Skip to content

Commit e3ae32d

Browse files
bitnerbitner
authored
Fixci releasev0.8.1 (#214)
* fix ci bug with docker builds on release * update changelog
1 parent 887b5bb commit e3ae32d

File tree

8 files changed

+4365
-6
lines changed

8 files changed

+4365
-6
lines changed

.github/workflows/release.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,7 @@ jobs:
105105
with:
106106
context: .
107107
target: pyrustbase
108-
file: docker/pgstac/Dockerfile
108+
file: docker/pypgstac/Dockerfile
109109
tags: ${{ steps.meta.outputs.tags }}
110110
labels: ${{ steps.meta.outputs.labels }}
111111
push: true
@@ -135,7 +135,7 @@ jobs:
135135
with:
136136
context: .
137137
target: pypgstac
138-
file: docker/pgstac/Dockerfile
138+
file: docker/pypgstac/Dockerfile
139139
tags: ${{ steps.meta.outputs.tags }}
140140
labels: ${{ steps.meta.outputs.labels }}
141141
push: true

CHANGELOG.md

+7
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,12 @@ All notable changes to this project will be documented in this file.
44
The format is based on [Keep a Changelog](http://keepachangelog.com/)
55
and this project adheres to [Semantic Versioning](http://semver.org/).
66

7+
## [v0.8.1]
8+
9+
### Fixed
10+
11+
- Fix issue with CI building/pushing docker images
12+
713
## [v0.8.0]
814

915
### Fixed
@@ -384,6 +390,7 @@ _TODO_
384390

385391
- Fixed issue with pypgstac loads which caused some writes to fail ([#18](https://github.com/stac-utils/pgstac/pull/18))
386392

393+
[v0.8.1]: https://github.com/stac-utils/pgstac/compare/v0.8.0...v0.8.1
387394
[v0.8.0]: https://github.com/stac-utils/pgstac/compare/v0.7.10...v0.8.0
388395
[v0.7.10]: https://github.com/stac-utils/pgstac/compare/v0.7.9...v0.7.10
389396
[v0.7.9]: https://github.com/stac-utils/pgstac/compare/v0.7.8...v0.7.9

src/pgstac/migrations/pgstac.0.8.0-0.8.1.sql

+249
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,249 @@
1+
SET client_min_messages TO WARNING;
2+
SET SEARCH_PATH to pgstac, public;
3+
RESET ROLE;
4+
DO $$
5+
DECLARE
6+
BEGIN
7+
IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname='postgis') THEN
8+
CREATE EXTENSION IF NOT EXISTS postgis;
9+
END IF;
10+
IF NOT EXISTS (SELECT 1 FROM pg_extension WHERE extname='btree_gist') THEN
11+
CREATE EXTENSION IF NOT EXISTS btree_gist;
12+
END IF;
13+
END;
14+
$$ LANGUAGE PLPGSQL;
15+
16+
DO $$
17+
BEGIN
18+
CREATE ROLE pgstac_admin;
19+
EXCEPTION WHEN duplicate_object THEN
20+
RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE;
21+
END
22+
$$;
23+
24+
DO $$
25+
BEGIN
26+
CREATE ROLE pgstac_read;
27+
EXCEPTION WHEN duplicate_object THEN
28+
RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE;
29+
END
30+
$$;
31+
32+
DO $$
33+
BEGIN
34+
CREATE ROLE pgstac_ingest;
35+
EXCEPTION WHEN duplicate_object THEN
36+
RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE;
37+
END
38+
$$;
39+
40+
41+
GRANT pgstac_admin TO current_user;
42+
43+
-- Function to make sure pgstac_admin is the owner of items
44+
CREATE OR REPLACE FUNCTION pgstac_admin_owns() RETURNS VOID AS $$
45+
DECLARE
46+
f RECORD;
47+
BEGIN
48+
FOR f IN (
49+
SELECT
50+
concat(
51+
oid::regproc::text,
52+
'(',
53+
coalesce(pg_get_function_identity_arguments(oid),''),
54+
')'
55+
) AS name,
56+
CASE prokind WHEN 'f' THEN 'FUNCTION' WHEN 'p' THEN 'PROCEDURE' WHEN 'a' THEN 'AGGREGATE' END as typ
57+
FROM pg_proc
58+
WHERE
59+
pronamespace=to_regnamespace('pgstac')
60+
AND proowner != to_regrole('pgstac_admin')
61+
AND proname NOT LIKE 'pg_stat%'
62+
)
63+
LOOP
64+
BEGIN
65+
EXECUTE format('ALTER %s %s OWNER TO pgstac_admin;', f.typ, f.name);
66+
EXCEPTION WHEN others THEN
67+
RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE;
68+
END;
69+
END LOOP;
70+
FOR f IN (
71+
SELECT
72+
oid::regclass::text as name,
73+
CASE relkind
74+
WHEN 'i' THEN 'INDEX'
75+
WHEN 'I' THEN 'INDEX'
76+
WHEN 'p' THEN 'TABLE'
77+
WHEN 'r' THEN 'TABLE'
78+
WHEN 'v' THEN 'VIEW'
79+
WHEN 'S' THEN 'SEQUENCE'
80+
ELSE NULL
81+
END as typ
82+
FROM pg_class
83+
WHERE relnamespace=to_regnamespace('pgstac') and relowner != to_regrole('pgstac_admin') AND relkind IN ('r','p','v','S') AND relname NOT LIKE 'pg_stat'
84+
)
85+
LOOP
86+
BEGIN
87+
EXECUTE format('ALTER %s %s OWNER TO pgstac_admin;', f.typ, f.name);
88+
EXCEPTION WHEN others THEN
89+
RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE;
90+
END;
91+
END LOOP;
92+
RETURN;
93+
END;
94+
$$ LANGUAGE PLPGSQL;
95+
SELECT pgstac_admin_owns();
96+
97+
CREATE SCHEMA IF NOT EXISTS pgstac AUTHORIZATION pgstac_admin;
98+
99+
GRANT ALL ON ALL FUNCTIONS IN SCHEMA pgstac to pgstac_admin;
100+
GRANT ALL ON ALL TABLES IN SCHEMA pgstac to pgstac_admin;
101+
GRANT ALL ON ALL SEQUENCES IN SCHEMA pgstac to pgstac_admin;
102+
103+
ALTER ROLE pgstac_admin SET SEARCH_PATH TO pgstac, public;
104+
ALTER ROLE pgstac_read SET SEARCH_PATH TO pgstac, public;
105+
ALTER ROLE pgstac_ingest SET SEARCH_PATH TO pgstac, public;
106+
107+
GRANT USAGE ON SCHEMA pgstac to pgstac_read;
108+
ALTER DEFAULT PRIVILEGES IN SCHEMA pgstac GRANT SELECT ON TABLES TO pgstac_read;
109+
ALTER DEFAULT PRIVILEGES IN SCHEMA pgstac GRANT USAGE ON TYPES TO pgstac_read;
110+
ALTER DEFAULT PRIVILEGES IN SCHEMA pgstac GRANT ALL ON SEQUENCES TO pgstac_read;
111+
112+
GRANT pgstac_read TO pgstac_ingest;
113+
GRANT ALL ON SCHEMA pgstac TO pgstac_ingest;
114+
ALTER DEFAULT PRIVILEGES IN SCHEMA pgstac GRANT ALL ON TABLES TO pgstac_ingest;
115+
ALTER DEFAULT PRIVILEGES IN SCHEMA pgstac GRANT ALL ON FUNCTIONS TO pgstac_ingest;
116+
117+
SET ROLE pgstac_admin;
118+
119+
SET SEARCH_PATH TO pgstac, public;
120+
121+
DO $$
122+
BEGIN
123+
DROP FUNCTION IF EXISTS analyze_items;
124+
EXCEPTION WHEN others THEN
125+
RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE;
126+
END
127+
$$;
128+
DO $$
129+
BEGIN
130+
DROP FUNCTION IF EXISTS validate_constraints;
131+
EXCEPTION WHEN others THEN
132+
RAISE NOTICE '%, skipping', SQLERRM USING ERRCODE = SQLSTATE;
133+
END
134+
$$;
135+
136+
-- Install these idempotently as migrations do not put them before trying to modify the collections table
137+
138+
139+
CREATE OR REPLACE FUNCTION collection_geom(content jsonb)
140+
RETURNS geometry AS $$
141+
WITH box AS (SELECT content->'extent'->'spatial'->'bbox'->0 as box)
142+
SELECT
143+
st_makeenvelope(
144+
(box->>0)::float,
145+
(box->>1)::float,
146+
(box->>2)::float,
147+
(box->>3)::float,
148+
4326
149+
)
150+
FROM box;
151+
$$ LANGUAGE SQL IMMUTABLE STRICT;
152+
153+
CREATE OR REPLACE FUNCTION collection_datetime(content jsonb)
154+
RETURNS timestamptz AS $$
155+
SELECT
156+
CASE
157+
WHEN
158+
(content->'extent'->'temporal'->'interval'->0->>0) IS NULL
159+
THEN '-infinity'::timestamptz
160+
ELSE
161+
(content->'extent'->'temporal'->'interval'->0->>0)::timestamptz
162+
END
163+
;
164+
$$ LANGUAGE SQL IMMUTABLE STRICT;
165+
166+
CREATE OR REPLACE FUNCTION collection_enddatetime(content jsonb)
167+
RETURNS timestamptz AS $$
168+
SELECT
169+
CASE
170+
WHEN
171+
(content->'extent'->'temporal'->'interval'->0->>1) IS NULL
172+
THEN 'infinity'::timestamptz
173+
ELSE
174+
(content->'extent'->'temporal'->'interval'->0->>1)::timestamptz
175+
END
176+
;
177+
$$ LANGUAGE SQL IMMUTABLE STRICT;
178+
-- BEGIN migra calculated SQL
179+
-- END migra calculated SQL
180+
DO $$
181+
BEGIN
182+
INSERT INTO queryables (name, definition, property_wrapper, property_index_type) VALUES
183+
('id', '{"title": "Item ID","description": "Item identifier","$ref": "https://schemas.stacspec.org/v1.0.0/item-spec/json-schema/item.json#/definitions/core/allOf/2/properties/id"}', null, null);
184+
EXCEPTION WHEN unique_violation THEN
185+
RAISE NOTICE '%', SQLERRM USING ERRCODE = SQLSTATE;
186+
END
187+
$$;
188+
189+
DO $$
190+
BEGIN
191+
INSERT INTO queryables (name, definition, property_wrapper, property_index_type) VALUES
192+
('geometry', '{"title": "Item Geometry","description": "Item Geometry","$ref": "https://geojson.org/schema/Feature.json"}', null, null);
193+
EXCEPTION WHEN unique_violation THEN
194+
RAISE NOTICE '%', SQLERRM USING ERRCODE = SQLSTATE;
195+
END
196+
$$;
197+
198+
DO $$
199+
BEGIN
200+
INSERT INTO queryables (name, definition, property_wrapper, property_index_type) VALUES
201+
('datetime','{"description": "Datetime","type": "string","title": "Acquired","format": "date-time","pattern": "(\\+00:00|Z)$"}', null, null);
202+
EXCEPTION WHEN unique_violation THEN
203+
RAISE NOTICE '%', SQLERRM USING ERRCODE = SQLSTATE;
204+
END
205+
$$;
206+
207+
DELETE FROM queryables a USING queryables b
208+
WHERE a.name = b.name AND a.collection_ids IS NOT DISTINCT FROM b.collection_ids AND a.id > b.id;
209+
210+
211+
INSERT INTO pgstac_settings (name, value) VALUES
212+
('context', 'off'),
213+
('context_estimated_count', '100000'),
214+
('context_estimated_cost', '100000'),
215+
('context_stats_ttl', '1 day'),
216+
('default_filter_lang', 'cql2-json'),
217+
('additional_properties', 'true'),
218+
('use_queue', 'false'),
219+
('queue_timeout', '10 minutes'),
220+
('update_collection_extent', 'false'),
221+
('format_cache', 'false')
222+
ON CONFLICT DO NOTHING
223+
;
224+
225+
ALTER FUNCTION to_text COST 5000;
226+
ALTER FUNCTION to_float COST 5000;
227+
ALTER FUNCTION to_int COST 5000;
228+
ALTER FUNCTION to_tstz COST 5000;
229+
ALTER FUNCTION to_text_array COST 5000;
230+
231+
232+
GRANT USAGE ON SCHEMA pgstac to pgstac_read;
233+
GRANT ALL ON SCHEMA pgstac to pgstac_ingest;
234+
GRANT ALL ON SCHEMA pgstac to pgstac_admin;
235+
236+
-- pgstac_read role limited to using function apis
237+
GRANT EXECUTE ON FUNCTION search TO pgstac_read;
238+
GRANT EXECUTE ON FUNCTION search_query TO pgstac_read;
239+
GRANT EXECUTE ON FUNCTION item_by_id TO pgstac_read;
240+
GRANT EXECUTE ON FUNCTION get_item TO pgstac_read;
241+
GRANT SELECT ON ALL TABLES IN SCHEMA pgstac TO pgstac_read;
242+
243+
244+
GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA pgstac to pgstac_ingest;
245+
GRANT ALL ON ALL TABLES IN SCHEMA pgstac to pgstac_ingest;
246+
GRANT USAGE ON ALL SEQUENCES IN SCHEMA pgstac to pgstac_ingest;
247+
248+
SELECT update_partition_stats_q(partition) FROM partitions_view;
249+
SELECT set_version('0.8.1');

0 commit comments

Comments
 (0)