From 1af236093cab16beb783eec4021b162f04c90840 Mon Sep 17 00:00:00 2001 From: Dan Swick <2365503+danswick@users.noreply.github.com> Date: Wed, 7 Feb 2024 10:48:16 -0800 Subject: [PATCH 1/3] match space managers list to GH fac-admins team (#3360) --- terraform/meta/config.tf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/terraform/meta/config.tf b/terraform/meta/config.tf index c9cfe50da6..5da3d17b71 100644 --- a/terraform/meta/config.tf +++ b/terraform/meta/config.tf @@ -43,8 +43,11 @@ locals { # https://github.com/orgs/GSA-TTS/teams/fac-admins/members # TODO: Automate updates via GitHub's GraphQL API "bret.mogilefsky@gsa.gov", + "daniel.swick@gsa.gov", "jeanmarie.mariadassou@gsa.gov", + "matthew.jadud@gsa.gov", "tadhg.ohiggins@gsa.gov", + "timothy.ballard@gsa.gov", ] internal_asgs = [ From 014a98a7477da79fe0acde1e1468f6dcb0ddfc28 Mon Sep 17 00:00:00 2001 From: Dan Swick <2365503+danswick@users.noreply.github.com> Date: Wed, 7 Feb 2024 14:33:09 -0800 Subject: [PATCH 2/3] Upgrade production RDS plan to xlarge (#3366) * upgrade prod RDS plan. other envs should fall back to the default in variables.tf * fix terraform formatting --- terraform/production/production.tf | 1 + 1 file changed, 1 insertion(+) diff --git a/terraform/production/production.tf b/terraform/production/production.tf index e184bde68b..282affc96d 100644 --- a/terraform/production/production.tf +++ b/terraform/production/production.tf @@ -3,6 +3,7 @@ module "production" { cf_space_name = "production" new_relic_license_key = var.new_relic_license_key pgrst_jwt_secret = var.pgrst_jwt_secret + database_plan = "xlarge-gp-psql-redundant" } # Note: The very first time we run apply in production, this will fail because From e8b54ec3cc8a69307a8d9501ecfdda56be26a558 Mon Sep 17 00:00:00 2001 From: Matthew Jadud Date: Wed, 7 Feb 2024 17:38:10 -0500 Subject: [PATCH 3/3] Don't create ever-expanding results in create_views (#3355) * Fixes gross error in API. The `OR` conjunction in every view was causing a combinatoric explosion on every single API query, destroying performance as the DB grew. This fixes that problem. * Update backend/dissemination/api/api_v1_0_3/create_views.sql --------- Co-authored-by: Dan Swick <2365503+danswick@users.noreply.github.com> --- .../api/api_v1_0_3/create_views.sql | 73 +++++++++++-------- backend/docker-compose.yml | 2 + 2 files changed, 43 insertions(+), 32 deletions(-) diff --git a/backend/dissemination/api/api_v1_0_3/create_views.sql b/backend/dissemination/api/api_v1_0_3/create_views.sql index 7b1e3a9433..5d63f3e01c 100644 --- a/backend/dissemination/api/api_v1_0_3/create_views.sql +++ b/backend/dissemination/api/api_v1_0_3/create_views.sql @@ -16,10 +16,11 @@ create view api_v1_0_3.findings_text as dissemination_findingtext ft, dissemination_general gen where - (ft.report_id = gen.report_id + ft.report_id = gen.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by ft.id ; @@ -37,10 +38,11 @@ create view api_v1_0_3.additional_ueis as dissemination_general gen, dissemination_additionaluei uei where - (gen.report_id = uei.report_id + gen.report_id = uei.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by uei.id ; @@ -67,10 +69,11 @@ create view api_v1_0_3.findings as dissemination_finding finding, dissemination_general gen where - (finding.report_id = gen.report_id + finding.report_id = gen.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by finding.id ; @@ -79,7 +82,7 @@ create view api_v1_0_3.findings as --------------------------------------- create view api_v1_0_3.federal_awards as select - gen.report_id, + award.report_id, gen.auditee_uei, gen.audit_year, --- @@ -106,10 +109,11 @@ create view api_v1_0_3.federal_awards as dissemination_federalaward award, dissemination_general gen where - (award.report_id = gen.report_id + award.report_id = gen.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by award.id ; @@ -130,10 +134,11 @@ create view api_v1_0_3.corrective_action_plans as dissemination_CAPText ct, dissemination_General gen where - (ct.report_id = gen.report_id + ct.report_id = gen.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by ct.id ; @@ -156,10 +161,11 @@ create view api_v1_0_3.notes_to_sefa as dissemination_general gen, dissemination_note note where - (note.report_id = gen.report_id + note.report_id = gen.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by note.id ; @@ -179,10 +185,11 @@ create view api_v1_0_3.passthrough as dissemination_general as gen, dissemination_passthrough as pass where - (gen.report_id = pass.report_id + gen.report_id = pass.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by pass.id ; @@ -267,10 +274,11 @@ create view api_v1_0_3.general as dissemination_General gen, audit_singleauditchecklist aud where - (aud.report_id = gen.report_id + aud.report_id = gen.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by gen.id ; @@ -297,10 +305,11 @@ create view api_v1_0_3.secondary_auditors as dissemination_General gen, dissemination_SecondaryAuditor sa where - (sa.report_id = gen.report_id + sa.report_id = gen.report_id and - gen.is_public=True) - or (gen.is_public=false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public=True + or + (gen.is_public=false and api_v1_0_3_functions.has_tribal_data_access())) order by sa.id ; @@ -315,14 +324,14 @@ create view api_v1_0_3.additional_eins as dissemination_general gen, dissemination_additionalein ein where - (gen.report_id = ein.report_id + gen.report_id = ein.report_id and - gen.is_public = true) - or (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access()) + (gen.is_public = true + or + (gen.is_public = false and api_v1_0_3_functions.has_tribal_data_access())) order by ein.id ; - commit; notify pgrst, diff --git a/backend/docker-compose.yml b/backend/docker-compose.yml index 9e29d65775..e15b9bba58 100644 --- a/backend/docker-compose.yml +++ b/backend/docker-compose.yml @@ -111,6 +111,8 @@ services: # See https://postgrest.org/en/stable/references/api/schemas.html#multiple-schemas for multiple schemas PGRST_DB_SCHEMAS: "api_v1_0_3, admin_api_v1_0_0" PGRST_JWT_SECRET: ${PGRST_JWT_SECRET:-32_chars_fallback_secret_testing} # Fallback value for testing environments + # Enable this to inspect the DB plans for queries via EXPLAIN + PGRST_DB_PLAN_ENABLED: ${PGRST_DB_PLAN_ENABLED:-false} depends_on: db: condition: service_healthy