Skip to content

Add database initialization with custom user and database#31

Merged
adityathebe merged 2 commits intomainfrom
feat/init-super-user-and-db
Nov 7, 2025
Merged

Add database initialization with custom user and database#31
adityathebe merged 2 commits intomainfrom
feat/init-super-user-and-db

Conversation

@adityathebe
Copy link
Member

@adityathebe adityathebe commented Nov 7, 2025

Summary

Supports POSTGRES_USER, POSTGRES_PASSWORD, and POSTGRES_DB environment variables during database initialization.

@adityathebe
Add database initialization with custom user and credentials
830dab6 
Supports POSTGRES_USER, POSTGRES_PASSWORD, and POSTGRES_DB environment variables during initdb.
@adityathebe adityathebe force-pushed the feat/init-super-user-and-db branch 2 times, most recently from b3d88e1 to db33aa5 Compare November 7, 2025 06:16
@adityathebe adityathebe force-pushed the feat/init-super-user-and-db branch from db33aa5 to a32706e Compare November 7, 2025 06:18
@adityathebe adityathebe changed the title Add database initialization with custom user and credentials Add database initialization with custom user and database Nov 7, 2025
@adityathebe adityathebe requested review from Copilot and moshloop and removed request for Copilot November 7, 2025 06:21
Copilot AI reviewed Nov 7, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds support for PostgreSQL environment variable configuration (POSTGRES_USER, POSTGRES_DB, POSTGRES_PASSWORD) in the Docker entrypoint script and introduces comprehensive integration tests to verify the functionality. The key change modifies the default behavior of the auto-reset-password flag to be more secure by default.

  • Adds environment variable support for custom PostgreSQL user, database, and password during initialization
  • Changes the default value of auto-reset-password flag from true to false for improved security
  • Implements comprehensive integration tests to validate custom database and user creation

Reviewed Changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

File Description
docker-entrypoint.sh Adds logic to set defaults for POSTGRES_USER and POSTGRES_DB, handles custom user/password initialization, and creates custom databases if specified
docker-compose.yaml Adds new Docker Compose configuration for testing with custom environment variables
cmd/main.go Changes default value of auto-reset-password flag from true to false
.github/workflows/test.yml Adds new test-env-variables job with comprehensive tests for custom database, user, and authentication verification

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

docker-entrypoint.sh
$PGBIN/pg_ctl start -D $PGDATA --wait

# Create custom database if specified and different from default
if [ "$POSTGRES_DB" != "postgres" ]; then
Copy link

Copilot AI Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The condition checks if POSTGRES_DB is different from 'postgres', but according to line 37, POSTGRES_DB defaults to $POSTGRES_USER. If a custom user is specified without a custom database, this will incorrectly skip database creation when POSTGRES_USER equals 'postgres'. The condition should check if POSTGRES_DB is different from the default database for the user, which would be created automatically by initdb.

Suggested change
if [ "$POSTGRES_DB" != "postgres" ]; then
if [ "$POSTGRES_DB" != "$POSTGRES_USER" ]; then

Copilot uses AI. Check for mistakes.
docker-entrypoint.sh
Comment on lines +56 to +61
if [ "$POSTGRES_DB" != "postgres" ]; then
echo "Creating database: $POSTGRES_DB"
$PGBIN/psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname postgres <<-EOSQL
CREATE DATABASE "$POSTGRES_DB" OWNER "$POSTGRES_USER";
EOSQL
fi
Copy link

Copilot AI Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When initdb is run with -U flag, it creates a database with the same name as the specified user. This means if POSTGRES_USER=flanksource and POSTGRES_DB=flanksource, the database already exists and the CREATE DATABASE statement will fail. The condition should check if the database name differs from both 'postgres' AND the username to avoid attempting to create a database that already exists.

Copilot uses AI. Check for mistakes.
docker-entrypoint.sh
if [ "$POSTGRES_DB" != "postgres" ]; then
echo "Creating database: $POSTGRES_DB"
$PGBIN/psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname postgres <<-EOSQL
CREATE DATABASE "$POSTGRES_DB" OWNER "$POSTGRES_USER";
Copy link

Copilot AI Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The SQL statement uses double quotes around the database name variable, which will fail if POSTGRES_DB contains double quotes. Consider using identifier quoting or escaping to prevent SQL injection and syntax errors. PostgreSQL's CREATE DATABASE should quote the identifier properly, such as using CREATE DATABASE ${POSTGRES_DB@Q} or validating the database name format.

Copilot uses AI. Check for mistakes.
@adityathebe adityathebe merged commit 497383c into main Nov 7, 2025
18 checks passed
@adityathebe adityathebe mentioned this pull request Nov 10, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@moshloop moshloop Awaiting requested review from moshloop

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@adityathebe

Comments