From b44661c146b6d7d26f09a561e695978942785a02 Mon Sep 17 00:00:00 2001 From: davidc0le Date: Sun, 3 Apr 2022 12:43:29 +0100 Subject: [PATCH 1/3] Idempotentiate TV create_tables.sql --- .../app/db/trafficvault/create_tables.sql | 112 ++++++++++-------- .../app/db/trafficvault/test/run-tvdb-test.sh | 6 + 2 files changed, 70 insertions(+), 48 deletions(-) diff --git a/traffic_ops/app/db/trafficvault/create_tables.sql b/traffic_ops/app/db/trafficvault/create_tables.sql index 2fcb97e8bd..49b33363d1 100644 --- a/traffic_ops/app/db/trafficvault/create_tables.sql +++ b/traffic_ops/app/db/trafficvault/create_tables.sql @@ -110,86 +110,102 @@ CREATE TABLE IF NOT EXISTS url_sig_key ( ALTER TABLE url_sig_key OWNER TO traffic_vault; --- --- Name: dnssec dnssec_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault --- +DO $$ BEGIN +IF NOT EXISTS (SELECT FROM information_schema.table_constraints WHERE constraint_name = 'dnssec_pkey' AND table_name = 'dnssec') THEN + -- + -- Name: dnssec dnssec_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault + -- -ALTER TABLE ONLY dnssec - ADD CONSTRAINT dnssec_pkey PRIMARY KEY (cdn); + ALTER TABLE ONLY dnssec + ADD CONSTRAINT dnssec_pkey PRIMARY KEY (cdn); +END IF; --- --- Name: sslkey sslkey_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault --- +IF NOT EXISTS (SELECT FROM information_schema.table_constraints WHERE constraint_name = 'sslkey_pkey' AND table_name = 'sslkey') THEN + -- + -- Name: sslkey sslkey_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault + -- -ALTER TABLE ONLY sslkey - ADD CONSTRAINT sslkey_pkey PRIMARY KEY (deliveryservice, cdn, version); + ALTER TABLE ONLY sslkey + ADD CONSTRAINT sslkey_pkey PRIMARY KEY (deliveryservice, cdn, version); +END IF; +IF NOT EXISTS (SELECT FROM information_schema.table_constraints WHERE constraint_name = 'uri_signing_key_pkey' AND table_name = 'uri_signing_key') THEN + -- + -- Name: uri_signing_key uri_signing_key_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault + -- --- --- Name: uri_signing_key uri_signing_key_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault --- - -ALTER TABLE ONLY uri_signing_key - ADD CONSTRAINT uri_signing_key_pkey PRIMARY KEY (deliveryservice); + ALTER TABLE ONLY uri_signing_key + ADD CONSTRAINT uri_signing_key_pkey PRIMARY KEY (deliveryservice); +END IF; +IF NOT EXISTS (SELECT FROM information_schema.table_constraints WHERE constraint_name = 'url_sig_key_pkey' AND table_name = 'url_sig_key') THEN + -- + -- Name: url_sig_key url_sig_key_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault + -- --- --- Name: url_sig_key url_sig_key_pkey; Type: CONSTRAINT; Schema: public; Owner: traffic_vault --- - -ALTER TABLE ONLY url_sig_key - ADD CONSTRAINT url_sig_key_pkey PRIMARY KEY (deliveryservice); - - --- --- Name: sslkey_cdn_idx; Type: INDEX; Schema: public; Owner: traffic_vault --- + ALTER TABLE ONLY url_sig_key + ADD CONSTRAINT url_sig_key_pkey PRIMARY KEY (deliveryservice); +END IF; -CREATE INDEX sslkey_cdn_idx ON sslkey USING btree (cdn); +IF NOT EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'cdn') THEN + -- + -- Name: sslkey_cdn_idx; Type: INDEX; Schema: public; Owner: traffic_vault + -- + CREATE INDEX sslkey_cdn_idx ON sslkey USING btree (cdn); +END IF; --- --- Name: sslkey_deliveryservice_idx; Type: INDEX; Schema: public; Owner: traffic_vault --- +IF NOT EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'deliveryservice') THEN + -- + -- Name: sslkey_deliveryservice_idx; Type: INDEX; Schema: public; Owner: traffic_vault + -- -CREATE INDEX sslkey_deliveryservice_idx ON sslkey USING btree (deliveryservice); + CREATE INDEX sslkey_deliveryservice_idx ON sslkey USING btree (deliveryservice); +END IF; --- --- Name: sslkey_version_idx; Type: INDEX; Schema: public; Owner: traffic_vault --- +IF NOT EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'version') THEN + -- + -- Name: sslkey_version_idx; Type: INDEX; Schema: public; Owner: traffic_vault + -- -CREATE INDEX sslkey_version_idx ON sslkey USING btree (version); + CREATE INDEX sslkey_version_idx ON sslkey USING btree (version); +END IF; +END$$; -- -- Name: dnssec dnssec_last_updated; Type: TRIGGER; Schema: public; Owner: traffic_vault -- - -CREATE TRIGGER dnssec_last_updated BEFORE UPDATE ON dnssec FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); - +DROP TRIGGER IF EXISTS dnssec_last_updated ON dnssec; +CREATE TRIGGER dnssec_last_updated + BEFORE UPDATE ON dnssec + FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); -- -- Name: sslkey sslkey_last_updated; Type: TRIGGER; Schema: public; Owner: traffic_vault -- - -CREATE TRIGGER sslkey_last_updated BEFORE UPDATE ON sslkey FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); - +DROP TRIGGER IF EXISTS sslkey_last_updated on sslkey; +CREATE TRIGGER sslkey_last_updated + BEFORE UPDATE ON sslkey + FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); -- -- Name: uri_signing_key uri_signing_key_last_updated; Type: TRIGGER; Schema: public; Owner: traffic_vault -- - -CREATE TRIGGER uri_signing_key_last_updated BEFORE UPDATE ON uri_signing_key FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); - +DROP TRIGGER IF EXISTS uri_signing_key_last_updated on uri_signing_key; +CREATE TRIGGER uri_signing_key_last_updated + BEFORE UPDATE ON uri_signing_key + FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); -- -- Name: url_sig_key url_sig_key_last_updated; Type: TRIGGER; Schema: public; Owner: traffic_vault -- - -CREATE TRIGGER url_sig_key_last_updated BEFORE UPDATE ON url_sig_key FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); - +DROP TRIGGER IF EXISTS url_sig_key_last_updated on url_sig_key; +CREATE TRIGGER url_sig_key_last_updated + BEFORE UPDATE ON url_sig_key + FOR EACH ROW EXECUTE PROCEDURE on_update_current_timestamp_last_updated(); -- -- PostgreSQL database dump complete diff --git a/traffic_ops/app/db/trafficvault/test/run-tvdb-test.sh b/traffic_ops/app/db/trafficvault/test/run-tvdb-test.sh index 9dab7f4f65..dd6218540c 100755 --- a/traffic_ops/app/db/trafficvault/test/run-tvdb-test.sh +++ b/traffic_ops/app/db/trafficvault/test/run-tvdb-test.sh @@ -105,6 +105,12 @@ fi ./db/admin --trafficvault --env=production upgrade || { echo "DB upgrade failed!"; exit 1; } +if ! ./db/admin --trafficvault -env=production load_schema || + ! ./db/admin --trafficvault -env=production load_schema; then + echo 'Could not re-run create_tables.sql!' + exit 1 +fi; + # insert some dummy TVDB data, run db/reencrypt/reencrypt to test it sslkey_data=$(cat /sslkey.dat) dnssec_data=$(cat /dnssec.dat) From f821a7b13a417d7bb09756947c847298a6e9bce5 Mon Sep 17 00:00:00 2001 From: davidc0le Date: Sun, 3 Apr 2022 14:19:14 +0100 Subject: [PATCH 2/3] CHANGELOG --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index ecd2dbf5c7..5eaf770b41 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -35,6 +35,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - Only `operations` and `admin` roles should have the `DELIVERY-SERVICE:UPDATE` permission. - [#6369](https://github.com/apache/trafficcontrol/pull/6369) Fixed `/acme_accounts` endpoint to validate email and URL fields - Fixed searching of the ds parameter merge_parent_groups slice. +- [#6712](https://github.com/apache/trafficcontrol/issues/6712) - Fixed error when loading the Traffic Vault schema from `create_tables.sql` more than once. ### Removed - Remove traffic\_portal dependencies to mitigate `npm audit` issues, specifically `grunt-concurrent`, `grunt-contrib-concat`, `grunt-contrib-cssmin`, `grunt-contrib-jsmin`, `grunt-contrib-uglify`, `grunt-contrib-htmlmin`, `grunt-newer`, and `grunt-wiredep` From 7d87c1d3e34e9c95eaecd8cf31441ab0e7672a29 Mon Sep 17 00:00:00 2001 From: davidc0le Date: Sun, 15 May 2022 17:52:55 +0100 Subject: [PATCH 3/3] Correcting issues identified by zrhoffman --- traffic_ops/app/db/trafficvault/create_tables.sql | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/traffic_ops/app/db/trafficvault/create_tables.sql b/traffic_ops/app/db/trafficvault/create_tables.sql index 49b33363d1..20c2a559b0 100644 --- a/traffic_ops/app/db/trafficvault/create_tables.sql +++ b/traffic_ops/app/db/trafficvault/create_tables.sql @@ -148,29 +148,29 @@ IF NOT EXISTS (SELECT FROM information_schema.table_constraints WHERE constraint ADD CONSTRAINT url_sig_key_pkey PRIMARY KEY (deliveryservice); END IF; -IF NOT EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'cdn') THEN +IF EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'cdn') THEN -- -- Name: sslkey_cdn_idx; Type: INDEX; Schema: public; Owner: traffic_vault -- - CREATE INDEX sslkey_cdn_idx ON sslkey USING btree (cdn); + CREATE INDEX IF NOT EXISTS sslkey_cdn_idx ON sslkey USING btree (cdn); END IF; -IF NOT EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'deliveryservice') THEN +IF EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'deliveryservice') THEN -- -- Name: sslkey_deliveryservice_idx; Type: INDEX; Schema: public; Owner: traffic_vault -- - CREATE INDEX sslkey_deliveryservice_idx ON sslkey USING btree (deliveryservice); + CREATE INDEX IF NOT EXISTS sslkey_deliveryservice_idx ON sslkey USING btree (deliveryservice); END IF; -IF NOT EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'version') THEN +IF EXISTS (SELECT FROM information_schema.columns WHERE table_name = 'sslkey' AND column_name = 'version') THEN -- -- Name: sslkey_version_idx; Type: INDEX; Schema: public; Owner: traffic_vault -- - CREATE INDEX sslkey_version_idx ON sslkey USING btree (version); + CREATE INDEX IF NOT EXISTS sslkey_version_idx ON sslkey USING btree (version); END IF; END$$;