Read hasura username from secrets

Author: suvikankare

profiles/dev/config.properties

@@ -49,4 +49,5 @@ db.port=6432
 db.name=authdb
 db.username=dbauth
 db.password=authpassword
+db.hasura.username=dbhasura
 db.session.schema=public

profiles/integration-test/config.properties

@@ -48,3 +48,4 @@ logoutpage.url=https://mylogout.myhost.mydomain:9012
 # Data source config (persistent sessions)
 ############################################
 session.enabled=false
+db.hasura.username=dbhasura

profiles/prod/config.properties

@@ -46,4 +46,5 @@ db.port=5432
 db.name=
 db.username=
 db.password=
+db.hasura.username=
 db.session.schema=

src/main/resources/application.properties

@@ -56,6 +56,7 @@ db.port=@db.port@
 db.name=@db.name@
 db.username=@db.username@
 db.password=@db.password@
+db.hasura.username=@db.hasura.username@
 db.session-schema=@db.session.schema@
 
 ############################################
@@ -65,3 +66,4 @@ spring.flyway.enabled=true
 spring.flyway.baseline-on-migrate=true
 spring.flyway.schemas=@db.session.schema@
 spring.flyway.locations=classpath:db/migration
+spring.flyway.placeholders.dbHasuraUsername=${db.hasura.username:@db.hasura.username@}

src/main/resources/db/migration/V1__create_login_audit_table.sql

@@ -16,8 +16,8 @@ BEGIN
         GRANT SELECT, INSERT ON login_audit TO dbauth;
         GRANT USAGE, SELECT ON SEQUENCE login_audit_id_seq TO dbauth;
     END IF;
-    IF EXISTS (SELECT FROM pg_roles WHERE rolname = 'dbhasura') THEN
-        GRANT SELECT ON login_audit TO dbhasura;
-        GRANT USAGE, SELECT ON SEQUENCE login_audit_id_seq TO dbhasura;
+    IF EXISTS (SELECT FROM pg_roles WHERE rolname = '${dbHasuraUsername}') THEN
+        GRANT SELECT ON login_audit TO ${dbHasuraUsername};
+        GRANT USAGE, SELECT ON SEQUENCE login_audit_id_seq TO ${dbHasuraUsername};
     END IF;
 END $$;