tmp

Author: soedirgo

ansible/files/admin_api_scripts/pg_upgrade_scripts/complete.sh

@@ -152,43 +152,44 @@ EOF
         run_sql -c "update pg_extension set extowner = 'postgres'::regrole where extname = 'pgmq';"
     fi
 
-#     # If upgrading to pgsodium-less Vault, Wrappers need to be updated so that
-#     # foreign servers use `vault.secrets.id` instead of `vault.secrets.key_id`
-#     UPDATE_WRAPPERS_SERVER_OPTIONS_QUERY=$(cat <<EOF
-#   DO \$\$
-#   DECLARE
-#     server_rec RECORD;
-#     option_rec RECORD;
-#     vault_secrets RECORD;
-#   BEGIN
-#     IF EXISTS (SELECT FROM pg_available_extension_versions WHERE name = 'wrappers' AND version = '0.4.6')
-#       AND EXISTS (SELECT FROM pg_extension WHERE extname = 'wrappers')
-#     THEN
-#       FOR server_rec IN
-#         SELECT srvname, srvoptions
-#         FROM pg_foreign_server
-#       LOOP
-#         FOR option_rec IN
-#           SELECT split_part(srvoption, '=', 1) AS option_name, split_part(srvoption, '=', 2) AS option_value
-#           FROM UNNEST(server_rec.srvoptions) AS srvoption
-#         LOOP
-#           IF EXISTS (SELECT FROM vault.secrets WHERE option_rec.option_value IN (id::text, key_id::text)) THEN
-#             EXECUTE format(
-#               'ALTER SERVER %I OPTIONS (SET %I %L)',
-#               server_rec.srvname,
-#               option_rec.option_name,
-#               (SELECT id FROM vault.secrets WHERE option_rec.option_value IN (id::text, key_id::text))
-#             );
-#           END IF;
-#         END LOOP;
-#       END LOOP;
-#     END IF;
-#     CREATE SCHEMA sentinel;
-#   END;
-#   \$\$;
-# EOF
-#     )
-#     run_sql -c "$UPDATE_WRAPPERS_SERVER_OPTIONS_QUERY"
+    # If upgrading to pgsodium-less Vault, Wrappers need to be updated so that
+    # foreign servers use `vault.secrets.id` instead of `vault.secrets.key_id`
+    UPDATE_WRAPPERS_SERVER_OPTIONS_QUERY=$(cat <<EOF
+  DO \$\$
+  DECLARE
+    server_rec RECORD;
+    option_rec RECORD;
+    vault_secrets RECORD;
+  BEGIN
+    IF EXISTS (SELECT FROM pg_available_extension_versions WHERE name = 'wrappers' AND version = '0.4.6')
+      AND EXISTS (SELECT FROM pg_extension WHERE extname = 'wrappers')
+    THEN
+      FOR server_rec IN
+        SELECT srvname, srvoptions
+        FROM pg_foreign_server
+      LOOP
+        FOR option_rec IN
+          SELECT split_part(srvoption, '=', 1) AS option_name, split_part(srvoption, '=', 2) AS option_value
+          FROM UNNEST(server_rec.srvoptions) AS srvoption
+        LOOP
+          IF EXISTS (SELECT FROM vault.secrets WHERE option_rec.option_value IN (id::text, key_id::text)) THEN
+            RAISE WARNING '%', format(
+              'ALTER SERVER %I OPTIONS (SET %I %L)',
+              server_rec.srvname,
+              option_rec.option_name,
+              (SELECT id FROM vault.secrets WHERE option_rec.option_value IN (id::text, key_id::text))
+            );
+          END IF;
+        END LOOP;
+      END LOOP;
+    END IF;
+    CREATE SCHEMA sentinel;
+  END;
+  \$\$;
+EOF
+    )
+    run_sql -c "$UPDATE_WRAPPERS_SERVER_OPTIONS_QUERY"
+    run_sql -c "select * from vault.secrets"
 
 #     # Patch to handle upgrading to pgsodium-less Vault
 #     REENCRYPT_VAULT_SECRETS_QUERY=$(cat <<EOF