launchpad-reviewers team mailing list archive

Thread
Date

[Merge] ~lgp171188/launchpad:fix-error-breaking-db-patch-application into launchpad:db-devel

To: mp+484321@xxxxxxxxxxxxxxxxxx
From: Guruprasad <mp+484321@xxxxxxxxxxxxxxxxxx>
Date: Fri, 11 Apr 2025 15:36:31 -0000
Reply-to: mp+484321@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Guruprasad has proposed merging ~lgp171188/launchpad:fix-error-breaking-db-patch-application into launchpad:db-devel.

Commit message:
Fix the broken security.py reset_permissions() function

This fixes an issue breaking the DB patch deployment process.



Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~lgp171188/launchpad/+git/launchpad/+merge/484321
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of ~lgp171188/launchpad:fix-error-breaking-db-patch-application into launchpad:db-devel.

diff --git a/database/schema/patch-2211-34-0.sql b/database/schema/patch-2211-34-0.sql
deleted file mode 100644
index e28046b..0000000
--- a/database/schema/patch-2211-34-0.sql
+++ /dev/null
@@ -1,9 +0,0 @@
--- Copyright 2025 Canonical Ltd.  This software is licensed under the
--- GNU Affero General Public License version 3 (see the file LICENSE).
-
-SET client_min_messages=ERROR;
-
-ALTER TABLE vulnerability ADD COLUMN cvss jsonb;
-COMMENT ON COLUMN vulnerability.cvss IS 'Product-level CVSS score';
-
-INSERT INTO LaunchpadDatabaseRevision VALUES (2211, 34, 0);
diff --git a/database/schema/security.py b/database/schema/security.py
index 7049552..56e0bca 100755
--- a/database/schema/security.py
+++ b/database/schema/security.py
@@ -653,8 +653,14 @@ def reset_permissions(con, config, options):
     # in favour of requiring the users to do this manually as needed.
     # We conditionally enable it here as various Launchpad roles
     # need it to be able to run the Launchpad test suite without any errors.
+    # Also, we need to check for the existence of the
+    # `grant_create_on_public_schema`  attribute on the parsed options
+    # variable because the `full-update.py` script directly passes the
+    # options for this function without using the OptionParser instance
+    # and the options defined in it in this script.
     if (
-        options.grant_create_on_public_schema
+        hasattr(options, "grant_create_on_public_schema")
+        and options.grant_create_on_public_schema
         and con.server_version // 10000 >= 15
     ):
         log.debug("Granting CREATE on schema 'public' on PostgreSQL 15+.")