-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
pass PGPASSWORD via env directly, not via shell #939
base: master
Are you sure you want to change the base?
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
|
@@ -55,22 +55,25 @@ def query_csv(sql, config = configuration) | |||||
|
||||||
def psql(query, config = configuration) | ||||||
if ping(config) | ||||||
execute(psql_command(config), | ||||||
cmd, env = psql_command(config) | ||||||
execute(cmd, | ||||||
:stdin => query, | ||||||
:hidden_patterns => [config['password']]) | ||||||
:env => env) | ||||||
else | ||||||
raise_service_error | ||||||
end | ||||||
end | ||||||
|
||||||
def ping(config = configuration) | ||||||
execute?(psql_command(config), | ||||||
cmd, env = psql_command(config) | ||||||
execute?(cmd, | ||||||
:stdin => 'SELECT 1 as ping', | ||||||
:hidden_patterns => [config['password']]) | ||||||
:env => env) | ||||||
end | ||||||
|
||||||
def dump_db(file, config = configuration) | ||||||
execute!(dump_command(config) + " > #{file}", :hidden_patterns => [config['password']]) | ||||||
cmd, env = dump_command(config) | ||||||
execute!(cmd + " > #{file}", :env => env) | ||||||
end | ||||||
|
||||||
def restore_dump(file, localdb, config = configuration) | ||||||
|
@@ -80,11 +83,10 @@ def restore_dump(file, localdb, config = configuration) | |||||
else | ||||||
# TODO: figure out how to completely ignore errors. Currently this | ||||||
# sometimes exits with 1 even though errors are ignored by pg_restore | ||||||
dump_cmd = base_command(config, 'pg_restore') + | ||||||
' --no-privileges --clean --disable-triggers -n public ' \ | ||||||
"-d #{config['database']} #{file}" | ||||||
execute!(dump_cmd, :hidden_patterns => [config['password']], | ||||||
:valid_exit_statuses => [0, 1]) | ||||||
cmd, env = base_command(config, 'pg_restore') | ||||||
cmd += ' --no-privileges --clean --disable-triggers -n public ' \ | ||||||
"-d #{config['database']} #{file}" | ||||||
execute!(cmd, :valid_exit_statuses => [0, 1], :env => env) | ||||||
end | ||||||
end | ||||||
|
||||||
|
@@ -125,8 +127,9 @@ def dropdb(config = configuration) | |||||
def db_version(config = configuration) | ||||||
if ping(config) | ||||||
# Note - t removes headers, -A removes alignment whitespace | ||||||
server_version_cmd = psql_command(config) + ' -c "SHOW server_version" -t -A' | ||||||
version_string = execute!(server_version_cmd, :hidden_patterns => [config['password']]) | ||||||
cmd, env = psql_command(config) | ||||||
cmd += ' -c "SHOW server_version" -t -A' | ||||||
version_string = execute!(cmd, :env => env) | ||||||
version(version_string) | ||||||
else | ||||||
raise_service_error | ||||||
|
@@ -146,17 +149,20 @@ def raise_psql_missing_error | |||||
private | ||||||
|
||||||
def base_command(config, command = 'psql') | ||||||
"PGPASSWORD='#{config[%(password)]}' "\ | ||||||
"#{command} -h #{config['host'] || 'localhost'} "\ | ||||||
env = { 'PGPASSWORD' => config['password'] } | ||||||
cmd = "#{command} -h #{config['host'] || 'localhost'} "\ | ||||||
" -p #{config['port'] || '5432'} -U #{config['username']}" | ||||||
return cmd, env | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I think RuboCop would prefer
Suggested change
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. and yet it didn't complain :D |
||||||
end | ||||||
|
||||||
def psql_command(config) | ||||||
base_command(config, 'psql') + " -d #{config['database']}" | ||||||
cmd, env = base_command(config, 'psql') | ||||||
return cmd + " -d #{config['database']}", env | ||||||
end | ||||||
|
||||||
def dump_command(config) | ||||||
base_command(config, 'pg_dump') + " -Fc #{config['database']}" | ||||||
cmd, env = base_command(config, 'pg_dump') | ||||||
return cmd + " -Fc #{config['database']}", env | ||||||
end | ||||||
|
||||||
def raise_service_error | ||||||
|
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Should we just drop the file? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. we could, yeah. I pondered writing actual new tests, but didn't so far. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It feels like this should use
psql('SHOW server_version')
, but you probably also saw that and considered it out of scope.And as always, I think it should have used
--no-align
instead of-A
to make the comment above it redundant.