Skip to content

fix: pin pg_dump version when generating schema #19696

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 4, 2025
Merged

fix: pin pg_dump version when generating schema #19696

merged 1 commit into from
Sep 4, 2025

Conversation

ethanndickson
Copy link
Member

@ethanndickson ethanndickson commented Sep 4, 2025
edited
Loading

The latest release of all pg_dump major versions, going back to 13, started inserting \restrict \unrestrict keywords into dumps. This currently breaks sqlc in gen/dump and our check migration script. Full details of the postgres change are available here: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=575f54d4c

To fix, we'll always use the pg_dump in our postgres 13.21 docker image for schema dumps, instead of what's on the runner/local machine.

Coder doesn't restore from postgres dumps, so we're not vulnerable to attacks that would be patched by the latest postgres version. Regardless, we'll unpin ASAP.

Once sqlc is updated to handle these keywords, we need to start stripping them when comparing the schema in the migration check script, and then we can unpin the pg_dump version. This is being tracked at coder/internal#965

@ethanndickson Graphite App
Copy link
Member Author

This stack of pull requests is managed by Graphite. Learn more about stacking.

@ethanndickson ethanndickson changed the title fix: avoid using pg_dump 17.0 or higher when generating schema fix: pin pg_dump when generating schema Sep 4, 2025
@ethanndickson ethanndickson force-pushed the ethan/pg-dump-pin branch 2 times, most recently from ed453b2 to 7cceb5f Compare September 4, 2025 03:33
@ethanndickson ethanndickson requested a review from stirby September 4, 2025 03:33
@ethanndickson ethanndickson marked this pull request as ready for review September 4, 2025 03:36
@ethanndickson ethanndickson force-pushed the ethan/pg-dump-pin branch 2 times, most recently from e56a33b to e56e8f1 Compare September 4, 2025 03:43
@ethanndickson ethanndickson mentioned this pull request Sep 4, 2025
Closed
@ethanndickson ethanndickson mentioned this pull request Sep 4, 2025
Open
@ethanndickson ethanndickson changed the title fix: pin pg_dump when generating schema fix: pin pg_dump version when generating schema Sep 4, 2025
@ethanndickson ethanndickson merged commit 1b4ce09 into main Sep 4, 2025
56 checks passed
@ethanndickson ethanndickson deleted the ethan/pg-dump-pin branch September 4, 2025 04:00
@github-actions github-actions bot locked and limited conversation to collaborators Sep 4, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@stirby stirby stirby approved these changes

Assignees

@ethanndickson ethanndickson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ethanndickson @stirby