fix: Server startup issue for external postgres

[abhvsn]

Description

We introduced the auth for embedded Postgres, but in pg-utils we missed on updating the pg_isready condition to resort to db host in case of external postgres url. This caused the pg_isready to never pass when user configure external postgres url as a persistence DB in Appsmith. This PR checks if the local postgres url is configured and accordingly modifies the pg_isready command to target the embedded host vs external host.

Why it did not get caught in our testing?
We are still investigating this but in local for some reason even if we opt for external Postgres DB embedded Postgres process is also initiating which runs the pg_isready against the embedded Postgres and startup goes through.

Fixes #Issue Number
or
Fixes Issue URL

Warning

If no issue exists, please create an issue first, and check with the maintainers if the issue is valid.

Automation

/ok-to-test tags=""

🔍 Cypress test results

Caution

If you modify the content in this section, you are likely to disrupt the CI result for your PR.

Communication

Should the DevRel and Marketing teams inform users about this change?

• Yes
• No

Summary by CodeRabbit

• New Features

  • Enhanced PostgreSQL connection handling with dynamic checks for local or remote instances.
  • Improved flexibility in connection strategy for better database accessibility.

• Bug Fixes

  • Updated connection commands to ensure proper usage of the new host proxy variable.

[coderabbitai]

Walkthrough

The changes in this pull request involve modifications to the pg-utils.sh script to enhance PostgreSQL connection handling. A conditional check for the PG_DB_HOST variable was added in the waitForPostgresAvailability function to determine if the connection should be made via Unix socket or a specified host. The init_pg_db function was also updated to reflect this new logic, ensuring that connection methods adapt based on whether the database is local or remote.

Changes

File Path	Change Summary
deploy/docker/fs/opt/appsmith/pg-utils.sh	- Added conditional check for PG_DB_HOST in waitForPostgresAvailability function. - Updated connection command to use host_proxy variable. - Modified init_pg_db function to adjust connection method based on local or remote database.

Possibly related PRs

• chore: Add postgres dependency for server to startup #36585: Introduces the waitForPostgresAvailability function in run-java.sh, enhancing PostgreSQL connection handling.
• chore: Add grants for appsmith user for embedded postgres #36664: Adds a new function for granting permissions and adjusts init_pg_db, relating to connection handling and database initialization.
• fix: use password while creating extension #36936: Updates init_pg_db to include a check for remote PostgreSQL servers, aligning with the main PR's focus.
• chore: Add host explicitly for pg_isready signal at the startup #37067: Specifies the host for the pg_isready check in entrypoint.sh, relating to enhancements in connection handling.
• chore: Add polling for embedded pg start to create appsmith DB #36854: Improves create_appsmith_pg_db by adding a polling mechanism for PostgreSQL readiness, complementing connection handling improvements.

Suggested labels

Bug, ok-to-test, Move to Postgres, DB Infrastructure Pod

Suggested reviewers

• sharat87
• pratapaprasanna

🎉 In the land of code where databases dwell,
A script was enhanced, oh, can you tell?
With checks for the host, both local and far,
PostgreSQL connections now shine like a star!
So raise up your glasses, let’s give a cheer,
For flexible connections, let’s all persevere! 🍻

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (4)

deploy/docker/fs/opt/appsmith/pg-utils.sh (4)

21-26: Add error handling for get_unix_socket_directory failure

The connection logic improvement looks good, but we should handle potential failures when getting the Unix socket directory.

    local host_proxy
    if [[ "$PG_DB_HOST" == "localhost" || "$PG_DB_HOST" == "127.0.0.1" ]]; then
-     host_proxy=$(get_unix_socket_directory)
+     host_proxy=$(get_unix_socket_directory) || {
+       tlog "Failed to get Unix socket directory"
+       exit 2
+     }
    else
      host_proxy=$PG_DB_HOST
    fi

---

Line range hint 155-156: Security: Avoid exposing database password in command line

Using PGPASSWORD in the command line could expose credentials in process listings. Consider using a connection configuration file or PGPASSFILE instead.

-      PGPASSWORD=$PG_DB_PASSWORD psql -h "$PG_DB_HOST" -p "$PG_DB_PORT" -U "$PG_DB_USER" -d "$PG_DB_NAME" -c "CREATE SCHEMA IF NOT EXISTS appsmith;"
+      # Create temporary pgpass file
+      echo "*:*:*:$PG_DB_USER:$PG_DB_PASSWORD" > ~/.pgpass.tmp
+      chmod 600 ~/.pgpass.tmp
+      PGPASSFILE=~/.pgpass.tmp psql -h "$PG_DB_HOST" -p "$PG_DB_PORT" -U "$PG_DB_USER" -d "$PG_DB_NAME" -c "CREATE SCHEMA IF NOT EXISTS appsmith;"
+      rm ~/.pgpass.tmp

---

Line range hint 158-159: Refactor: Extract pg_trgm extension creation to a function

The pg_trgm extension creation is duplicated for local and remote connections. Consider extracting it to a separate function.

+create_pg_trgm_extension() {
+    local host=$1
+    local port=$2
+    local user=$3
+    local db=$4
+    local conn_type=$5
+    
+    if [[ "$conn_type" == "local" ]]; then
+        local socket_dir=$(get_unix_socket_directory)
+        psql -h "$socket_dir" -p "$port" -U "$POSTGRES_ADMIN_USER" -d "$db" \
+            -c "CREATE EXTENSION IF NOT EXISTS pg_trgm;"
+    else
+        PGPASSFILE=~/.pgpass.tmp psql -h "$host" -p "$port" -U "$user" -d "$db" \
+            -c "CREATE EXTENSION IF NOT EXISTS pg_trgm;"
+    fi
+}

---

Line range hint 161-167: Improve error handling consistency

The schema creation success check should be specific to each path (local/remote) as they have different error conditions and requirements.

-    # Check if the schema creation was successful
-    if [ $? -eq 0 ]; then
-      echo "Schema 'appsmith' created or already exists."
-    else
-      echo "Failed to create schema 'appsmith'."
-      exit 1
-    fi
+    check_schema_exists() {
+        local schema_exists
+        if [[ "$PG_DB_HOST" == "localhost" || "$PG_DB_HOST" == "127.0.0.1" ]]; then
+            schema_exists=$(psql -h "$unix_socket_directory" -p "$PG_DB_PORT" -U "$POSTGRES_ADMIN_USER" \
+                -d "$PG_DB_NAME" -tAc "SELECT 1 FROM information_schema.schemata WHERE schema_name='appsmith'")
+        else
+            schema_exists=$(PGPASSFILE=~/.pgpass.tmp psql -h "$PG_DB_HOST" -p "$PG_DB_PORT" \
+                -U "$PG_DB_USER" -d "$PG_DB_NAME" -tAc "SELECT 1 FROM information_schema.schemata WHERE schema_name='appsmith'")
+        fi
+        
+        if [ "$schema_exists" != "1" ]; then
+            echo "Failed to create schema 'appsmith'."
+            exit 1
+        fi
+        echo "Schema 'appsmith' created or already exists."
+    }
+    
+    check_schema_exists

📜 Review details

Configuration used: .coderabbit.yaml
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between 14a1692 and f4cb306.

📒 Files selected for processing (1)

• deploy/docker/fs/opt/appsmith/pg-utils.sh (1 hunks)

🔇 Additional comments (1)

deploy/docker/fs/opt/appsmith/pg-utils.sh (1)

Line range hint 1-1: Verify external PostgreSQL connectivity

The changes look good for handling external PostgreSQL connections. Let's verify the connectivity handling:

✅ Verification successful

Let me analyze the actual implementation of these files to ensure proper connection handling across all PostgreSQL-related scripts.

---

External PostgreSQL connectivity handling is properly implemented

The implementation correctly handles both local and remote PostgreSQL connections with proper error handling and security measures:

• Comprehensive connection string parsing
• Proper socket directory detection for local connections
• Robust retry mechanism with detailed error states
• Correct schema and permission handling for both local and remote setups
• Well-tested functionality as evidenced by test cases

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check for any hardcoded PostgreSQL connection strings or host references
rg -l "postgresql://" --type sh
rg -l "localhost:5432|127.0.0.1:5432" --type sh

# Look for any other files that might need similar connection handling updates
fd -t f -e sh | xargs grep -l "psql\|pg_isready"

Length of output: 796

---

Script:

#!/bin/bash
# Check the content of pg-utils.sh and related test file
cat deploy/docker/fs/opt/appsmith/pg-utils.sh
echo "---"
cat deploy/docker/tests/test-pg-utils.sh

# Check if entrypoint.sh and pg-upgrade.sh have proper connection handling
cat deploy/docker/fs/opt/appsmith/entrypoint.sh | grep -A 5 -B 5 "psql\|pg_isready"
echo "---"
cat deploy/docker/fs/opt/appsmith/pg-upgrade.sh | grep -A 5 -B 5 "psql\|pg_isready"

Length of output: 12503