Skip to content

✨ feat(indexer): Execute sql migrations file on startup#7092

Closed
roninjin10 wants to merge 5 commits intodevelopfrom
09-01-feat_indexer_Add_sql_migrations_file
Closed

✨ feat(indexer): Execute sql migrations file on startup#7092
roninjin10 wants to merge 5 commits intodevelopfrom
09-01-feat_indexer_Add_sql_migrations_file

Conversation

@roninjin10
Copy link
Contributor

@roninjin10 roninjin10 commented Sep 1, 2023

  • Execute the migrations file on startup

@roninjin10 roninjin10 requested a review from a team as a code owner September 1, 2023 16:01
This was referenced Sep 1, 2023
Merged
Merged
Merged
Merged
@roninjin10
Copy link
Contributor Author

roninjin10 commented Sep 1, 2023
edited
Loading

Current dependencies on/for this PR:

This comment was auto-generated by Graphite.

@roninjin10 roninjin10 mentioned this pull request Sep 1, 2023
Merged
@mergify mergify bot added the A-indexer Area: indexer label Sep 1, 2023
@semgrep-app
Copy link
Contributor

semgrep-app bot commented Sep 1, 2023

Semgrep found 1 gorm-hardcoded-secret finding:

  • indexer/database/db.go: L42-45

A secret is hard-coded in the application. Secrets stored in source code, such as credentials, identifiers, and other types of sensitive data, can be leaked and used by internal or external malicious actors. Use environment variables to securely provide credentials and other secrets or retrieve them from a secure vault or Hardware Security Module (HSM).

View Dataflow Graph 
flowchart LR
    classDef invis fill:white, stroke: none
    classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none

    subgraph File0["<b>indexer/database/db.go</b>"]
        direction LR
        %% Source

        subgraph Source
            direction LR

            v0("<b>[Line: 40]</b> #quot; password=%s#quot;")
        end
        %% Intermediate

        subgraph Traces0[Traces]
            direction TB

            v2("<b>[Line: 40]</b> dsn")
        end
        %% Sink

        subgraph Sink
            direction LR

            v1("<b>[Line: 42]</b> gorm.Open(postgres.Open(dsn), &gorm.Config{<br>			SkipDefaultTransaction: true,<br>			Logger:                 logger.Default.LogMode(logger.Silent),<br>		})")
        end
    end
    %% Class Assignment
    Source:::invis
    Sink:::invis

    Traces0:::invis
    File0:::invis

    %% Connections

    Source --> Traces0
    Traces0 --> Sink

    %% Clickable

    click v0 href "https://github.com/ethereum-optimism/optimism/blob/b9e6a7a38f3d0e2e7ab87285105f559930114904/indexer/database/db.go#L40" "View in source" _blank
    click v1 href "https://github.com/ethereum-optimism/optimism/blob/b9e6a7a38f3d0e2e7ab87285105f559930114904/indexer/database/db.go#L42" "View in source" _blank
    click v2 href "https://github.com/ethereum-optimism/optimism/blob/b9e6a7a38f3d0e2e7ab87285105f559930114904/indexer/database/db.go#L40" "View in source" _blank
Loading
Ignore this finding from gorm-hardcoded-secret.

Semgrep found 1 gorm-empty-password finding:

  • indexer/database/db.go: L42-45

The application uses an empty credential. This can lead to unauthorized access by either an internal or external malicious actor. Use environment variables to securely provide credentials and other secrets or retrieve them from a secure vault or Hardware Security Module (HSM).

View Dataflow Graph 
flowchart LR
    classDef invis fill:white, stroke: none
    classDef default fill:#e7f5ff, color:#1c7fd6, stroke: none

    subgraph File0["<b>indexer/database/db.go</b>"]
        direction LR
        %% Source

        subgraph Source
            direction LR

            v0("<b>[Line: 40]</b> #quot; password=%s#quot;")
        end
        %% Intermediate

        subgraph Traces0[Traces]
            direction TB

            v2("<b>[Line: 40]</b> dsn")
        end
        %% Sink

        subgraph Sink
            direction LR

            v1("<b>[Line: 42]</b> gorm.Open(postgres.Open(dsn), &gorm.Config{<br>			SkipDefaultTransaction: true,<br>			Logger:                 logger.Default.LogMode(logger.Silent),<br>		})")
        end
    end
    %% Class Assignment
    Source:::invis
    Sink:::invis

    Traces0:::invis
    File0:::invis

    %% Connections

    Source --> Traces0
    Traces0 --> Sink

    %% Clickable

    click v0 href "https://github.com/ethereum-optimism/optimism/blob/b9e6a7a38f3d0e2e7ab87285105f559930114904/indexer/database/db.go#L40" "View in source" _blank
    click v1 href "https://github.com/ethereum-optimism/optimism/blob/b9e6a7a38f3d0e2e7ab87285105f559930114904/indexer/database/db.go#L42" "View in source" _blank
    click v2 href "https://github.com/ethereum-optimism/optimism/blob/b9e6a7a38f3d0e2e7ab87285105f559930114904/indexer/database/db.go#L40" "View in source" _blank
Loading
Ignore this finding from gorm-empty-password.

@roninjin10
Copy link
Contributor Author

roninjin10 commented Sep 1, 2023

closes #71

@roninjin10
Copy link
Contributor Author

roninjin10 commented Sep 1, 2023

Moving to draft because this looks like it breaks tests

@roninjin10 roninjin10 marked this pull request as draft September 1, 2023 16:52
hamdiallam
hamdiallam reviewed Sep 1, 2023
View reviewed changes
@roninjin10 roninjin10 force-pushed the 09-01-fix_indexer_add_retries_to_db_connection branch from 7cd6084 to c9208e4 Compare September 6, 2023 07:01
@roninjin10 roninjin10 changed the base branch from 09-01-fix_indexer_add_retries_to_db_connection to willc/copy-foundry.toml September 6, 2023 07:01
@roninjin10 roninjin10 force-pushed the 09-01-feat_indexer_Add_sql_migrations_file branch from b9e6a7a to 02ab2de Compare September 6, 2023 07:01
Base automatically changed from willc/copy-foundry.toml to 09-01-fix_indexer_add_retries_to_db_connection September 7, 2023 18:23
@roninjin10 roninjin10 force-pushed the 09-01-feat_indexer_Add_sql_migrations_file branch from 02ab2de to 69a21d2 Compare September 14, 2023 14:55
@mergify
Copy link
Contributor

mergify bot commented Sep 14, 2023

Hey @roninjin10! This PR has merge conflicts. Please fix them before continuing review.

@mergify mergify bot added S-conflict Status: A conflict is present A-cannon Area: cannon labels Sep 14, 2023
semgrep-app[bot]
semgrep-app bot reviewed Sep 14, 2023
View reviewed changes
@mergify mergify bot added A-op-bindings Area: op-bindings A-op-chain-ops Area: op-chain-ops A-op-challenger Area: op-challenger A-op-e2e Area: op-e2e A-op-exporter Area: op-exporter A-op-node Area: op-node A-op-service Area: op-service labels Sep 14, 2023
@mergify mergify bot added A-ops-bedrock Area: ops-bedrock A-ops Area: ops A-pkg-chain-mon Area: packages/chain-mon A-pkg-contracts-bedrock Area: packages/contracts-bedrock A-pkg-sdk Area: packages/sdk A-proxyd Area: proxyd M-docs Meta: documentation related M-ci Meta: ci related work labels Sep 14, 2023
@roninjin10 roninjin10 force-pushed the 09-01-feat_indexer_Add_sql_migrations_file branch from e47ea24 to 0c399aa Compare September 14, 2023 15:01
@roninjin10 roninjin10 changed the base branch from 09-01-fix_indexer_add_retries_to_db_connection to develop September 14, 2023 15:02
@mergify mergify bot removed the S-conflict Status: A conflict is present label Sep 14, 2023
@roninjin10 roninjin10 marked this pull request as ready for review September 14, 2023 15:02
@roninjin10 roninjin10 mentioned this pull request Sep 14, 2023
Merged
@roninjin10 roninjin10 marked this pull request as draft September 14, 2023 16:10
@roninjin10 roninjin10 force-pushed the 09-01-feat_indexer_Add_sql_migrations_file branch 3 times, most recently from 7318de6 to d50c58f Compare September 15, 2023 03:31
@roninjin10 roninjin10 mentioned this pull request Sep 15, 2023
Closed
9 tasks
@roninjin10 roninjin10 marked this pull request as ready for review September 19, 2023 16:34
@roninjin10 roninjin10 force-pushed the 09-01-feat_indexer_Add_sql_migrations_file branch from d50c58f to bbc8a8d Compare September 19, 2023 16:35
@roninjin10
Copy link
Contributor Author

roninjin10 commented Sep 19, 2023

Closing
image

@roninjin10 roninjin10 closed this Sep 19, 2023
@aliersh aliersh deleted the 09-01-feat_indexer_Add_sql_migrations_file branch July 21, 2025 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hamdiallam hamdiallam Awaiting requested review from hamdiallam

1 more reviewer

@semgrep-app semgrep-app[bot] semgrep-app[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

A-cannon Area: cannon A-indexer Area: indexer A-op-bindings Area: op-bindings A-op-chain-ops Area: op-chain-ops A-op-challenger Area: op-challenger A-op-e2e Area: op-e2e A-op-exporter Area: op-exporter A-op-node Area: op-node A-op-service Area: op-service A-ops Area: ops A-ops-bedrock Area: ops-bedrock A-pkg-chain-mon Area: packages/chain-mon A-pkg-contracts-bedrock Area: packages/contracts-bedrock A-pkg-sdk Area: packages/sdk A-proxyd Area: proxyd M-ci Meta: ci related work M-docs Meta: documentation related

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roninjin10 @hamdiallam