legion-data 1.8.7 → 1.8.8
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +8 -0
- data/lib/legion/data/connection.rb +30 -0
- data/lib/legion/data/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 60b8f26149494282c49455aedc216eebf0db867fa359dea9404ca44d09ad9815
|
|
4
|
+
data.tar.gz: 4da8dfdb277d9ceda6807543f58c2804ae71f938056cff7f8bcd366c4bad9cae
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ef647d212100c659d28847879153403ac1dd42c55c0cb9b1529fd1e17d73f029a912d23988f6701e59e4b25d326b8512cd89f0291bcc52a9e492e6fd4c85b055
|
|
7
|
+
data.tar.gz: '018844cceb163d4100cffcfa8ea1ed06b916889ca14111e9ca8398d9c3d2a045c9e9c4d73f735e8c22f681ccc834c23f732d08d68303973251c60085f5013c1b'
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# Legion::Data Changelog
|
|
2
2
|
|
|
3
|
+
## [1.8.8] - 2026-05-20
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
- `Legion::Data::Connection.reconnect_with_fresh_creds` — updates Sequel's internal connection opts with fresh credentials from `Legion::Settings[:data][:creds]` and reconnects the pool. Called by `LeaseManager#trigger_postgresql_reconnect` after Vault dynamic PostgreSQL lease rotation.
|
|
7
|
+
|
|
8
|
+
### Fixed
|
|
9
|
+
- Vault dynamic PostgreSQL credential rotation: after lease expiry, connections would fail with `PG::ConnectionBad: role "v-legionio-node-..." does not exist` because Sequel retained the original (revoked) credentials in `@opts`. The legacy fallback (`disconnect` + `test_connection`) was insufficient since it doesn't update stored credentials.
|
|
10
|
+
|
|
3
11
|
## [1.8.7] - 2026-05-17
|
|
4
12
|
|
|
5
13
|
### Added
|
|
@@ -267,6 +267,36 @@ module Legion
|
|
|
267
267
|
log.info 'Legion::Data connection closed'
|
|
268
268
|
end
|
|
269
269
|
|
|
270
|
+
def reconnect_with_fresh_creds
|
|
271
|
+
return false unless @sequel
|
|
272
|
+
return false if adapter == :sqlite
|
|
273
|
+
|
|
274
|
+
fresh_creds = Legion::Settings[:data][:creds]
|
|
275
|
+
return false unless fresh_creds.is_a?(Hash)
|
|
276
|
+
|
|
277
|
+
new_user = fresh_creds[:user] || fresh_creds[:username]
|
|
278
|
+
new_pass = fresh_creds[:password]
|
|
279
|
+
|
|
280
|
+
unless new_user && new_pass
|
|
281
|
+
log.error('reconnect_with_fresh_creds: no user/password in Settings[:data][:creds]')
|
|
282
|
+
return false
|
|
283
|
+
end
|
|
284
|
+
|
|
285
|
+
old_user = @sequel.opts[:user]
|
|
286
|
+
@sequel.opts[:user] = new_user
|
|
287
|
+
@sequel.opts[:password] = new_pass
|
|
288
|
+
|
|
289
|
+
@sequel.disconnect
|
|
290
|
+
|
|
291
|
+
@sequel.test_connection
|
|
292
|
+
log.info("reconnect_with_fresh_creds: rotated credentials (#{old_user} → #{new_user})")
|
|
293
|
+
true
|
|
294
|
+
rescue StandardError => e
|
|
295
|
+
handle_exception(e, level: :error, handled: true, operation: :reconnect_with_fresh_creds,
|
|
296
|
+
old_user: old_user, new_user: new_user)
|
|
297
|
+
false
|
|
298
|
+
end
|
|
299
|
+
|
|
270
300
|
def connect_with_replicas
|
|
271
301
|
return unless adapter == :postgres
|
|
272
302
|
|
data/lib/legion/data/version.rb
CHANGED