From 4429a4551f17179e381cdf8ed2d7ab6e061a274a Mon Sep 17 00:00:00 2001 From: Pavan-Microsoft Date: Thu, 9 Jan 2025 12:41:05 +0530 Subject: [PATCH] Fix Duplicate Role Creation in azd up by Checking PostgreSQL Role Existence Before Creation --- .../data_scripts/create_postgres_tables.py | 21 +++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/scripts/data_scripts/create_postgres_tables.py b/scripts/data_scripts/create_postgres_tables.py index 605d7634c..805fd7621 100644 --- a/scripts/data_scripts/create_postgres_tables.py +++ b/scripts/data_scripts/create_postgres_tables.py @@ -1,5 +1,3 @@ -import json -from azure.keyvault.secrets import SecretClient from azure.identity import DefaultAzureCredential import psycopg2 from psycopg2 import sql @@ -24,12 +22,21 @@ def grant_permissions(cursor, dbname, schema_name, principal_name): - principal_name: Name of the principal (role or user) to grant permissions. """ - add_principal_user_query = sql.SQL("SELECT * FROM pgaadauth_create_principal({principal}, false, false)") + # Check if the principal exists in the database cursor.execute( - add_principal_user_query.format( - principal=sql.Literal(principal_name), + sql.SQL("SELECT 1 FROM pg_roles WHERE rolname = {principal}").format( + principal=sql.Literal(principal_name) ) ) + if cursor.fetchone() is None: + add_principal_user_query = sql.SQL( + "SELECT * FROM pgaadauth_create_principal({principal}, false, false)" + ) + cursor.execute( + add_principal_user_query.format( + principal=sql.Literal(principal_name), + ) + ) # Grant CONNECT on database grant_connect_query = sql.SQL("GRANT CONNECT ON DATABASE {database} TO {principal}") @@ -123,7 +130,9 @@ def grant_permissions(cursor, dbname, schema_name, principal_name): conn.commit() -cursor.execute("CREATE INDEX vector_store_content_vector_idx ON vector_store USING hnsw (content_vector vector_cosine_ops);") +cursor.execute( + "CREATE INDEX vector_store_content_vector_idx ON vector_store USING hnsw (content_vector vector_cosine_ops);" +) conn.commit() grant_permissions(cursor, dbname, "public", principal_name)