Create the management role in the database controller#368
Merged
Conversation
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
Verify controller assumptions before any side-effecting work: - the database connection is alive - the connecting user is a member of the configured superuser role The role defaults to rds_superuser (RDS's conventional admin role) and can be overridden for non-RDS deployments via --superuser-role-name. On failure the error names the violated assumption so operators can act on it. Wired into PostgreSQLDatabaseReconciler and CustomRoleReconciler. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
tmablunar
force-pushed
the
worktree-bold-fox-ag38
branch
from
d04c278 to
7659b91
Compare
The controller's postgres.Database call grants the service role to the management role WITH ADMIN OPTION but silently ignores undefined_object errors, so a missing management role used to fail invisibly. The PostgreSQLDatabaseReconciler now creates the role on demand right after preflight, before any reconcile work touches it. A new postgres.EnsureManagerRole helper wraps an idempotent CREATE ROLE (duplicate_object treated as no-op) so concurrent reconcilers and re-runs are safe. The controller's runPreflight method becomes prepareHost - it now does preflight + management role provisioning over a single admin connection. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
tmablunar
force-pushed
the
create-manager-role-in-db-controller
branch
from
f5228bb to
fab4b85
Compare
…d injection Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Contributor
Author
|
bugbot run |
mahlunar
approved these changes
Apr 28, 2026
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit daefeec. Configure here.
…ver runPreflight Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Stacked on top of #367.
Summary
postgres.Databasecall grants the service role to the management role WITH ADMIN OPTION, but silently ignoresundefined_object. A missing management role used to fail invisibly.postgres.EnsureManagerRolehelper wraps an idempotentCREATE ROLE(duplicate_object → no-op).PostgreSQLDatabaseReconcilernow provisions the management role right after preflight, before any reconcile work touches it. The controller'srunPreflighthelper is renamed toprepareHostsince it now does both check + setup over a single admin connection.Test plan
go build ./...andgo vet ./...passgo test ./pkg/postgres/...(non-integration) passesPOSTGRESQL_CONTROLLER_INTEGRATION_HOST=... go test ./pkg/postgres/... -run TestEnsureManagerRolecovers create + idempotent paths🤖 Generated with Claude Code
Note
Medium Risk
Touches database provisioning and role/privilege setup by adding automatic creation of the management role; misconfiguration (e.g., insufficient admin privileges or wrong role name) could cause reconciles to fail where they previously proceeded.
Overview
The controller now prepares a PostgreSQL host before reconciliation by reusing the admin connection to run preflight checks and proactively create the management role if missing.
This introduces
postgres.EnsureManagerRole, an idempotentCREATE ROLEhelper (treatingduplicate_objectas a no-op) with new integration tests, and renamesrunPreflighttoprepareHostto reflect the expanded responsibilities.Reviewed by Cursor Bugbot for commit daefeec. Configure here.