Remove instances uses of flowmachine user being configurable

.circleci/config.yml

@@ -32,7 +32,6 @@ defaults:
     FLOWDB_INGESTION_DIR: /home/circleci/project/flowdb/tests/data
     POSTGRES_PASSWORD: flowflow
     POSTGRES_USER: flowdb
-    FLOWMACHINE_FLOWDB_USER: flowmachine
     FLOWAPI_FLOWDB_USER: flowapi
     FLOWMACHINE_FLOWDB_PASSWORD: foo
     FLOWAPI_FLOWDB_PASSWORD: foo

docker-compose.yml

@@ -57,7 +57,6 @@ services:
     environment:
       POSTGRES_USER: ${POSTGRES_USER:?Must set POSTGRES_USER env var}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?Must set POSTGRES_PASSWORD env var}
-      FLOWMACHINE_FLOWDB_USER: ${FLOWMACHINE_FLOWDB_USER:?Must set FLOWMACHINE_FLOWDB_USER env var}
       FLOWMACHINE_FLOWDB_PASSWORD: ${FLOWMACHINE_FLOWDB_PASSWORD:?Must set FLOWMACHINE_FLOWDB_PASSWORD env var}
       FLOWAPI_FLOWDB_USER: ${FLOWAPI_FLOWDB_USER:?Must set FLOWAPI_FLOWDB_USER env var}
       FLOWAPI_FLOWDB_PASSWORD: ${FLOWAPI_FLOWDB_PASSWORD:?Must set FLOWAPI_FLOWDB_PASSWORD env var}

docs/source/administrator/deployment.md

@@ -21,7 +21,6 @@ FlowDB is distributed as a docker container. To run it, you will need to provide
 | ----------- | -------------- | ----- |
 | FLOWAPI_FLOWDB_USER | Database user used by FlowAPI | Role with _read_ access to tables under the cache and geography schemas | 
 | FLOWAPI_FLOWDB_PASSWORD | Password for the FlowAPI database user | |
-| FLOWMACHINE_FLOWDB_USER | Database user for FlowMachine | Role with _write_ access to tables under the cache schema, and _read_ access to events, infrastructure, cache and geography schemas |
 | FLOWMACHINE_FLOWDB_PASSWORD | Password for flowmachine user | |
 | FLOWDB_POSTGRES_PASSWORD | Postgres superuser password for flowdb | Username `flowdb`, user with super user access to flowdb database |
 
@@ -232,7 +231,7 @@ Once you have FlowAuth, FlowDB, and FlowETL running, you are ready to add FlowMa
 
 ##### FlowMachine
 
-The FlowMachine server requires one additional secret: `REDIS_PASSWORD`, the password for an accompanying redis database. This secret should also be provided to redis. FlowMachine also uses the `FLOWMACHINE_FLOWDB_USER` and `FLOWMACHINE_FLOWDB_PASSWORD` secrets defined for FlowDB.
+The FlowMachine server requires one additional secret: `REDIS_PASSWORD`, the password for an accompanying redis database. This secret should also be provided to redis. FlowMachine also uses the `FLOWMACHINE_FLOWDB_PASSWORD` secrets defined for FlowDB.
 
 You may also set the following environment variables:
 

flowdb.Dockerfile

@@ -134,8 +134,6 @@ ARG FLOWDB_RELEASE_DATE='3000-12-12'
 ENV FLOWDB_RELEASE_DATE=$FLOWDB_RELEASE_DATE
 
 # Default users
-
-ENV FLOWMACHINE_FLOWDB_USER=flowmachine
 ENV FLOWAPI_FLOWDB_USER=flowapi
 
 # Default location table

flowdb/bin/build/9000_last_create_roles.sh

@@ -38,12 +38,6 @@ then
     exit 1
 fi
 
-if [ -e /run/secrets/FLOWMACHINE_FLOWDB_USER ];
-then
-    echo "Using secrets for flowmachine user."
-    FLOWMACHINE_FLOWDB_USER=$(< /run/secrets/FLOWMACHINE_FLOWDB_USER)
-fi
-
 if [ -e /run/secrets/FLOWMACHINE_FLOWDB_PASSWORD ];
 then
     echo "Using secrets for flowmachine user password."

flowdb/tests/test_roles.py

@@ -40,7 +40,6 @@ def test_tables(env):
         "cache.blah": f"""
             CREATE TABLE IF NOT EXISTS
                 cache.blah();
-            ALTER TABLE cache.blah OWNER TO {env["FLOWMACHINE_FLOWDB_USER"]};
             """,
         "geography.admin0": """
             CREATE TABLE IF NOT EXISTS 

flowetl/deployment_example/docker-stack-flowkit.yml

@@ -23,7 +23,6 @@ services:
     environment: &base-flowdb-environment
       POSTGRES_USER: ${FLOWDB_ADMIN_USER:?Must set FLOWDB_ADMIN_USER env var}
       POSTGRES_PASSWORD: ${FLOWDB_ADMIN_PASSWORD:?Must set FLOWDB_ADMIN_PASSWORD env var}
-      FLOWMACHINE_FLOWDB_USER: ${FLOWMACHINE_FLOWDB_USER:?Must set FLOWMACHINE_FLOWDB_USER env var}
       FLOWMACHINE_FLOWDB_PASSWORD: ${FLOWMACHINE_FLOWDB_PASSWORD:?Must set FLOWMACHINE_FLOWDB_PASSWORD env var}
       FLOWAPI_FLOWDB_USER: ${FLOWAPI_FLOWDB_USER:?Must set FLOWAPI_FLOWDB_USER env var}
       FLOWAPI_FLOWDB_PASSWORD: ${FLOWAPI_FLOWDB_PASSWORD:?Must set FLOWAPI_FLOWDB_PASSWORD env var}

flowetl/tests/integration/conftest.py

@@ -106,7 +106,6 @@ def container_env(ensure_required_env_vars_are_set):
         "POSTGRES_USER": "flowdb",
         "POSTGRES_PASSWORD": "flowflow",
         "POSTGRES_DB": "flowdb",
-        "FLOWMACHINE_FLOWDB_USER": "flowmachine",
         "FLOWAPI_FLOWDB_USER": "flowapi",
         "FLOWMACHINE_FLOWDB_PASSWORD": "flowmachine",
         "FLOWAPI_FLOWDB_PASSWORD": "flowapi",

secrets_quickstart/flowdb.yml

@@ -8,8 +8,6 @@ secrets:
     external: true
   FLOWAPI_FLOWDB_PASSWORD: # Password for the FlowAPI database user
     external: true
-  FLOWMACHINE_FLOWDB_USER: # Database user for FlowMachine
-    external: true
   FLOWMACHINE_FLOWDB_PASSWORD: # Password for FlowDB
     external: true
   FLOWDB_POSTGRES_PASSWORD: # Postgres superuser password for flowdb
@@ -35,7 +33,6 @@ services:
           - FLOWDB_POSTGRES_PASSWORD
           - FLOWAPI_FLOWDB_USER
           - FLOWAPI_FLOWDB_PASSWORD
-          - FLOWMACHINE_FLOWDB_USER
           - FLOWMACHINE_FLOWDB_PASSWORD
         tty: true
         volumes:

secrets_quickstart/flowmachine.yml

@@ -6,6 +6,8 @@ version: '3.7'
 secrets:
   REDIS_PASSWORD: # Redis password
     external: true
+  FLOWMACHINE_FLOWDB_USER: # Database user for FlowMachine
+    external: true
 networks:
   flowdb:
   redis: