fix schema roles and rename

2024-08-01 11:33:36 -08:00 · 2024-08-01 11:33:36 -08:00 · 0a1108b4a7
parent f1371970ac
commit 0a1108b4a7
3 changed files with 21 additions and 20 deletions
--- a/.gitea/workflows/builder.yaml
+++ b/.gitea/workflows/builder.yaml
@ -13,6 +13,16 @@ jobs:
      - uses: actions/checkout@v3
        name: Check out code

+      - uses: mr-smithers-excellent/docker-build-push@v6
+        name: Build futureporn/migrations
+        with:
+          image: futureporn/migrations
+          tags: latest
+          registry: gitea.futureporn.net
+          dockerfile: d.migrations.dockerfile
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_PASSWORD }}
+
      - uses: mr-smithers-excellent/docker-build-push@v6
        name: Build futureporn/bot
        with:
@ -23,15 +33,6 @@ jobs:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

-      - uses: mr-smithers-excellent/docker-build-push@v6
-        name: Build futureporn/migrations
-        with:
-          image: futureporn/migrations
-          tags: latest
-          registry: gitea.futureporn.net
-          dockerfile: d.migrations.dockerfile
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_PASSWORD }}

      - uses: mr-smithers-excellent/docker-build-push@v6
        name: Build futureporn/capture
--- a/services/migrations/migrations/00001_create.sql
+++ b/services/migrations/migrations/00001_create.sql
@ -4,8 +4,8 @@ CREATE schema api;

 -- authenticator is the role which can "impersonate" other users.
 CREATE ROLE authenticator LOGIN NOINHERIT NOCREATEDB NOCREATEROLE NOSUPERUSER;
-- anonymous is the role assigned to anonymous web requests
-CREATE ROLE anonymous NOLOGIN;
+-- anon is the role assigned to anon web requests
+CREATE ROLE anon NOLOGIN;

 -- schema for @futureporn/capture and @futureporn/bot
 CREATE TABLE api.discord_interactions (
@ -16,12 +16,12 @@ CREATE TABLE api.discord_interactions (


 -- roles & permissions for our backend automation user
-CREATE ROLE automation_user NOLOGIN;
-GRANT automation_user TO authenticator;
-GRANT usage ON SCHEMA api TO automation_user;
-GRANT all ON api.discord_interactions TO automation_user;
+CREATE ROLE automation NOLOGIN;
+GRANT automation TO authenticator;
+GRANT usage ON SCHEMA api TO automation;
+GRANT all ON api.discord_interactions TO automation;

-- role & permissions for anonymous web user
-CREATE ROLE anonymous_user NOLOGIN;
-GRANT usage on schema api TO anonymous_user;
-GRANT SELECT ON api.discord_interactions TO anonymous_user;
+-- role & permissions for anon web user
+CREATE ROLE anon NOLOGIN;
+GRANT usage on schema api TO anon;
+GRANT SELECT ON api.discord_interactions TO anon;
--- a/services/migrations/migrations/00002_add-records-table.sql
+++ b/services/migrations/migrations/00002_add-records-table.sql
@ -7,4 +7,4 @@ CREATE TABLE api.records (
 );

 -- roles & permissions for our backend automation user
-GRANT all ON api.records TO automation_user;
+GRANT all ON api.records TO automation;