feat(pgsql): extend Grant kind specification with schema, tables, columns, sequences, routines, foreign data wrappers, foreign servers

[fernandezcuesta]

Description of your changes

This is a follow up of #235 with some minor issues found while merging from master.

I have:

• Read and followed Crossplane's contribution process.
• Run make reviewable to ensure this PR is ready for review.

How has this code been tested

Added tests

[baburciu]

hey @fernandezcuesta, I think another issue stemming from the rebase and Crossplane v2 adjustment may be the fact that cluster variant of Grant reconciler is able to use the Database.spec.forProvider.database and only default to ProviderConfig.spec.defaultDatabase if not specified, here, but the namespaced variant is not, as it directly uses ProviderConfig's DefaultDatabase here.
For me I could only get

 apiVersion: postgresql.sql.crossplane.io/v1alpha1
  kind: Grant
  metadata:
    name: demo-application-staging-user-1
  spec:
    deletionPolicy: Delete
    forProvider:
      database: demo-application-staging-dedicated
      databaseRef:
        name: demo-application-staging-dedicated
      privileges:
        - SELECT
      role: demo-application-staging-user
      roleRef:
        name: demo-application-staging-user
      schema: public
      tables:
        - deployments
    managementPolicies:
      - '*'
    providerConfigRef:
      name: demo-application-staging-user-db-connection

to apply after adding the same behaviour to namespaced reconciler (this PR with these 2 commits)

demo-application-staging-dedicated=> SELECT table_schema, table_name, privilege_type
  FROM information_schema.table_privileges
  WHERE grantee = 'demo-application-staging-user';
 table_schema | table_name  | privilege_type
--------------+-------------+----------------
 public       | deployments | SELECT
(1 row)

demo-application-staging-dedicated=>

[fernandezcuesta]

hey @fernandezcuesta, I think another issue stemming from the rebase and Crossplane v2 adjustment may be the fact that cluster variant of Grant reconciler is able to use the Database.spec.forProvider.database and only default to ProviderConfig.spec.defaultDatabase if not specified, here, but the namespaced variant is not, as it directly uses ProviderConfig's DefaultDatabase here. For me I could only get

 apiVersion: postgresql.sql.crossplane.io/v1alpha1
  kind: Grant
  metadata:
    name: demo-application-staging-user-1
  spec:
    deletionPolicy: Delete
    forProvider:
      database: demo-application-staging-dedicated
      databaseRef:
        name: demo-application-staging-dedicated
      privileges:
        - SELECT
      role: demo-application-staging-user
      roleRef:
        name: demo-application-staging-user
      schema: public
      tables:
        - deployments
    managementPolicies:
      - '*'
    providerConfigRef:
      name: demo-application-staging-user-db-connection

to apply after adding the same behaviour to namespaced reconciler (this PR with these 2 commits)

demo-application-staging-dedicated=> SELECT table_schema, table_name, privilege_type
  FROM information_schema.table_privileges
  WHERE grantee = 'demo-application-staging-user';
 table_schema | table_name  | privilege_type
--------------+-------------+----------------
 public       | deployments | SELECT
(1 row)

demo-application-staging-dedicated=>

Thanks! added

[fernandezcuesta]

@dawidmalina ghcr.io/crossplane-contrib/provider-sql:v0.15.0-rc.1

[dawidmalina]

@fernandezcuesta - no issues after switching to this version. Working as expected :) thank you

[dawidmalina]

@fernandezcuesta - Just a reminder :) Is there any news on this matter?

[fernandezcuesta]

We need an approval from a maintainer :(

[matthewgreenwaldagility]

@fernandezcuesta Do you have some spare time to review this PR? 🙏

[fernandezcuesta]

Even if I could, that would look awkward 😄

[dawidmalina]

Pinging @chlunde, @Duologic, and other maintainers for a 👍 on this.

[matthewgreenwaldagility]

Even if I could, that would look awkward 😄

Whoops your handle and name didn't match and I wasn't being careful enough. My mistake.

[chlunde]

Not super excited about calling GetServerVersion with sql.Open every reconcile, but I don't have a good alternative now either :)

[chlunde]

Just a few nits - and a conflict (sorry about that, I should have reviewed this one first). LGTM soon!

[fernandezcuesta]

Not super excited about calling GetServerVersion with sql.Open every reconcile, but I don't have a good alternative now either :)

OK "addressed" that by calling it once per Connect rather than once per Create/Observe, mainly the same though but easier to tackle in the future

[baburciu]

thank you for this great work! Do you guys think we could issue a new tag to include this PR? :) I know v0.15.0 was just released