Skip to content

Remove the RLS policy and supporting role.

Administrator requested to merge flying-robot/excise-rls-db into main

Created by: flying-robot

We encountered performance issues for our use cases when we deployed RLS to production. We made the decision to back that approach out and solve the security concerns in application-level code instead.

Role management via migrations is tricky business. They are server-wide objects, and given our database templating approach for parallelism it leads to the role having dependent objects in multiple databases that outlive any one test run.

This leads to a situation where the migrations complete successfully, but the role remains as an artifact because those other test databases technically depend on it.

To avoid this, and since we're no longer using this strategy, the prior migrations that referred to the policy + role have been commented away with notes pointing to the migrations introduced here, which remove everything in a safe and idempotent way.

For Reviewers

  • do the tests pass cleanly for you?
  • does the application boot cleanly for you?
  • after doing the above, is the policy absent from \d repo?
  • after doing the above, is the role absent from \du?

Merge request reports

Loading