docs: Add guidance on external DB permissions (!30124) · Merge requests · Warren Gifford / sourcegraph

Warren Gifford requested to merge kcw/postgres-permissions into main Jan 24, 2022

Created by: kevinwojo

Some of our customers cannot give SUPERUSER privileges to Sourcegraph application service users within their Postgres deployments.

When Sourcegraph starts up, it attempts to run migrations that require SUPERUSER privileges. If a customer creates a user that does not have the correct permissions, migrations fail and the database is marked dirty. Sourcegraph then CrashLoops.

The current workaround requires a database administrator to run the SUPERUSER-privileged commands on behalf of the Sourcegraph application service users, and apply any statements that are contained within the COMMIT statement.

Once that is done, they mark the migration as applied. This process is captured here: https://docs.sourcegraph.com/admin/how-to/dirty_database

When the frontend or migrator service starts up again, the affected migration will be skipped.

docs: Add guidance on external DB permissions

Merge request reports