From 2bf99c2edf339040ebeb1bb9f8509db77a85c64a Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Fri, 6 Feb 2026 15:20:20 +0200 Subject: [PATCH 1/8] CROSSLINK-203 Use default schema for crosslink broker --- broker/dbutil/dbutil.go | 2 +- broker/docker-compose.yml | 3 ++- broker/init.sql | 1 + 3 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 broker/init.sql diff --git a/broker/dbutil/dbutil.go b/broker/dbutil/dbutil.go index 09f90a0d..7378454e 100644 --- a/broker/dbutil/dbutil.go +++ b/broker/dbutil/dbutil.go @@ -11,7 +11,7 @@ import ( ) func GetConnectionString(typ, user, pass, host, port, db string) string { - return fmt.Sprintf("%s://%s:%s@%s:%s/%s?sslmode=disable", typ, user, pass, host, port, db) + return fmt.Sprintf("%s://%s:%s@%s:%s/%s?sslmode=disable&search_path=crosslink_broker", typ, user, pass, host, port, db) } func InitDbPool(connStr string) (*pgxpool.Pool, error) { diff --git a/broker/docker-compose.yml b/broker/docker-compose.yml index 774e98ac..233ec1ed 100644 --- a/broker/docker-compose.yml +++ b/broker/docker-compose.yml @@ -11,4 +11,5 @@ services: ports: - "25432:5432" volumes: - - ./pg_data:/var/lib/postgresql \ No newline at end of file + - ./pg_data:/var/lib/postgresql + - ./init.sql:/docker-entrypoint-initdb.d/init.sql \ No newline at end of file diff --git a/broker/init.sql b/broker/init.sql new file mode 100644 index 00000000..350c4877 --- /dev/null +++ b/broker/init.sql @@ -0,0 +1 @@ +CREATE SCHEMA IF NOT EXISTS crosslink_broker; \ No newline at end of file From 0c0bb4253459aeafec978196fb334c3ebf073e3d Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Tue, 10 Feb 2026 17:16:57 +0200 Subject: [PATCH 2/8] CROSSLINK-203 Update readme file --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 34d46982..c14e8965 100644 --- a/README.md +++ b/README.md @@ -61,3 +61,5 @@ Charts use the `LoadBalancer` service type by default, you can change this durin ``` --set service.type=ClusterIP ``` + +For any installation DB schema `crosslink_broker` must be created and application DB user must have privileges to use this schema \ No newline at end of file From e453e4da24020a36e8b695dea0bff7f7f17d9314 Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Tue, 10 Feb 2026 17:46:20 +0200 Subject: [PATCH 3/8] CROSSLINK-203 Add schema creation to migration script --- README.md | 4 +++- broker/docker-compose.yml | 3 +-- broker/init.sql | 1 - broker/migrations/001_create_tables.down.sql | 2 ++ broker/migrations/001_create_tables.up.sql | 2 ++ 5 files changed, 8 insertions(+), 4 deletions(-) delete mode 100644 broker/init.sql diff --git a/README.md b/README.md index c14e8965..d6bff6aa 100644 --- a/README.md +++ b/README.md @@ -62,4 +62,6 @@ Charts use the `LoadBalancer` service type by default, you can change this durin --set service.type=ClusterIP ``` -For any installation DB schema `crosslink_broker` must be created and application DB user must have privileges to use this schema \ No newline at end of file +For any installation application DB user must have privileges to create schema. +Database migrations will create and update all required tables and other objects +inside the selected schema. \ No newline at end of file diff --git a/broker/docker-compose.yml b/broker/docker-compose.yml index 233ec1ed..774e98ac 100644 --- a/broker/docker-compose.yml +++ b/broker/docker-compose.yml @@ -11,5 +11,4 @@ services: ports: - "25432:5432" volumes: - - ./pg_data:/var/lib/postgresql - - ./init.sql:/docker-entrypoint-initdb.d/init.sql \ No newline at end of file + - ./pg_data:/var/lib/postgresql \ No newline at end of file diff --git a/broker/init.sql b/broker/init.sql deleted file mode 100644 index 350c4877..00000000 --- a/broker/init.sql +++ /dev/null @@ -1 +0,0 @@ -CREATE SCHEMA IF NOT EXISTS crosslink_broker; \ No newline at end of file diff --git a/broker/migrations/001_create_tables.down.sql b/broker/migrations/001_create_tables.down.sql index d795e073..4028b5eb 100644 --- a/broker/migrations/001_create_tables.down.sql +++ b/broker/migrations/001_create_tables.down.sql @@ -4,6 +4,8 @@ DROP TABLE located_supplier; DROP TABLE ill_transaction; DROP TABLE peer; +DROP SCHEMA crosslink_broker; + diff --git a/broker/migrations/001_create_tables.up.sql b/broker/migrations/001_create_tables.up.sql index 416c7e17..62e8a7bd 100644 --- a/broker/migrations/001_create_tables.up.sql +++ b/broker/migrations/001_create_tables.up.sql @@ -1,3 +1,5 @@ +CREATE SCHEMA IF NOT EXISTS crosslink_broker; + CREATE TABLE peer ( id VARCHAR PRIMARY KEY, From 2f407624fd4ae91b438bbce8b5356cc697943393 Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Tue, 10 Feb 2026 18:47:31 +0200 Subject: [PATCH 4/8] CROSSLINK-203 Improve DB script --- README.md | 7 ++++--- broker/migrations/001_create_tables.down.sql | 2 -- broker/migrations/001_create_tables.up.sql | 4 +++- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index d6bff6aa..251f9180 100644 --- a/README.md +++ b/README.md @@ -62,6 +62,7 @@ Charts use the `LoadBalancer` service type by default, you can change this durin --set service.type=ClusterIP ``` -For any installation application DB user must have privileges to create schema. -Database migrations will create and update all required tables and other objects -inside the selected schema. \ No newline at end of file +For any installation, the application database user must have privileges to create schemas in the database +(for example, the `CREATE` privilege on the database or the ability to run `CREATE SCHEMA`). +Database migrations will create and update all required tables and other objects in the `crosslink_broker` schema, +which is selected via the PostgreSQL `search_path`. \ No newline at end of file diff --git a/broker/migrations/001_create_tables.down.sql b/broker/migrations/001_create_tables.down.sql index 4028b5eb..d795e073 100644 --- a/broker/migrations/001_create_tables.down.sql +++ b/broker/migrations/001_create_tables.down.sql @@ -4,8 +4,6 @@ DROP TABLE located_supplier; DROP TABLE ill_transaction; DROP TABLE peer; -DROP SCHEMA crosslink_broker; - diff --git a/broker/migrations/001_create_tables.up.sql b/broker/migrations/001_create_tables.up.sql index 62e8a7bd..c4d2f04c 100644 --- a/broker/migrations/001_create_tables.up.sql +++ b/broker/migrations/001_create_tables.up.sql @@ -1,4 +1,6 @@ -CREATE SCHEMA IF NOT EXISTS crosslink_broker; +CREATE SCHEMA IF NOT EXISTS crosslink_broker AUTHORIZATION crosslink_broker; + +SET search_path TO crosslink_broker; CREATE TABLE peer ( From 701c9ce1f92cb61cb34201467119f06a56090d5a Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Tue, 10 Feb 2026 19:22:10 +0200 Subject: [PATCH 5/8] CROSSLINK-203 Fix copilot comments --- broker/app/app.go | 5 +++-- broker/dbutil/dbutil.go | 2 +- broker/migrations/001_create_tables.up.sql | 3 ++- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/broker/app/app.go b/broker/app/app.go index 1c7ca8bd..23a73958 100644 --- a/broker/app/app.go +++ b/broker/app/app.go @@ -48,6 +48,7 @@ var DB_HOST = utils.GetEnv("DB_HOST", "localhost") var DB_PORT = utils.GetEnv("DB_PORT", "25432") var DB_DATABASE = utils.GetEnv("DB_DATABASE", "crosslink") var ConnectionString = dbutil.GetConnectionString(DB_TYPE, DB_USER, DB_PASSWORD, DB_HOST, DB_PORT, DB_DATABASE) +var ConnectionStringSchema = "&search_path=crosslink_broker" var API_PAGE_SIZE int32 = int32(utils.Must(utils.GetEnvInt("API_PAGE_SIZE", int(api.LIMIT_DEFAULT)))) var MigrationsFolder = "file://migrations" var ENABLE_JSON_LOG = utils.GetEnv("ENABLE_JSON_LOG", "false") @@ -264,7 +265,7 @@ func RunMigrateScripts() error { } func InitDbPool() (*pgxpool.Pool, error) { - dbPool, err := dbutil.InitDbPool(ConnectionString) + dbPool, err := dbutil.InitDbPool(ConnectionString + ConnectionStringSchema) if err != nil { return nil, fmt.Errorf("unable to create pool to database: %w", err) } @@ -278,7 +279,7 @@ func CreateEventRepo(dbPool *pgxpool.Pool) events.EventRepo { } func CreateEventBus(eventRepo events.EventRepo) events.EventBus { - eventBus := events.NewPostgresEventBus(eventRepo, ConnectionString) + eventBus := events.NewPostgresEventBus(eventRepo, ConnectionString+ConnectionStringSchema) return eventBus } diff --git a/broker/dbutil/dbutil.go b/broker/dbutil/dbutil.go index 7378454e..09f90a0d 100644 --- a/broker/dbutil/dbutil.go +++ b/broker/dbutil/dbutil.go @@ -11,7 +11,7 @@ import ( ) func GetConnectionString(typ, user, pass, host, port, db string) string { - return fmt.Sprintf("%s://%s:%s@%s:%s/%s?sslmode=disable&search_path=crosslink_broker", typ, user, pass, host, port, db) + return fmt.Sprintf("%s://%s:%s@%s:%s/%s?sslmode=disable", typ, user, pass, host, port, db) } func InitDbPool(connStr string) (*pgxpool.Pool, error) { diff --git a/broker/migrations/001_create_tables.up.sql b/broker/migrations/001_create_tables.up.sql index c4d2f04c..b2769538 100644 --- a/broker/migrations/001_create_tables.up.sql +++ b/broker/migrations/001_create_tables.up.sql @@ -1,4 +1,5 @@ -CREATE SCHEMA IF NOT EXISTS crosslink_broker AUTHORIZATION crosslink_broker; +CREATE ROLE crosslink_broker PASSWORD 'tenant' NOSUPERUSER NOCREATEDB INHERIT LOGIN; +CREATE SCHEMA IF NOT EXISTS crosslink_broker; SET search_path TO crosslink_broker; From 4d0af765912ea3c325d104b0dcb4d9807cc843b9 Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Tue, 10 Feb 2026 20:44:52 +0200 Subject: [PATCH 6/8] CROSSLINK-203 Fix tests --- broker/ill_db/illrepo_test.go | 2 +- broker/test/events/eventbus_test.go | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/broker/ill_db/illrepo_test.go b/broker/ill_db/illrepo_test.go index 86c2de3a..c276e574 100644 --- a/broker/ill_db/illrepo_test.go +++ b/broker/ill_db/illrepo_test.go @@ -31,7 +31,7 @@ func TestMain(m *testing.M) { ctx, pgc, connStr, err := test.StartPGContainer() test.Expect(err, "failed to start db container") pgIllRepo := new(PgIllRepo) - pgIllRepo.Pool, err = dbutil.InitDbPool(connStr) + pgIllRepo.Pool, err = dbutil.InitDbPool(connStr + "&search_path=crosslink_broker") test.Expect(err, "failed to create ill repo") defer pgIllRepo.Pool.Close() _, _, _, err = dbutil.RunMigrateScripts("file://../migrations", connStr) diff --git a/broker/test/events/eventbus_test.go b/broker/test/events/eventbus_test.go index 9c1facea..bca48f34 100644 --- a/broker/test/events/eventbus_test.go +++ b/broker/test/events/eventbus_test.go @@ -52,7 +52,7 @@ func TestMain(m *testing.M) { err = app.RunMigrateScripts() test.Expect(err, "failed to run migrations") - dbPool, err := dbutil.InitDbPool(connStr) + dbPool, err := dbutil.InitDbPool(connStr + app.ConnectionStringSchema) test.Expect(err, "failed to init db pool") eventRepo = app.CreateEventRepo(dbPool) @@ -73,7 +73,7 @@ func TestMultipleEventHandlers(t *testing.T) { receivedAr := make([][]events.Event, noPools) ctx := context.Background() for i := 0; i < noPools; i++ { - dbPool, err := dbutil.InitDbPool(app.ConnectionString) + dbPool, err := dbutil.InitDbPool(app.ConnectionString + app.ConnectionStringSchema) assert.NoError(t, err, "failed to init db pool") defer dbPool.Close() @@ -130,7 +130,7 @@ func TestBroadcastEventHandlers(t *testing.T) { receivedAr := make([][]events.Event, noPools) ctx := context.Background() for i := 0; i < noPools; i++ { - dbPool, err := dbutil.InitDbPool(app.ConnectionString) + dbPool, err := dbutil.InitDbPool(app.ConnectionString + app.ConnectionStringSchema) assert.NoError(t, err, "failed to init db pool") defer dbPool.Close() From 1cd035a263902a46ee9c1a3b1ca1ef151503e2bc Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Tue, 10 Feb 2026 20:55:44 +0200 Subject: [PATCH 7/8] CROSSLINK-203 Add check for role --- broker/migrations/001_create_tables.up.sql | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/broker/migrations/001_create_tables.up.sql b/broker/migrations/001_create_tables.up.sql index b2769538..c5f4c772 100644 --- a/broker/migrations/001_create_tables.up.sql +++ b/broker/migrations/001_create_tables.up.sql @@ -1,4 +1,11 @@ -CREATE ROLE crosslink_broker PASSWORD 'tenant' NOSUPERUSER NOCREATEDB INHERIT LOGIN; +DO $$ + BEGIN + IF NOT EXISTS (SELECT FROM pg_catalog.pg_roles WHERE rolname = 'crosslink_broker') THEN + CREATE ROLE crosslink_broker PASSWORD 'tenant' NOSUPERUSER NOCREATEDB INHERIT LOGIN; + END IF; + END +$$; + CREATE SCHEMA IF NOT EXISTS crosslink_broker; SET search_path TO crosslink_broker; From 7223813b714a58f782ce7461ebae7233479e22a6 Mon Sep 17 00:00:00 2001 From: Janis Saldabols Date: Wed, 11 Feb 2026 12:35:51 +0200 Subject: [PATCH 8/8] CROSSLINK-203 Add check for role --- broker/migrations/001_create_tables.up.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/broker/migrations/001_create_tables.up.sql b/broker/migrations/001_create_tables.up.sql index c5f4c772..7fa8b2ab 100644 --- a/broker/migrations/001_create_tables.up.sql +++ b/broker/migrations/001_create_tables.up.sql @@ -6,7 +6,7 @@ DO $$ END $$; -CREATE SCHEMA IF NOT EXISTS crosslink_broker; +CREATE SCHEMA IF NOT EXISTS crosslink_broker AUTHORIZATION crosslink_broker; SET search_path TO crosslink_broker;