Fixing #42, allows operation with less privileged user #43
Conversation
not tested, just drafting concept for now
|
|
github-actions
bot
added
the
needs triage
|
Hey @clayrosenthal 👋 , thanks for posting a PR and sorry for the delay. So, is the purpose of the checks just to provide a more accurate error message? |
|
Hey @dopey, the purpose would be having multiple servers serving from one database, with only one having permissions to create and destroy tables. A side effect would be more descriptive error messages. Similar to how running step-ca with a separate less privileged user of the actual server, I'd like to have a less privileged user accessing the database after it's been setup to reduce attack vectors while having high availability |
|
Ok, I think I'm following. Basically |
|
This PR is failing the tests due to the backticks in the SHOW queries. Not sure what to do since we added those so that the queries would accept databases and tables with names that needed to be escaped. |
|
I created this PR - #46 - based off yours with a few small fixes and additions. Still has the same issue with the query not working due to bad syntax. |
Name of feature:
Database/table check before creation
Pain or issue this feature alleviates:
Allowing operation with less privileged mysql user
Why is this important to the project (if not answered above):
Is there documentation on how to use this feature? If so, where?
Ideally no workflow change, just slightly extra queries being run
In what environments or workflows is this feature supported?
In what environments or workflows is this feature explicitly NOT supported (if any)?
Supporting links/other PRs/issues:
Fixes #42
💔Thank you!