@YuryHrytsuk review: rm mount on postgres db

Author: pcrespov

.gitignore

@@ -181,3 +181,6 @@ tests/public-api/osparc_python_wheels/*
 
 # osparc-config repo files
 repo.config
+
+# scripts resolved with .env s
+services/postgres/scripts/create-readonly-user.sql

services/docker-compose.yml

@@ -1134,8 +1134,6 @@ services:
       POSTGRES_DB: ${POSTGRES_DB}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
       POSTGRES_USER: ${POSTGRES_USER}
-      POSTGRES_READONLY_PASSWORD: ${POSTGRES_READONLY_PASSWORD}
-      POSTGRES_READONLY_USER: ${POSTGRES_READONLY_USER}
     volumes:
       - postgres_data:/var/lib/postgresql/data
       - type: tmpfs

services/postgres/scripts/docker-entrypoint-initdb.d/create-readonly-user.sql.template renamed to services/postgres/scripts/create-readonly-user.sql.template

@@ -1,10 +1,22 @@
 -- SQL script to create a read-only user and grant privileges
+
+
+--Create the read-only user with a password
 CREATE USER ${POSTGRES_READONLY_USER} WITH PASSWORD '${POSTGRES_READONLY_PASSWORD}';
 
+--Grant CONNECT privilege to the database (e.g., 'foo' is the database name)
 GRANT CONNECT ON DATABASE ${POSTGRES_DB} TO ${POSTGRES_READONLY_USER};
+
+--Grant USAGE privilege on the **public** schema
 GRANT USAGE ON SCHEMA public TO ${POSTGRES_READONLY_USER};
+
+--Grant SELECT privilege on all existing tables and sequencies in the **public** schema
 GRANT SELECT ON ALL TABLES IN SCHEMA public TO ${POSTGRES_READONLY_USER};
 GRANT SELECT ON ALL SEQUENCES IN SCHEMA public TO ${POSTGRES_READONLY_USER};
 
+--Ensure that future tables created in the public schema and sequencies will have SELECT privilege for the read-only user
 ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO ${POSTGRES_READONLY_USER};
 ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON SEQUENCES TO ${POSTGRES_READONLY_USER};
+
+-- Listing all users
+SELECT * FROM pg_roles;