35 lines
1.1 KiB
Bash
35 lines
1.1 KiB
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
export PGHOST="$PGHOST"
|
|
export PGPORT="$PGPORT"
|
|
export PGUSER="$PGUSER"
|
|
export PGPASSWORD="$PGPASSWORD"
|
|
export PGDATABASE="$PGDATABASE"
|
|
|
|
# Explanation of pg_dumpall flags:
|
|
#
|
|
# --roles-only only include create, alter, and grant role statements
|
|
#
|
|
# Explanation of sed substitutions:
|
|
#
|
|
# - do not create or alter reserved roles as they are blocked by supautils
|
|
# - explicitly allow altering safe attributes, ie. statement_timeout, pgrst.*
|
|
# - discard role attributes that require superuser, ie. nosuperuser, noreplication
|
|
# - do not alter membership grants by supabase_admin role
|
|
pg_dumpall \
|
|
--roles-only \
|
|
--quote-all-identifier \
|
|
--no-role-passwords \
|
|
--no-comments \
|
|
| sed -E "s/^CREATE ROLE \"($RESERVED_ROLES)\"/-- &/" \
|
|
| sed -E "s/^ALTER ROLE \"($RESERVED_ROLES)\"/-- &/" \
|
|
| sed -E "s/ (NOSUPERUSER|NOREPLICATION)//g" \
|
|
| sed -E "s/^-- (.* SET \"($ALLOWED_CONFIGS)\" .*)/\1/" \
|
|
| sed -E "s/GRANT \".*\" TO \"($RESERVED_ROLES)\"/-- &/" \
|
|
| sed -E "${EXTRA_SED:-}" \
|
|
| uniq
|
|
|
|
# Reset session config generated by pg_dump
|
|
echo "RESET ALL;"
|