diff --git a/ansible/manifest-playbook.yml b/ansible/manifest-playbook.yml index ce02c805c..d54510064 100644 --- a/ansible/manifest-playbook.yml +++ b/ansible/manifest-playbook.yml @@ -17,7 +17,7 @@ # currently, we upload gotrue, adminapi, postgrest - name: gotrue - download commit archive get_url: - url: "https://github.com/supabase/gotrue/releases/download/v{{ gotrue_release }}/auth-v{{ gotrue_release }}-arm64.tar.gz" + url: "https://github.com/supabase/auth/releases/download/rc2.183.0-rc.10/auth-v2.183.0-rc.10-arm64.tar.gz" dest: /tmp/auth-v{{ gotrue_release }}-arm64.tar.gz checksum: "{{ gotrue_release_checksum }}" timeout: 60 diff --git a/ansible/tasks/setup-gotrue.yml b/ansible/tasks/setup-gotrue.yml index 70bbbf85f..fc599fe78 100644 --- a/ansible/tasks/setup-gotrue.yml +++ b/ansible/tasks/setup-gotrue.yml @@ -17,12 +17,12 @@ {%- elif platform == 'arm64' -%} arm64 {%- endif -%} - +#TODO restore this temp change on download url - name: gotrue - download commit archive ansible.builtin.get_url: checksum: "{{ gotrue_release_checksum }}" dest: '/tmp/gotrue.tar.gz' - url: "https://github.com/supabase/gotrue/releases/download/v{{ gotrue_release }}/auth-v{{ gotrue_release }}-{{ arch }}.tar.gz" + url: "https://github.com/supabase/auth/releases/download/rc2.183.0-rc.10/auth-v2.183.0-rc.10-arm64.tar.gz" - name: gotrue - create /opt/gotrue and /etc/auth.d ansible.builtin.file: diff --git a/ansible/vars.yml b/ansible/vars.yml index a7e55c0a9..6dcacde0c 100644 --- a/ansible/vars.yml +++ b/ansible/vars.yml @@ -10,9 +10,9 @@ postgres_major: # Full version strings for each major version postgres_release: - postgresorioledb-17: "17.6.0.011-orioledb" - postgres17: "17.6.1.054" - postgres15: "15.14.1.054" + postgresorioledb-17: "17.6.0.010-orioledb-auth-trgm-6" + postgres17: "17.6.1.053-auth-trgm-6" + postgres15: "15.14.1.053-auth-trgm-6" # Non Postgres Extensions pgbouncer_release: 1.19.0 @@ -25,8 +25,8 @@ postgrest_release: 13.0.5 postgrest_arm_release_checksum: sha256:7b4eafdaf76bc43b57f603109d460a838f89f949adccd02f452ca339f9a0a0d4 postgrest_x86_release_checksum: sha256:05be2bd48abee6c1691fc7c5d005023466c6989e41a4fc7d1302b8212adb88b5 -gotrue_release: 2.182.1 -gotrue_release_checksum: sha1:38a12109ad62df32460d88e4c7b2a475b88e7865 +gotrue_release: rc2.183.0-rc.10 +gotrue_release_checksum: sha1:0f98282b18d49b05a5101b8bd97353efd51d6244 aws_cli_release: 2.23.11 diff --git a/migrations/db/migrations/20251121141100_supabase_auth_admin_db_grants.sql b/migrations/db/migrations/20251121141100_supabase_auth_admin_db_grants.sql new file mode 100644 index 000000000..337de469a --- /dev/null +++ b/migrations/db/migrations/20251121141100_supabase_auth_admin_db_grants.sql @@ -0,0 +1,4 @@ +-- migrate:up +grant create on database postgres to supabase_auth_admin; + +-- migrate:down diff --git a/nix/ext/versions.json b/nix/ext/versions.json index d1a78336a..5790b1217 100644 --- a/nix/ext/versions.json +++ b/nix/ext/versions.json @@ -118,127 +118,6 @@ } }, "pg_graphql": { - "1.0.2": { - "postgresql": [ - "15" - ], - "hash": "sha256-HnEyijEIkKbJFQjWF1sa5h2qqGzq/aW14454zPbo6wc=", - "pgrx": "0.6.1", - "rust": "1.82.0" - }, - "1.1.0": { - "postgresql": [ - "15" - ], - "hash": "sha256-Vdi9qBjg14/SpZ1TuOvKS0gJjkLmviCzoBLnPOds0pw=", - "pgrx": "0.6.1", - "rust": "1.82.0" - }, - "1.2.0": { - "postgresql": [ - "15" - ], - "hash": "sha256-QnNwKasSvC7o5pHDC/NlqJPvWirKwMpwUmfsLJXDTsg=", - "pgrx": "0.7.1", - "rust": "1.82.0" - }, - "1.2.2": { - "postgresql": [ - "15" - ], - "hash": "sha256-SKbUDasdhz/L5UDyMH4gXmFfHHhGx81H90gfIclGwjU=", - "pgrx": "0.9.5", - "rust": "1.70.0" - }, - "1.2.3": { - "postgresql": [ - "15" - ], - "hash": "sha256-876bRLAUstBcCnhDvO+MllAC1VM//LLW1W6h028zr/8=", - "pgrx": "0.9.7", - "rust": "1.70.0" - }, - "1.4.1": { - "postgresql": [ - "15" - ], - "hash": "sha256-onyVIM5/l/cpYeAa7ya6h7bmRfqG1dPjc67oGGkgsOs=", - "pgrx": "0.10.2", - "rust": "1.70.0" - }, - "1.4.2": { - "postgresql": [ - "15" - ], - "hash": "sha256-/JweVmfcWqDtFeP3tBl/g6hlqAqbwPHpcHdX9HeqZuU=", - "pgrx": "0.10.2", - "rust": "1.70.0" - }, - "1.4.4": { - "postgresql": [ - "15" - ], - "hash": "sha256-Kxo4o8+hfSTOjvhYyGF2BpksWfW/AMCCH4qom4AGw18=", - "pgrx": "0.11.2", - "rust": "1.70.0" - }, - "1.5.0": { - "postgresql": [ - "15" - ], - "hash": "sha256-28ANRZyF22qF2YAxNAAkPfGOM3+xiO6IHdXsTp0CTQE=", - "pgrx": "0.11.2", - "rust": "1.85.1" - }, - "1.5.1": { - "postgresql": [ - "15" - ], - "hash": "sha256-cAiD2iSFmZwC+Zy0x+MABseWCxXRtRY74Dj0oBKet+o=", - "pgrx": "0.11.2", - "rust": "1.85.1" - }, - "1.5.1-mergeless": { - "postgresql": [ - "15" - ], - "hash": "sha256-X4YR2ishxWCQDMwxHKuGGjlpbpRrUBoHeeLfM/UIHWc=", - "pgrx": "0.11.2", - "rust": "1.85.1" - }, - "1.5.4": { - "postgresql": [ - "15" - ], - "hash": "sha256-419RVol44akUFZ/0B97VjAXCUrWcKFDAFuVjvJnbkP4=", - "pgrx": "0.11.3", - "rust": "1.85.1" - }, - "1.5.6": { - "postgresql": [ - "15" - ], - "hash": "sha256-v/40TR/1bplbQuD3Hv3gE7oh6cfn9fA6U5s+FTAwxtA=", - "pgrx": "0.11.3", - "rust": "1.85.1" - }, - "1.5.7": { - "postgresql": [ - "15" - ], - "hash": "sha256-Q6XfcTKVOjo5pGy8QACc4QCHolKxEGU8e0TTC6Zg8go=", - "pgrx": "0.11.3", - "rust": "1.85.1" - }, - "1.5.9": { - "postgresql": [ - "15", - "17" - ], - "hash": "sha256-YpLN43FtLhp2cb7cyM+4gEx8GTwsRiKTfxaMq0b8hk0=", - "pgrx": "0.12.6", - "rust": "1.81.0" - }, "1.5.11": { "postgresql": [ "15", @@ -572,94 +451,6 @@ } }, "wrappers": { - "0.3.0": { - "postgresql": [ - "15" - ], - "hash": "sha256-ogpF8NJ7kW3Ut8jaKMDiKYIXnI38nfRq2mMK4rqFAIA=", - "pgrx": "0.11.3", - "rust": "1.76.0" - }, - "0.4.1": { - "postgresql": [ - "15" - ], - "hash": "sha256-AU9Y43qEMcIBVBThu+Aor1HCtfFIg+CdkzK9IxVdkzM=", - "pgrx": "0.11.3", - "rust": "1.76.0" - }, - "0.4.2": { - "postgresql": [ - "15" - ], - "hash": "sha256-ut3IQED6ANXgabiHoEUdfSrwkuuYYSpRoeWdtBvSe64=", - "pgrx": "0.11.3", - "rust": "1.76.0" - }, - "0.4.3": { - "postgresql": [ - "15" - ], - "hash": "sha256-CkoNMoh40zbQL4V49ZNYgv3JjoNWjODtTpHn+L8DdZA=", - "pgrx": "0.12.6", - "rust": "1.80.0" - }, - "0.4.4": { - "postgresql": [ - "15", - "17" - ], - "hash": "sha256-QoGFJpq8PuvMM8SS+VZd7MlNl56uFivRjs1tCtwX+oE=", - "pgrx": "0.12.6", - "rust": "1.80.0" - }, - "0.4.5": { - "postgresql": [ - "15", - "17" - ], - "hash": "sha256-IgDfVFROMCHYLZ/Iqj12MsQjPPCdRoH+3oi3Ki/iaRI=", - "pgrx": "0.12.9", - "rust": "1.81.0" - }, - "0.4.6": { - "postgresql": [ - "15", - "17" - ], - "hash": "sha256-hthb3qEXT1Kf4yPoq0udEbQzlyLtI5tug6sK4YAPFjU=", - "pgrx": "0.12.9", - "rust": "1.84.0" - }, - "0.5.0": { - "postgresql": [ - "15", - "17" - ], - "hash": "sha256-FbRTUcpEHBa5DI6dutvBeahYM0RZVAXIzIAZWIaxvn0=", - "pgrx": "0.12.9", - "rust": "1.84.0" - }, - "0.5.3": { - "postgresql": [ - "15", - "17", - "orioledb-17" - ], - "hash": "sha256-iaJriPEa0iVLpmnuUk9R3HS545Jhz7aH1clYvHEuEvs=", - "pgrx": "0.14.3", - "rust": "1.87.0" - }, - "0.5.4": { - "postgresql": [ - "15", - "17", - "orioledb-17" - ], - "hash": "sha256-W1RokXH4Vfj2FIuEzGEP5SzzWsv2Pbzfa816nXKnSoc=", - "pgrx": "0.14.3", - "rust": "1.87.0" - }, "0.5.5": { "postgresql": [ "15", diff --git a/nix/postgresql/generic.nix b/nix/postgresql/generic.nix index 76904ced7..70bd986f2 100644 --- a/nix/postgresql/generic.nix +++ b/nix/postgresql/generic.nix @@ -241,6 +241,35 @@ let fi done fi + + # Create auth_trgm extension as a duplicate of pg_trgm + # auth_trgm uses the same shared library but has separate SQL files + echo "Creating auth_trgm extension files..." + + # Copy and rewrite all pg_trgm SQL files (base + upgrade paths) + for file in $out/share/postgresql/extension/pg_trgm*.sql; do + if [ -f "$file" ]; then + base=$(basename "$file") + newfile="$out/share/postgresql/extension/''${base//pg_trgm/auth_trgm}" + # Replace pg_trgm with auth_trgm in extension references + # but preserve the actual function names and module references + sed 's/-- complain if script is sourced in psql, rather than via CREATE EXTENSION/-- complain if script is sourced in psql, rather than via CREATE EXTENSION/; s/\\echo Use "CREATE EXTENSION pg_trgm"/\\echo Use "CREATE EXTENSION auth_trgm"/' "$file" > "$newfile" + fi + done + + # Create auth_trgm.control pointing to the same shared library as pg_trgm + if [ -f "$out/share/postgresql/extension/pg_trgm.control" ]; then + sed -e 's/# pg_trgm extension/# auth_trgm extension/' \ + -e 's/text similarity measurement and index searching based on trigrams/authentication text similarity measurement and index searching based on trigrams/' \ + -e 's/relocatable = true/relocatable = false/' \ + "$out/share/postgresql/extension/pg_trgm.control" > \ + "$out/share/postgresql/extension/auth_trgm.control" + + # Append schema = auth to the control file + echo "schema = auth" >> "$out/share/postgresql/extension/auth_trgm.control" + + echo "auth_trgm extension files created successfully" + fi '' + lib.optionalString jitSupport '' # Move the bitcode and libllvmjit.so library out of $lib; otherwise, every client that diff --git a/nix/tests/expected/z_15_ext_interface.out b/nix/tests/expected/z_15_ext_interface.out index f2b5672aa..f6998999f 100644 --- a/nix/tests/expected/z_15_ext_interface.out +++ b/nix/tests/expected/z_15_ext_interface.out @@ -29,11 +29,12 @@ order by name asc; name ----------------- + auth_trgm pg_cron pgjwt tsm_system_time wal2json -(4 rows) +(5 rows) /* diff --git a/nix/tests/expected/z_17_ext_interface.out b/nix/tests/expected/z_17_ext_interface.out index 57f68aa1c..43ab18c3f 100644 --- a/nix/tests/expected/z_17_ext_interface.out +++ b/nix/tests/expected/z_17_ext_interface.out @@ -22,12 +22,13 @@ order by name asc; name ------------------------ + auth_trgm pg_cron pgjwt postgis_tiger_geocoder tsm_system_time wal2json -(5 rows) +(6 rows) /* diff --git a/nix/tests/expected/z_orioledb-17_ext_interface.out b/nix/tests/expected/z_orioledb-17_ext_interface.out index 57f68aa1c..43ab18c3f 100644 --- a/nix/tests/expected/z_orioledb-17_ext_interface.out +++ b/nix/tests/expected/z_orioledb-17_ext_interface.out @@ -22,12 +22,13 @@ order by name asc; name ------------------------ + auth_trgm pg_cron pgjwt postgis_tiger_geocoder tsm_system_time wal2json -(5 rows) +(6 rows) /*