schema=graphile_migrate \
+  --exclude-schema=graphile_worker \
+  --file=../../data/schema.sql \
+  "$GM_DBURL"

packages/metamigo-db/scripts/dump-db.js

@@ -0,0 +1,31 @@
+const { spawn } = require("child_process");
+const findWorkspaceRoot = require("find-yarn-workspace-root");
+
+if (process.env.CI) {
+  process.exit(0);
+}
+
+const connectionString = process.env.GM_DBURL;
+if (!connectionString) {
+  console.error(
+    "This script should only be called from a graphile-migrate action."
+  );
+  process.exit(1);
+}
+
+spawn(
+  process.env.PG_DUMP || "pg_dump",
+  [
+    "--no-sync",
+    "--schema-only",
+    "--no-owner",
+    "--exclude-schema=graphile_migrate",
+    "--exclude-schema=graphile_worker",
+    `--file=${findWorkspaceRoot()}/data/schema.sql`,
+    connectionString,
+  ],
+  {
+    stdio: "inherit",
+    shell: true,
+  }
+);