Starting with PG15, default permissions on the public schema is
restricted for any non-superuser non-owner. This causes test failures
since tables can no longer be created without explicitly adding
permissions, so we remove grant when bootstrapping the data nodes and
instead grant permissions to the users in the regression tests. This
keeps the default permissions on data nodes, but allow regression tests
to run.
Fixes#3957
Reference: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=b073c3cc
The access node maintains a cache of connections to its data
nodes. Each entry in the cache is a connection for a user and remote
data node pair. Currently, a cache entry is invalidated when a foreign
server object representing a data node is changed (e.g., the port
could have been updated). The connection will remain in the cache for
the duration of the current command, but will be remade with the
updated parameters the next time it is fetched from the cache.
This change invalidates a connection cache entry if the connection's
role/user changes and drops an entry if the role is dropped. One
reason for invalidating a connection is that a role rename invalidates
the certificate the connection is using in case client certificate
authentication is used. Thus, connections that have been
authenticated with a certificate that is no longer valid will be
remade. In some cases, this extra invalidation leads to purging
connections when not strictly necessary. However, this is not a big
problem in practice since role objects don't change often.
This patch removes hardcoded database names from regresscheck-t
and replaces it with database names derived from the test name.
This allows more of the regresscheck-t tests to be run in parallel
leading to a roughly 15% speedup of regresscheck-t.
This patch is also prerequisite for allowing repeatable
installchecklocal runs.
Change `add_data_node` so that host parameter is required. If the host
parameter is not provided, or is `NULL`, an error will be printed.
Also change logic for how the default value for `port` is picked. Now
it will by default use the port given in the configuration file.
The commit update all the result files, add the `host` parameter to all
calls of `add_data_node` and add a few tests to check that an error is
given when `host` is not provided.
Creating and dropping server objects with SQL DDL statements are now
blocked. The purpose is to avoid confusion with our custom data node
APIs and ensure integrity. This restriction only applies to
TimescaleDB-related server objects.
Some tests use `DROP DATABASE` to simulate a failed data node. This
failed node could be cleaned up on the access node with `DROP
SERVER`. However, our corresponding `delete_data_node()` fails if it
cannot contact the "remote" database (which was dropped in
tests). Therefore, this PR also makes sure that `delete_data_node()`
has a `force` option that allows the local data node object to be
removed despite a failure of the remote node (or database). This is,
however, only allowed if data integrity concerns allow it.
This change also brings back a previously removed connection cache
test that used the now blocked APIs to invalidate cache objects. The
tests instead uses our custom APIs and/or test-specific hacks to
trigger cache invalidation.
By default libpq uses environment variables as a fallback way
to specify connection options, potentially they could be in
a conflict with internal implementation and introduce
security risks.
Introduce new option `timescaledb.passfile` which specifies
the name of the file used to store passwords used for a data node
connection. It is intended to be used instead of PGPASSFILE
variable, which is no longer accessible.
The license header for SQL test files has been updated, but some tests
haven't had this new header applied. This change makes sure the new
header is applied to all test files.
This commit adds the ability to cache remote connections
across commands and transactions. This is needed since establishing
new connections is expensive. The cache is invalidated
when the foreign server or user mapping is changed. Because of this
the cache is tied to a user mapping (it is keyed by the user mapping's
oid and requires a user_mapping for invalidation).
We use the syscache invalidation mechanism since foreign servers and
user mappings are already invalidated using this mechanism. This
requires some extra plumbing in our cache invalidation handling.
This cache will be used in txn callback handling and so the regular
auto-release of caches on (sub)txn commits/aborts that happens
with most caches is inappropriate. Therefore we added a new flag
to the cache called `handle_txn_callbacks` that allows a cache
to turn off the auto-release mechanism
