Change db-load-guc-config to db-config

Make clear that in-db config is being read

main/Main.hs

@@ -94,7 +94,7 @@ main = do
  poolSize = configDbPoolSize conf
  poolTimeout = configDbPoolTimeout' conf
  logLevel = configLogLevel conf
- gucConfigEnabled = configDbLoadGucConfig conf
+ dbConfigEnabled = configDbConfig conf
 
  -- create connection pool with the provided settings, returns either a 'Connection' or a 'ConnectionError'. Does not throw.
  pool <- P.acquire (poolSize, poolTimeout, dbUri)
@@ -113,11 +113,11 @@ main = do
 
  let
  -- re-reads config file + db config
- dbConfigReReader startingUp = when gucConfigEnabled $
- reReadConfig startingUp pool gucConfigEnabled env cliPath refConf dbUriFile secretFile
+ dbConfigReReader startingUp = when dbConfigEnabled $
+ reReadConfig startingUp pool dbConfigEnabled env cliPath refConf dbUriFile secretFile
  -- re-reads jwt-secret external file + config file + db config
  fullConfigReReader =
- reReadConfig False pool gucConfigEnabled env cliPath refConf
+ reReadConfig False pool dbConfigEnabled env cliPath refConf
  dbUriFile =<< -- db-uri external file could be re-read, but it doesn't make sense as db-uri is not reloadable
  readSecretFile (configJwtSecret pathEnvConf)
 
@@ -352,18 +352,18 @@ listener dbUri dbChannel pool refConf refDbStructure mvarConnectionStatus connWo
 
 -- | Re-reads the config plus config options from the db
 reReadConfig :: Bool -> P.Pool -> Bool -> Environment -> Maybe FilePath -> IORef AppConfig -> Maybe Text -> Maybe BS.ByteString -> IO ()
-reReadConfig startingUp pool gucConfigEnabled env path refConf dbUriFile secretFile = do
- dbSettings <- if gucConfigEnabled then loadDbSettings else pure []
+reReadConfig startingUp pool dbConfigEnabled env path refConf dbUriFile secretFile = do
+ dbSettings <- if dbConfigEnabled then loadDbSettings else pure []
  readAppConfig dbSettings env path dbUriFile secretFile >>= \case
  Left err ->
  if startingUp
  then panic err -- die on invalid config if the program is starting up
- else hPutStrLn stderr $ "Failed config load. " <> err
+ else hPutStrLn stderr $ "Failed loading in-database config. " <> err
  Right conf -> do
  atomicWriteIORef refConf conf
  if startingUp
  then pass
- else putStrLn ("Config loaded" :: Text)
+ else putStrLn ("In-database config loaded" :: Text)
  where
  loadDbSettings :: IO [(Text, Text)]
  loadDbSettings = do

src/PostgREST/Config.hs

@@ -105,7 +105,7 @@ data AppConfig = AppConfig {
  , configDbPreparedStatements :: Bool
  , configDbRootSpec :: Maybe Text
  , configDbSchemas :: NonEmpty Text
- , configDbLoadGucConfig :: Bool
+ , configDbConfig  :: Bool
  , configDbTxAllowOverride :: Bool
  , configDbTxRollbackAll :: Bool
  , configDbUri :: Text
@@ -220,8 +220,8 @@ readCLIShowHelp env = customExecParser parserPrefs opts
  |## Enable or disable the notification channel
  |db-channel-enabled = false
  |
- |## Enable loading config parameters from the database by changing the connection role settings
- |db-load-guc-config = true
+ |## Enable in-database configuration
+ |db-config = true
  |
  |## how to terminate database transactions
  |## possible values are:
@@ -288,7 +288,7 @@ dumpAppConfig conf =
  ,("db-prepared-statements", toLower . show . configDbPreparedStatements)
  ,("db-root-spec", q . fromMaybe mempty . configDbRootSpec)
  ,("db-schemas", q . intercalate "," . toList . configDbSchemas)
- ,("db-load-guc-config", q . toLower . show . configDbLoadGucConfig)
+ ,("db-config",  q . toLower . show . configDbConfig)
  ,("db-tx-end", q . showTxEnd)
  ,("db-uri", q . configDbUri)
  ,("jwt-aud", toS . encode . maybe "" toJSON . configJwtAudience)
@@ -369,7 +369,7 @@ readAppConfig dbSettings env optPath dbUriFile secretFile = do
  <*> (fromList . splitOnCommas <$> reqWithAlias (optValue "db-schemas")
  (optValue "db-schema")
  "missing key: either db-schemas or db-schema must be set")
- <*> (fromMaybe True <$> optBool "db-load-guc-config")
+ <*> (fromMaybe True <$> optBool "db-config")
  <*> parseTxEnd "db-tx-end" snd
  <*> parseTxEnd "db-tx-end" fst
  <*> parseDbUri "db-uri"
@@ -512,7 +512,7 @@ readAppConfig dbSettings env optPath dbUriFile secretFile = do
  let dbSettingName = pack $ dashToUnderscore <$> toS key in
  if dbSettingName `notElem` [
  "server_host", "server_port", "server_unix_socket", "server_unix_socket_mode", "log_level",
- "db_anon_role", "db_uri", "db_channel_enabled", "db_channel", "db_pool", "db_pool_timeout", "db_load_guc_config"]
+ "db_anon_role", "db_uri", "db_channel_enabled", "db_channel", "db_pool", "db_pool_timeout", "db_config"]
  then lookup dbSettingName dbSettings
  else Nothing
 

test/SpecHelper.hs

@@ -77,7 +77,7 @@ _baseCfg = let secret = Just $ encodeUtf8 "reallyreallyreallyreallyverysafe" in
  , configDbPreparedStatements = True
  , configDbRootSpec = Nothing
  , configDbSchemas = fromList ["test"]
- , configDbLoadGucConfig = False
+ , configDbConfig  = False
  , configDbUri = mempty
  , configJWKS = parseSecret <$> secret
  , configJwtAudience = Nothing

test/fixtures/roles.sql

@@ -42,7 +42,7 @@ ALTER ROLE postgrest_test_authenticator SET pgrst.db_channel_enabled = 'ignored'
 ALTER ROLE postgrest_test_authenticator SET pgrst.db_channel = 'ignored';
 ALTER ROLE postgrest_test_authenticator SET pgrst.db_pool = 'ignored';
 ALTER ROLE postgrest_test_authenticator SET pgrst.db_pool_timeout = 'ignored';
-ALTER ROLE postgrest_test_authenticator SET pgrst.db_load_guc_config = 'ignored';
+ALTER ROLE postgrest_test_authenticator SET pgrst.db_config = 'ignored';
 
 -- other authenticator reloadable config options for io tests
 CREATE ROLE other_authenticator LOGIN NOINHERIT;

test/io-tests/configs/aliases.config

@@ -7,4 +7,4 @@ pre-request = "check_alias"
 role-claim-key = ".aliased"
 root-spec = "open_alias"
 secret-is-base64 = true
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/app-settings.config

@@ -2,4 +2,4 @@ db-pool = 1
 db-pool-timeout = 1
 
 app.settings.external_api_secret = "0123456789abcdef"
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/base64-secret-from-file.config

@@ -3,4 +3,4 @@ db-pool = 1
 # Read secret from a file: /dev/stdin (alias for standard input)
 jwt-secret = "@/dev/stdin"
 jwt-secret-is-base64 = true
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/boolean-numeric.config

@@ -5,4 +5,4 @@ db-anon-role = "required"
 db-channel-enabled = "1"
 db-prepared-statements = "0"
 jwt-secret-is-base64 = "2"
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/boolean-string.config

@@ -5,4 +5,4 @@ db-anon-role = "required"
 db-channel-enabled = "true"
 db-prepared-statements = "FALSE"
 jwt-secret-is-base64 = "\"true\""
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/dburi-from-file.config

@@ -1,4 +1,4 @@
 db-uri = "@/dev/stdin"
 db-pool = 1
 jwt-secret = "reallyreallyreallyreallyverysafe"
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/defaults.config

@@ -2,4 +2,4 @@ db-uri = "required"
 db-schemas = "required"
 db-anon-role = "required"
 # Not the default, but only works with proper db-uri
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/expected/aliases.config

@@ -9,7 +9,7 @@ db-pre-request = "check_alias"
 db-prepared-statements = true
 db-root-spec = "open_alias"
 db-schemas = "provided_through_alias"
-db-load-guc-config = "false"
+db-config = "false"
 db-tx-end = "commit"
 db-uri = "required"
 jwt-aud = ""

test/io-tests/configs/expected/boolean-numeric.config

@@ -9,7 +9,7 @@ db-pre-request = ""
 db-prepared-statements = false
 db-root-spec = ""
 db-schemas = "required"
-db-load-guc-config = "false"
+db-config = "false"
 db-tx-end = "commit"
 db-uri = "required"
 jwt-aud = ""

test/io-tests/configs/expected/boolean-string.config

@@ -9,7 +9,7 @@ db-pre-request = ""
 db-prepared-statements = false
 db-root-spec = ""
 db-schemas = "required"
-db-load-guc-config = "false"
+db-config = "false"
 db-tx-end = "commit"
 db-uri = "required"
 jwt-aud = ""

test/io-tests/configs/expected/defaults.config

@@ -9,7 +9,7 @@ db-pre-request = ""
 db-prepared-statements = true
 db-root-spec = ""
 db-schemas = "required"
-db-load-guc-config = "false"
+db-config = "false"
 db-tx-end = "commit"
 db-uri = "required"
 jwt-aud = ""

test/io-tests/configs/expected/no-defaults-with-db-other-authenticator.config

@@ -9,7 +9,7 @@ db-pre-request = "test.other_custom_headers"
 db-prepared-statements = false
 db-root-spec = "other_root"
 db-schemas = "test,other_tenant1,other_tenant2"
-db-load-guc-config = "true"
+db-config = "true"
 db-tx-end = "rollback-allow-override"
 db-uri = "<REPLACED_WITH_DB_URI>"
 jwt-aud = "https://otherexample.org"

test/io-tests/configs/expected/no-defaults-with-db.config

@@ -9,7 +9,7 @@ db-pre-request = "test.custom_headers"
 db-prepared-statements = false
 db-root-spec = "root"
 db-schemas = "test,tenant1,tenant2"
-db-load-guc-config = "true"
+db-config = "true"
 db-tx-end = "commit-allow-override"
 db-uri = "<REPLACED_WITH_DB_URI>"
 jwt-aud = "https://example.org"

test/io-tests/configs/expected/no-defaults.config

@@ -9,7 +9,7 @@ db-pre-request = "please_run_fast"
 db-prepared-statements = false
 db-root-spec = "openapi_v3"
 db-schemas = "multi,tenant,setup"
-db-load-guc-config = "false"
+db-config = "false"
 db-tx-end = "rollback-allow-override"
 db-uri = "tmp_db"
 jwt-aud = "https://postgrest.org"

test/io-tests/configs/expected/types.config

@@ -9,7 +9,7 @@ db-pre-request = ""
 db-prepared-statements = true
 db-root-spec = ""
 db-schemas = "required"
-db-load-guc-config = "true"
+db-config = "true"
 db-tx-end = "commit"
 db-uri = "required"
 jwt-aud = ""

test/io-tests/configs/no-defaults-env.yaml

@@ -11,7 +11,7 @@ PGRST_DB_PREPARED_STATEMENTS: false
 PGRST_DB_PRE_REQUEST: please_run_fast
 PGRST_DB_ROOT_SPEC: openapi_v3
 PGRST_DB_SCHEMAS: multi, tenant,setup
-PGRST_DB_LOAD_GUC_CONFIG: false
+PGRST_DB_CONFIG: false
 PGRST_DB_TX_END: rollback-allow-override
 PGRST_DB_URI: tmp_db
 PGRST_JWT_AUD: 'https://postgrest.org'

test/io-tests/configs/no-defaults.config

@@ -9,7 +9,7 @@ db-pre-request = "please_run_fast"
 db-prepared-statements = false
 db-root-spec = "openapi_v3"
 db-schemas = "multi, tenant,setup"
-db-load-guc-config = "false"
+db-config = "false"
 db-tx-end = "rollback-allow-override"
 db-uri = "tmp_db"
 jwt-aud = "https://postgrest.org"

test/io-tests/configs/role-claim-key.config

@@ -1,4 +1,4 @@
 db-pool = 1
 jwt-role-claim-key = "$(ROLE_CLAIM_KEY)"
 jwt-secret = "reallyreallyreallyreallyverysafe"
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/secret-from-file.config

@@ -3,4 +3,4 @@ db-pool = 1
 # Read secret from a file: /dev/stdin (alias for standard input)
 jwt-secret = "@/dev/stdin"
 jwt-secret-is-base64 = false
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/sigusr2-settings-external-secret.config

@@ -2,4 +2,4 @@ db-pool = 1
 
 jwt-secret = "$(JWT_SECRET_FILE)"
 jwt-secret-is-base64 = false
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/sigusr2-settings.config

@@ -3,4 +3,4 @@ db-pool = 1
 
 app.settings.name_var = "John"
 jwt-secret = "invalidinvalidinvalidinvalidinvalid"
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/simple.config

@@ -1,3 +1,3 @@
 db-pool = 1
 jwt-secret = "reallyreallyreallyreallyverysafe"
-db-load-guc-config = false
+db-config = false

test/io-tests/configs/unix-socket.config

@@ -1,4 +1,4 @@
 db-pool = 1
 server-unix-socket = "$(POSTGREST_TEST_SOCKET)"
 jwt-secret = "reallyreallyreallyreallyverysafe"
-db-load-guc-config = false
+db-config = false

test/io-tests/test_io.py

@@ -87,7 +87,7 @@ def defaultenv():
  "PGRST_DB_URI": os.environ["PGRST_DB_URI"],
  "PGRST_DB_SCHEMAS": os.environ["PGRST_DB_SCHEMAS"],
  "PGRST_DB_ANON_ROLE": os.environ["PGRST_DB_ANON_ROLE"],
- "PGRST_DB_LOAD_GUC_CONFIG": "false",
+ "PGRST_DB_CONFIG": "false",
  "PGRST_LOG_LEVEL": "info",
  }
 
@@ -288,7 +288,7 @@ def test_expected_config_from_db_settings(defaultenv, role, expectedconfig):
  env = {
  **defaultenv,
  "PGRST_DB_URI": db_uri,
- "PGRST_DB_LOAD_GUC_CONFIG": "true",
+ "PGRST_DB_CONFIG": "true",
  }
  expected = (
  (CONFIGSDIR / "expected" / expectedconfig)
@@ -307,7 +307,7 @@ def test_read_db_setting(defaultenv):
  """
  env = {
  **defaultenv,
- "PGRST_DB_LOAD_GUC_CONFIG": "true",
+ "PGRST_DB_CONFIG": "true",
  }
  with run(env=env) as postgrest:
  uri = "/rpc/get_guc_value?name=pgrst.jwt_secret"
@@ -592,7 +592,7 @@ def test_db_schema_notify_reload(defaultenv):
 
  env = {
  **defaultenv,
- "PGRST_DB_LOAD_GUC_CONFIG": "true",
+ "PGRST_DB_CONFIG": "true",
  "PGRST_DB_CHANNEL_ENABLED": "true",
  "PGRST_DB_SCHEMAS": "test",
  }
@@ -621,7 +621,7 @@ def test_max_rows_reload(defaultenv):
 
  env = {
  **defaultenv,
- "PGRST_DB_LOAD_GUC_CONFIG": "true",
+ "PGRST_DB_CONFIG": "true",
  }
 
  with run(config, env=env) as postgrest:
@@ -649,7 +649,7 @@ def test_max_rows_notify_reload(defaultenv):
 
  env = {
  **defaultenv,
- "PGRST_DB_LOAD_GUC_CONFIG": "true",
+ "PGRST_DB_CONFIG": "true",
  "PGRST_DB_CHANNEL_ENABLED": "true",
  }
 
@@ -677,7 +677,7 @@ def test_invalid_role_claim_key_notify_reload(defaultenv):
 
  env = {
  **defaultenv,
- "PGRST_DB_LOAD_GUC_CONFIG": "true",
+ "PGRST_DB_CONFIG": "true",
  "PGRST_DB_CHANNEL_ENABLED": "true",
  }
 

test/memory-tests.sh

@@ -12,7 +12,7 @@ export PGRST_DB_POOL="1"
 export PGRST_SERVER_HOST="127.0.0.1"
 export PGRST_SERVER_PORT="$pgrPort"
 export PGRST_JWT_SECRET="reallyreallyreallyreallyverysafe"
-export PGRST_DB_LOAD_GUC_CONFIG="false"
+export PGRST_DB_CONFIG="false"
 
 trap "kill 0" int term exit