still provide daily log and auth views

zalando · Sep 20, 2024 · 254fa9d · 254fa9d
1 parent 8b4ced7
commit 254fa9d
Showing 1 changed file with 20 additions and 8 deletions.
diff --git a/postgres-appliance/scripts/post_init.sh b/postgres-appliance/scripts/post_init.sh
@@ -147,7 +147,7 @@ if [ "$PGVER" -ge 14 ]; then
 fi
 
 # Sunday could be 0 or 7 depending on the format, we just create both
-LOG_SHIP_HOURLY=$(echo -e "SELECT text(current_setting('log_rotation_age') = '1h')" | psql -tAX -d postgres 2> /dev/null | tail -n 1)
+LOG_SHIP_HOURLY=$(echo "SELECT text(current_setting('log_rotation_age') = '1h')" | psql -tAX -d postgres 2> /dev/null | tail -n 1)
 for i in $(seq 0 7); do
     if [ "$LOG_SHIP_HOURLY" != "true" ]; then
         echo "CREATE FOREIGN TABLE IF NOT EXISTS public.postgres_log_${i} () INHERITS (public.postgres_log) SERVER pglog
@@ -162,19 +162,31 @@ for i in $(seq 0 7); do
         ALTER VIEW public.failed_authentication_${i} OWNER TO postgres;
         GRANT SELECT ON TABLE public.failed_authentication_${i} TO robot_zmon;"
     else
-        for h in $(seq 0 23); do
+        daily_log="CREATE OR REPLACE VIEW public.postgres_log_${i} AS\n"
+        daily_auth="CREATE OR REPLACE VIEW public.failed_authentication_${i} WITH (security_barrier) AS\n"
+        daily_union=""
+
+        echo "DROP FOREIGN TABLE IF EXISTS public.postgres_log_${i};"
+
+        for h in $(seq -w 0 23); do
+            filter_logs="SELECT * FROM public.postgres_log_${i}_${h} WHERE command_tag = 'authentication' AND error_severity = 'FATAL'"
+
             echo "CREATE FOREIGN TABLE IF NOT EXISTS public.postgres_log_${i}_${h} () INHERITS (public.postgres_log) SERVER pglog
             OPTIONS (filename '../pg_log/postgresql-${i}-${h}.csv', format 'csv', header 'false');
             GRANT SELECT ON public.postgres_log_${i}_${h} TO admin;
 
             CREATE OR REPLACE VIEW public.failed_authentication_${i}_${h} WITH (security_barrier) AS
-            SELECT *
-              FROM public.postgres_log_${i}_${h}
-             WHERE command_tag = 'authentication'
-               AND error_severity = 'FATAL';
+            ${filter_logs};
             ALTER VIEW public.failed_authentication_${i}_${h} OWNER TO postgres;
             GRANT SELECT ON TABLE public.failed_authentication_${i}_${h} TO robot_zmon;"
+
+            daily_log="${daily_log}${daily_union}SELECT * FROM public.postgres_log_${i}_${h}\n"
+            daily_auth="${daily_auth}${daily_union}${filter_logs}\n"
+            daily_union="UNION ALL\n"
         done
+
+        echo -e "${daily_log};"
+        echo -e "${daily_auth};"
     fi
 done
 
@@ -192,10 +204,10 @@ while IFS= read -r db_name; do
     if [ "$UPGRADE_TIMESCALEDB_TOOLKIT" = "t" ]; then
         echo "ALTER EXTENSION timescaledb_toolkit UPDATE;"
     fi
-    UPGRADE_POSTGIS=$(echo -e "SELECT COUNT(*) FROM pg_catalog.pg_extension WHERE extname = 'postgis'" | psql -tAX -d "${db_name}" 2> /dev/null | tail -n 1)
+    UPGRADE_POSTGIS=$(echo "SELECT COUNT(*) FROM pg_catalog.pg_extension WHERE extname = 'postgis'" | psql -tAX -d "${db_name}" 2> /dev/null | tail -n 1)
     if [ "$UPGRADE_POSTGIS" = "1" ]; then
         # public.postgis_lib_version() is available only if postgis extension is created
-        UPGRADE_POSTGIS=$(echo -e "SELECT extversion != public.postgis_lib_version() FROM pg_catalog.pg_extension WHERE extname = 'postgis'" | psql -tAX -d "${db_name}" 2> /dev/null | tail -n 1)
+        UPGRADE_POSTGIS=$(echo "SELECT extversion != public.postgis_lib_version() FROM pg_catalog.pg_extension WHERE extname = 'postgis'" | psql -tAX -d "${db_name}" 2> /dev/null | tail -n 1)
         if [ "$UPGRADE_POSTGIS" = "t" ]; then
             echo "ALTER EXTENSION postgis UPDATE;"
             echo "SELECT public.postgis_extensions_upgrade();"