Skip to content

Conversation

sinclert-canonical
Copy link
Contributor

This is the 4th PR to introduce LDAP support into PostgreSQL. The complete list of changes can be seen in this branch.

Contents

This PR leverages the upcoming ldap-sync snap service in order to start the synchronization of LDAP users whenever the PostgreSQL-K8s charm relates to the GLAuth-K8s one.

References

@sinclert-canonical sinclert-canonical added the enhancement New feature, UI change, or workload upgrade label Apr 16, 2025
@sinclert-canonical sinclert-canonical force-pushed the ldap-integration/pebble-service branch from 3e41c2f to c4ea0b3 Compare April 16, 2025 07:13
Copy link

codecov bot commented Apr 16, 2025

Codecov Report

Attention: Patch coverage is 42.00000% with 29 lines in your changes missing coverage. Please review.

Project coverage is 72.33%. Comparing base (13b8279) to head (e4c852e).
Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
src/charm.py 27.50% 28 Missing and 1 partial ⚠️
Additional details and impacted files
@@            Coverage Diff             @@
##             main     #838      +/-   ##
==========================================
- Coverage   72.63%   72.33%   -0.31%     
==========================================
  Files          16       16              
  Lines        4002     4041      +39     
  Branches      603      608       +5     
==========================================
+ Hits         2907     2923      +16     
- Misses        903      926      +23     
  Partials      192      192              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sinclert-canonical sinclert-canonical force-pushed the ldap-integration/pebble-service branch from c4ea0b3 to cb22b09 Compare April 16, 2025 17:22
@sinclert-canonical sinclert-canonical marked this pull request as ready for review April 16, 2025 17:22
Copy link
Member

@marceloneppel marceloneppel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Only the mention of pebble is incorrect, as there is no pebble in VM charms yet.

@sinclert-canonical
Copy link
Contributor Author

LGTM! Only the mention of pebble is incorrect, as there is no pebble in VM charms yet.

My bad. I just updated the PR title.


CI keeps failing on the test_upgrade_from_stable tests, whenever they try to spin the CI built version of the charm. The error seems to be related to the lack of a service called ldap-sync (which should be available after updating the version of the underlying PostgreSQL snap in this PR).

Indeed, looking at the logs I can see that snap version 143 is still being installed (see logs). May this be related to how the charm is built on CI? Do we need to invalidate the cache to trigger a complete re-build?

@sinclert-canonical sinclert-canonical changed the title [DPE-6345] LDAP IV: Define pebble service [DPE-6345] LDAP IV: Define snap service Apr 21, 2025
@sinclert-canonical sinclert-canonical force-pushed the ldap-integration/pebble-service branch 5 times, most recently from 37026b7 to d697379 Compare April 21, 2025 12:15
@sinclert-canonical sinclert-canonical force-pushed the ldap-integration/pebble-service branch from d697379 to e4c852e Compare April 21, 2025 12:21
@sinclert-canonical
Copy link
Contributor Author

Indeed, looking at the logs I can see that snap version 143 is still being installed (see logs). May this be related to how the charm is built on CI? Do we need to invalidate the cache to trigger a complete re-build?

Given the existing snippet to deal with snap revision mismatch, I understood that the installation of old revisions is something operator code must be prepared for. Therefore, I have protected the LDAP service restart logic in a similar regard (see this commit).

@sinclert-canonical sinclert-canonical merged commit 327d491 into main Apr 22, 2025
94 of 95 checks passed
@sinclert-canonical sinclert-canonical deleted the ldap-integration/pebble-service branch April 22, 2025 07:18
dragomirp added a commit that referenced this pull request Apr 23, 2025
* [MISC] Use latest/stable lxd (#804)

* Use latest stable lxd

* Test tweaks

* Test tweaks

* Update canonical/data-platform-workflows action to v31.0.1 (#805)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6874] Poll all members in the cluster topology script (#810)

* Poll all members in the cluster topology script

* Dual branch config

* Unit tests and bugfixes

* Add peers when starting the observer

* Retry sync up checks

* [DPE-6572] Add wal_keep_size config option (#799)

* Add wal_keep_size config option

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Remove parameter addition

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Reset durability_wal_keep_size value to PG default

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Create pull_request_template.md (#814)

* Create SECURITY.md (#822)

* Update README file's security section (#827)

* Refactor headings for syntax best practice

* Update the Security section

* Sync docs from Discourse (#796)

Co-authored-by: GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>

* [MISC] Conditional checksum calculation (#812)

* Bump boto

* Conditional checksum calculation

* [DPE-6218] Static code analysis (#828)

* Create tiobe_scan.yaml

* Remove push trigger

* [MISC] Disable landscape subordinate test lxd (#831)

* Set series for ubuntu-advantage test and disable the landscape test

* Revert to LTS LXD

* Update charmcraft.yaml build tools (#815)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [MISC] Update snapped PostgreSQL (#832)

* [DPE-6345] LDAP I: Create access groups (#823)

* [DPE-6345] LDAP II: Include charm libs (#824)

* [DPE-6345] LDAP III: Define config and handlers (#825)

* [DPE-6345] LDAP IV: Define snap service (#838)

* [DPE-6345] LDAP V: Define mapping option (#849)

* [MISC] Disable network cut tests on arm (#844)

* Disable network cut tests on arm

* Back to LXD 5

* [DPE-6815] disable pgaudit during extensions changes (#842)

* disable pgaudit during extensions changes

* Bump libs

* Lock file maintenance Python dependencies (main) (#816)

* Lock file maintenance Python dependencies

* Fix linting

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Andreia <andreia.velasco@canonical.com>
Co-authored-by: Vladimir Izmalkov <48120135+izmalk@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Sinclert Pérez <sinclert.perez@canonical.com>
a-velasco added a commit that referenced this pull request Jun 10, 2025
* [MISC] Use latest/stable lxd (#804)

* Use latest stable lxd

* Test tweaks

* Test tweaks

* Update canonical/data-platform-workflows action to v31.0.1 (#805)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6874] Poll all members in the cluster topology script (#810)

* Poll all members in the cluster topology script

* Dual branch config

* Unit tests and bugfixes

* Add peers when starting the observer

* Retry sync up checks

* [DPE-6572] Add wal_keep_size config option (#799)

* Add wal_keep_size config option

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Remove parameter addition

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Reset durability_wal_keep_size value to PG default

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Create pull_request_template.md (#814)

* Create SECURITY.md (#822)

* Update README file's security section (#827)

* Refactor headings for syntax best practice

* Update the Security section

* Sync docs from Discourse (#796)

Co-authored-by: GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>

* [MISC] Conditional checksum calculation (#812)

* Bump boto

* Conditional checksum calculation

* [DPE-6218] Static code analysis (#828)

* Create tiobe_scan.yaml

* Remove push trigger

* [MISC] Disable landscape subordinate test lxd (#831)

* Set series for ubuntu-advantage test and disable the landscape test

* Revert to LTS LXD

* Update charmcraft.yaml build tools (#815)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [MISC] Update snapped PostgreSQL (#832)

* [DPE-6345] LDAP I: Create access groups (#823)

* [DPE-6345] LDAP II: Include charm libs (#824)

* [DPE-6345] LDAP III: Define config and handlers (#825)

* [DPE-6345] LDAP IV: Define snap service (#838)

* [DPE-6345] LDAP V: Define mapping option (#849)

* [MISC] Disable network cut tests on arm (#844)

* Disable network cut tests on arm

* Back to LXD 5

* [DPE-6815] disable pgaudit during extensions changes (#842)

* disable pgaudit during extensions changes

* Bump libs

* Lock file maintenance Python dependencies (main) (#816)

* Lock file maintenance Python dependencies

* Fix linting

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>

* Update dependency uv to v0.6.16 (#847)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6664] Make username mandatory in set-password (#846)

* Make username mandatory

* Second get password method

* Default in get-password

* Add conditional expose directive (#853)

* Lock file maintenance Python dependencies (#854)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Mandatory scope for promote action (#856)

* Update charmcraft.yaml build tools (#860)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Lock file maintenance Python dependencies (#861)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Sync docs from Discourse (#850)

Co-authored-by: GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>

* [MISC] Extend relation-user listing syntax (#868)

* Sync libs (#884)

* Remove runner password (#913)

* initial starter pack transfer

* update conf.py

* import processed discourse pages

* fix internal references and some broken URLs

* fix some style errors

* organize navigation and misc formatting fixes

* remove h1 heading anchors

* add images to repository

* edit home page and misc small fixes

* update .readthedocs.yaml

* remove docs/requirements.txt from .gitignore scope

* fix incorrect paths

* remove shell syntax from code blocks

* remove juju 2 banners

* fix dropdown formatting

* fix and polish admonitions, collapsible, and misc formatting

* remove v14 docs

* remove references to deleted page

* update branch in .readthedocs.yaml

* fix reference issues

* add version to side nav

* sync tutorial with 14

* fix broken internal links

* rename how-to-guides/ to how-to/

* update some TODO comments

* update ci workflows

* merge 16/edge

* update workflows

* fix more docs merge issues

* update deployment channel to 16

* sync with k8s

* add doc ci checks

* update home page

* update old discourse links

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Dragomir Penev <6687393+dragomirp@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Vladimir Izmalkov <48120135+izmalk@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Sinclert Pérez <sinclert.perez@canonical.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>
Co-authored-by: swetha1654 <swetha.swaminathan@canonical.com>
marceloneppel added a commit that referenced this pull request Jun 13, 2025
* [MISC] Use latest/stable lxd (#804)

* Use latest stable lxd

* Test tweaks

* Test tweaks

* Update canonical/data-platform-workflows action to v31.0.1 (#805)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6874] Poll all members in the cluster topology script (#810)

* Poll all members in the cluster topology script

* Dual branch config

* Unit tests and bugfixes

* Add peers when starting the observer

* Retry sync up checks

* [DPE-6572] Add wal_keep_size config option (#799)

* Add wal_keep_size config option

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Remove parameter addition

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Reset durability_wal_keep_size value to PG default

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Create pull_request_template.md (#814)

* Create SECURITY.md (#822)

* Update README file's security section (#827)

* Refactor headings for syntax best practice

* Update the Security section

* Sync docs from Discourse (#796)

Co-authored-by: GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>

* [MISC] Conditional checksum calculation (#812)

* Bump boto

* Conditional checksum calculation

* [DPE-6218] Static code analysis (#828)

* Create tiobe_scan.yaml

* Remove push trigger

* [MISC] Disable landscape subordinate test lxd (#831)

* Set series for ubuntu-advantage test and disable the landscape test

* Revert to LTS LXD

* Update charmcraft.yaml build tools (#815)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [MISC] Update snapped PostgreSQL (#832)

* [DPE-6345] LDAP I: Create access groups (#823)

* [DPE-6345] LDAP II: Include charm libs (#824)

* [DPE-6345] LDAP III: Define config and handlers (#825)

* [DPE-6345] LDAP IV: Define snap service (#838)

* [DPE-6345] LDAP V: Define mapping option (#849)

* [MISC] Disable network cut tests on arm (#844)

* Disable network cut tests on arm

* Back to LXD 5

* [DPE-6815] disable pgaudit during extensions changes (#842)

* disable pgaudit during extensions changes

* Bump libs

* Lock file maintenance Python dependencies (main) (#816)

* Lock file maintenance Python dependencies

* Fix linting

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>

* Update dependency uv to v0.6.16 (#847)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6664] Make username mandatory in set-password (#846)

* Make username mandatory

* Second get password method

* Default in get-password

* Add conditional expose directive (#853)

* Lock file maintenance Python dependencies (#854)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Mandatory scope for promote action (#856)

* Update charmcraft.yaml build tools (#860)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Lock file maintenance Python dependencies (#861)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Sync docs from Discourse (#850)

Co-authored-by: GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>

* [MISC] Extend relation-user listing syntax (#868)

* Move _update_member_ip call to correctly remove Raft cluster member when network is cut

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix coverage

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Sync libs (#884)

* Update refresh tests to modify charm to ensure refresh off edge or stable

* Fix lint warnings

* Store temporary charms in /tmp for upgrade_from_stable tests

* Use force-refresh-start instead of forcing refresh by updating versions

* Remove runner password (#913)

* [DPE-6898] User->databases pg_hba rules (#885)

* Restrict each user to their allowed databases

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix unit tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix sync users on replicas

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix unit test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add default landscape user permission

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Increase sleep time in pg_hba test, fix user->database mapping for upgrade from stable and skip event trigger function code when not a superuser

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Improve users list check

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix raft reinitialisation in tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Decrease the amount of API calls by one

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Check users list directly

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Tweak test fast interval

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Improvements to avoid replica restart while syncing from primary

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix linting

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Handle same snap revision situation in upgrade tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Merge

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Improvement to avoid replica restart while syncing from primary

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Run stop-continuous-writes action only once

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Increase sleep time in Juju spaces test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Update charmcraft.yaml build tools (#871)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [MISC] Remove JujuVersion warning in 14/edge (#933)

* Remove JujuVersion warning

* Update libs

* Refactor v14 documentation for Sphinx (#919)

* initial starter pack transfer
* update conf.py
* import processed discourse pages
* fix internal references and some broken URLs
* fix some style errors
* organize navigation
* remove h1 heading anchors
* add images to repository
* edit home page
* update .readthedocs.yaml
* remove docs/requirements.txt from .gitignore scope
* fix incorrect paths
* remove shell syntax from code blocks
* remove juju 2 banners
* fix dropdown formatting
* fix and polish admonitions, collapsible, and misc formatting
* remove v16 docs
* remove reference to nonexistant page
* Join all tutorial pages
* rename how-to-guides to how-to
* polish cloud deployment guides and rename leftover how-to-guide references
* polish and sync how-to guides with k8s
* remove discourse sync workflow
* specify channel on all deploy commands
* misc polishing, add version to side nav
* add pg 16 admonitions
* ignore docs folder in charm workflows
* sync misc. pages with k8s
* Minor README update with new documentation link
* add new section to CLI-helpers reference
* pin commit for v16 tag on markdown lint workflow for added security
* Update README.md
* remove sphinx python dependency check workflow
* Update index.md: add link to roles.md (#928)

---------

Co-authored-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Alex Lutay <1928266+taurus-forever@users.noreply.github.com>

* [DPE-7511] Fix the auth username pattern (#941)

* Fix auth username pattern

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix another ocurrence of the pattern

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add temp tablespace create

* Temp tblspace outside of transaction

* Reset role in test_pg_hba setup

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Detect when databases and their ACLs change

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix predefined catalog roles test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix unit test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add unit tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add missing autocommit

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Remove _hash suffix from variables names

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* [MISC] Fix timeouts in 14 to 16 merge (#959)

* Handle PostgreSQLListUsersError

* Try to trigger the pg_hba update on db requested

* Try to hold db requested until pg_hba is up to date

* Increase timeouts

* Scale in parallel

* Fix param passing

* Increase timeout

* Try to scale without ffwd

* Try not to defer rel changed

* Remove extra hook

* Check if patroni is running before calling the health endpoint

* Revert timeout

* Pass the timeout param

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Dragomir Penev <6687393+dragomirp@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Andreia <andreia.velasco@canonical.com>
Co-authored-by: Vladimir Izmalkov <48120135+izmalk@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Sinclert Pérez <sinclert.perez@canonical.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>
Co-authored-by: swetha1654 <swetha.swaminathan@canonical.com>
Co-authored-by: Shayan Patel <shayan.patel@canonical.com>
Co-authored-by: Alex Lutay <1928266+taurus-forever@users.noreply.github.com>
taurus-forever added a commit to taurus-forever/postgresql-operator that referenced this pull request Jun 25, 2025
* [MISC] Use latest/stable lxd (canonical#804)

* Use latest stable lxd

* Test tweaks

* Test tweaks

* Update canonical/data-platform-workflows action to v31.0.1 (canonical#805)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6874] Poll all members in the cluster topology script (canonical#810)

* Poll all members in the cluster topology script

* Dual branch config

* Unit tests and bugfixes

* Add peers when starting the observer

* Retry sync up checks

* [DPE-6572] Add wal_keep_size config option (canonical#799)

* Add wal_keep_size config option

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Remove parameter addition

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Reset durability_wal_keep_size value to PG default

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Create pull_request_template.md (canonical#814)

* Create SECURITY.md (canonical#822)

* Update README file's security section (canonical#827)

* Refactor headings for syntax best practice

* Update the Security section

* Sync docs from Discourse (canonical#796)

Co-authored-by: GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>

* [MISC] Conditional checksum calculation (canonical#812)

* Bump boto

* Conditional checksum calculation

* [DPE-6218] Static code analysis (canonical#828)

* Create tiobe_scan.yaml

* Remove push trigger

* [MISC] Disable landscape subordinate test lxd (canonical#831)

* Set series for ubuntu-advantage test and disable the landscape test

* Revert to LTS LXD

* Update charmcraft.yaml build tools (canonical#815)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [MISC] Update snapped PostgreSQL (canonical#832)

* [DPE-6345] LDAP I: Create access groups (canonical#823)

* [DPE-6345] LDAP II: Include charm libs (canonical#824)

* [DPE-6345] LDAP III: Define config and handlers (canonical#825)

* [DPE-6345] LDAP IV: Define snap service (canonical#838)

* [DPE-6345] LDAP V: Define mapping option (canonical#849)

* [MISC] Disable network cut tests on arm (canonical#844)

* Disable network cut tests on arm

* Back to LXD 5

* [DPE-6815] disable pgaudit during extensions changes (canonical#842)

* disable pgaudit during extensions changes

* Bump libs

* Lock file maintenance Python dependencies (main) (canonical#816)

* Lock file maintenance Python dependencies

* Fix linting

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>

* Update dependency uv to v0.6.16 (canonical#847)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [DPE-6664] Make username mandatory in set-password (canonical#846)

* Make username mandatory

* Second get password method

* Default in get-password

* Add conditional expose directive (canonical#853)

* Lock file maintenance Python dependencies (canonical#854)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Mandatory scope for promote action (canonical#856)

* Update charmcraft.yaml build tools (canonical#860)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Lock file maintenance Python dependencies (canonical#861)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Sync docs from Discourse (canonical#850)

Co-authored-by: GitHub Actions <41898282+github-actions[bot]@users.noreply.github.com>

* [MISC] Extend relation-user listing syntax (canonical#868)

* Move _update_member_ip call to correctly remove Raft cluster member when network is cut

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix coverage

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Sync libs (canonical#884)

* Update refresh tests to modify charm to ensure refresh off edge or stable

* Fix lint warnings

* Store temporary charms in /tmp for upgrade_from_stable tests

* Use force-refresh-start instead of forcing refresh by updating versions

* Remove runner password (canonical#913)

* [DPE-6898] User->databases pg_hba rules (canonical#885)

* Restrict each user to their allowed databases

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix unit tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix sync users on replicas

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix unit test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add default landscape user permission

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Increase sleep time in pg_hba test, fix user->database mapping for upgrade from stable and skip event trigger function code when not a superuser

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Improve users list check

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix raft reinitialisation in tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Decrease the amount of API calls by one

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Check users list directly

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Tweak test fast interval

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Improvements to avoid replica restart while syncing from primary

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix linting

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Handle same snap revision situation in upgrade tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Merge

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Improvement to avoid replica restart while syncing from primary

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Run stop-continuous-writes action only once

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Increase sleep time in Juju spaces test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Update charmcraft.yaml build tools (canonical#871)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [MISC] Remove JujuVersion warning in 14/edge (canonical#933)

* Remove JujuVersion warning

* Update libs

* Refactor v14 documentation for Sphinx (canonical#919)

* initial starter pack transfer
* update conf.py
* import processed discourse pages
* fix internal references and some broken URLs
* fix some style errors
* organize navigation
* remove h1 heading anchors
* add images to repository
* edit home page
* update .readthedocs.yaml
* remove docs/requirements.txt from .gitignore scope
* fix incorrect paths
* remove shell syntax from code blocks
* remove juju 2 banners
* fix dropdown formatting
* fix and polish admonitions, collapsible, and misc formatting
* remove v16 docs
* remove reference to nonexistant page
* Join all tutorial pages
* rename how-to-guides to how-to
* polish cloud deployment guides and rename leftover how-to-guide references
* polish and sync how-to guides with k8s
* remove discourse sync workflow
* specify channel on all deploy commands
* misc polishing, add version to side nav
* add pg 16 admonitions
* ignore docs folder in charm workflows
* sync misc. pages with k8s
* Minor README update with new documentation link
* add new section to CLI-helpers reference
* pin commit for v16 tag on markdown lint workflow for added security
* Update README.md
* remove sphinx python dependency check workflow
* Update index.md: add link to roles.md (canonical#928)

---------

Co-authored-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Alex Lutay <1928266+taurus-forever@users.noreply.github.com>

* [DPE-7511] Fix the auth username pattern (canonical#941)

* Fix auth username pattern

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix another ocurrence of the pattern

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add temp tablespace create

* Temp tblspace outside of transaction

* Reset role in test_pg_hba setup

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Detect when databases and their ACLs change

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix predefined catalog roles test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Fix unit test

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add unit tests

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Add missing autocommit

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* Remove _hash suffix from variables names

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>

* [MISC] Fix timeouts in 14 to 16 merge (canonical#959)

* Handle PostgreSQLListUsersError

* Try to trigger the pg_hba update on db requested

* Try to hold db requested until pg_hba is up to date

* Increase timeouts

* Scale in parallel

* Fix param passing

* Increase timeout

* Try to scale without ffwd

* Try not to defer rel changed

* Remove extra hook

* Check if patroni is running before calling the health endpoint

* Revert timeout

* Pass the timeout param

---------

Signed-off-by: Marcelo Henrique Neppel <marcelo.neppel@canonical.com>
Co-authored-by: Dragomir Penev <6687393+dragomirp@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Andreia <andreia.velasco@canonical.com>
Co-authored-by: Vladimir Izmalkov <48120135+izmalk@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Sinclert Pérez <sinclert.perez@canonical.com>
Co-authored-by: Dragomir Penev <dragomir.penev@canonical.com>
Co-authored-by: swetha1654 <swetha.swaminathan@canonical.com>
Co-authored-by: Shayan Patel <shayan.patel@canonical.com>
Co-authored-by: Alex Lutay <1928266+taurus-forever@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature, UI change, or workload upgrade Libraries: Out of sync
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants