diff options
-rw-r--r-- | .drone.yml | 42 | ||||
-rw-r--r-- | lib/private/Setup/PostgreSQL.php | 11 |
2 files changed, 50 insertions, 3 deletions
diff --git a/.drone.yml b/.drone.yml index 79cd295210e..a782e84b169 100644 --- a/.drone.yml +++ b/.drone.yml @@ -455,7 +455,7 @@ services: image: ghcr.io/nextcloud/continuous-integration-postgres-10:postgres-10 environment: POSTGRES_USER: oc_autotest - POSTGRES_DB: oc_autotest_dummy + POSTGRES_DB: oc_autotest POSTGRES_PASSWORD: owncloud tmpfs: - /var/lib/postgresql/data @@ -491,7 +491,7 @@ services: image: ghcr.io/nextcloud/continuous-integration-postgres-11:postgres-11 environment: POSTGRES_USER: oc_autotest - POSTGRES_DB: oc_autotest_dummy + POSTGRES_DB: oc_autotest POSTGRES_PASSWORD: owncloud tmpfs: - /var/lib/postgresql/data @@ -527,7 +527,43 @@ services: image: ghcr.io/nextcloud/continuous-integration-postgres-13:postgres-13 environment: POSTGRES_USER: oc_autotest - POSTGRES_DB: oc_autotest_dummy + POSTGRES_DB: oc_autotest + POSTGRES_PASSWORD: owncloud + tmpfs: + - /var/lib/postgresql/data + +trigger: + branch: + - master + - stable* + event: + - pull_request + - push + +--- +kind: pipeline +name: postgres15-php8.0 + +steps: +- name: submodules + image: ghcr.io/nextcloud/continuous-integration-alpine-git:latest + commands: + - git submodule update --init +- name: postgres-php8.0 + image: ghcr.io/nextcloud/continuous-integration-php8.0:latest + commands: + - bash tests/drone-run-php-tests.sh || exit 0 + - sleep 10 # gives the database enough time to initialize + - POSTGRES=15 NOCOVERAGE=true TEST_SELECTION=DB ./autotest.sh pgsql + +services: +- name: cache + image: ghcr.io/nextcloud/continuous-integration-redis:latest +- name: postgres-15 + image: ghcr.io/nextcloud/continuous-integration-postgres-15:latest + environment: + POSTGRES_USER: oc_autotest + POSTGRES_DB: oc_autotest POSTGRES_PASSWORD: owncloud tmpfs: - /var/lib/postgresql/data diff --git a/lib/private/Setup/PostgreSQL.php b/lib/private/Setup/PostgreSQL.php index bc24909dc3d..af816c7ad04 100644 --- a/lib/private/Setup/PostgreSQL.php +++ b/lib/private/Setup/PostgreSQL.php @@ -62,6 +62,7 @@ class PostgreSQL extends AbstractDatabase { } if ($canCreateRoles) { + $connectionMainDatabase = $this->connect(); //use the admin login data for the new database user //add prefix to the postgresql user name to prevent collisions @@ -70,6 +71,16 @@ class PostgreSQL extends AbstractDatabase { $this->dbPassword = \OC::$server->getSecureRandom()->generate(30, ISecureRandom::CHAR_ALPHANUMERIC); $this->createDBUser($connection); + + // Go to the main database and grant create on the public schema + // The code below is implemented to make installing possible with PostgreSQL version 15: + // https://www.postgresql.org/docs/release/15.0/ + // From the release notes: For new databases having no need to defend against insider threats, granting CREATE permission will yield the behavior of prior releases + // Therefore we assume that the database is only used by one user/service which is Nextcloud + // Additional services should get installed in a separate database in order to stay secure + // Also see https://www.postgresql.org/docs/15/ddl-schemas.html#DDL-SCHEMAS-PATTERNS + $connectionMainDatabase->executeQuery('GRANT CREATE ON SCHEMA public TO ' . addslashes($this->dbUser)); + $connectionMainDatabase->close(); } $this->config->setValues([ |