From 05af2ebd27c46e3f021f7d8877eb550e60e13d7d Mon Sep 17 00:00:00 2001
From: Mohcine Tor <mohcine.tor@cosmotech.com>
Date: Mon, 2 Mar 2026 09:10:31 +0100
Subject: [PATCH] fix: grant default SELECT privileges to reader role

---
 Babylon/templates/working_dir/.templates/yaml/k8s_job.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Babylon/templates/working_dir/.templates/yaml/k8s_job.yaml b/Babylon/templates/working_dir/.templates/yaml/k8s_job.yaml
index be94c890..879d1602 100644
--- a/Babylon/templates/working_dir/.templates/yaml/k8s_job.yaml
+++ b/Babylon/templates/working_dir/.templates/yaml/k8s_job.yaml
@@ -28,6 +28,8 @@ spec:
 
               psql -h ${db_host} -p ${db_port} -U ${cosmotech_api_admin_username} -d ${cosmotech_api_database} -c "GRANT USAGE ON SCHEMA ${workspace_schema} TO ${cosmotech_api_reader_username};"
               echo "SUCCESS:  Permissions granted"
+              psql -h ${db_host} -p ${db_port} -U ${cosmotech_api_admin_username} -d ${cosmotech_api_database} -c "ALTER DEFAULT PRIVILEGES IN SCHEMA ${workspace_schema} GRANT SELECT ON TABLES TO  ${cosmotech_api_reader_username};"
+              echo "SUCCESS:  Default privileges set successfully"
           env:
             - name: PGPASSWORD
               valueFrom: