feat: enterprise audit fixes (schema resolution, race conditions, documentation)

2026-04-30 10:50:36 +00:00
parent fb65b2f1e7
commit 7305b79943
9 changed files with 399 additions and 52 deletions
--- a/postgresql/procedures/01_maintenance.sql
+++ b/postgresql/procedures/01_maintenance.sql
@@ -2,14 +2,15 @@
 -- Core functions for Zabbix partitioning (Create, Drop, Maintain).
 -- ============================================================================

-- Function to check if a partition exists
-CREATE OR REPLACE FUNCTION partitions.partition_exists(p_partition_name text) 
+-- Function to check if a partition exists in a specific schema
+CREATE OR REPLACE FUNCTION partitions.partition_exists(p_partition_name text, p_schema text) 
 RETURNS boolean AS $$
 BEGIN
    RETURN EXISTS (
        SELECT 1 FROM pg_class c
        JOIN pg_namespace n ON n.oid = c.relnamespace
        WHERE c.relname = p_partition_name
+          AND n.nspname = p_schema
    );
 END;
 $$ LANGUAGE plpgsql;
@@ -32,7 +33,7 @@ BEGIN
    SELECT n.nspname INTO v_parent_schema
    FROM pg_class c
    JOIN pg_namespace n ON n.oid = c.relnamespace
-    WHERE c.relname = p_parent_table;
+    WHERE c.relname = p_parent_table AND pg_table_is_visible(c.oid);

    IF NOT FOUND THEN
        RAISE EXCEPTION 'Parent table % not found', p_parent_table;
@@ -51,11 +52,20 @@ BEGIN
    
    v_partition_name := p_parent_table || '_p' || v_suffix;

-    IF NOT partitions.partition_exists(v_partition_name) THEN
-        EXECUTE format(
-            'CREATE TABLE %I.%I PARTITION OF %I.%I FOR VALUES FROM (%s) TO (%s)',
-            v_parent_schema, v_partition_name, v_parent_schema, p_parent_table, v_start_ts, v_end_ts
-        );
+    IF NOT partitions.partition_exists(v_partition_name, v_parent_schema) THEN
+        BEGIN
+            EXECUTE format(
+                'CREATE TABLE %I.%I PARTITION OF %I.%I FOR VALUES FROM (%s) TO (%s)',
+                v_parent_schema, v_partition_name, v_parent_schema, p_parent_table, v_start_ts, v_end_ts
+            );
+        EXCEPTION
+            WHEN invalid_object_definition THEN
+                -- Ignore overlap errors (e.g., when transitioning from daily to hourly partitioning)
+                RAISE NOTICE 'Partition % overlaps with an existing partition. Skipping.', v_partition_name;
+            WHEN duplicate_table THEN
+                -- Ignore race condition: another process created the partition concurrently
+                RAISE NOTICE 'Partition % already exists (concurrent creation). Skipping.', v_partition_name;
+        END;
    END IF;
 END;
 $$;
@@ -84,7 +94,7 @@ BEGIN
        JOIN pg_class parent ON pg_inherits.inhparent = parent.oid
        JOIN pg_class child ON pg_inherits.inhrelid = child.oid
        JOIN pg_namespace n ON child.relnamespace = n.oid
-        WHERE parent.relname = p_parent_table
+        WHERE parent.relname = p_parent_table AND pg_table_is_visible(parent.oid)
    LOOP
        -- Parse partition suffix to determine age
        -- Format: parent_pYYYYMM or parent_pYYYYMMDD
@@ -92,11 +102,11 @@ BEGIN
        
        BEGIN
            IF length(v_suffix) = 6 THEN -- YYYYMM
-                v_partition_date := to_timestamp(v_suffix || '01', 'YYYYMMDD') AT TIME ZONE 'UTC';
+                v_partition_date := timezone('UTC', to_timestamp(v_suffix || '01', 'YYYYMMDD')::timestamp without time zone);
            ELSIF length(v_suffix) = 8 THEN -- YYYYMMDD
-                v_partition_date := to_timestamp(v_suffix, 'YYYYMMDD') AT TIME ZONE 'UTC';
+                v_partition_date := timezone('UTC', to_timestamp(v_suffix, 'YYYYMMDD')::timestamp without time zone);
            ELSIF length(v_suffix) = 10 THEN -- YYYYMMDDHH
-                v_partition_date := to_timestamp(v_suffix, 'YYYYMMDDHH24') AT TIME ZONE 'UTC';
+                v_partition_date := timezone('UTC', to_timestamp(v_suffix, 'YYYYMMDDHH24')::timestamp without time zone);
            ELSE
                CONTINUE; -- Ignore non-matching suffix lengths
            END IF;
@@ -153,25 +163,25 @@ DECLARE
 BEGIN
    IF p_period = 'day' THEN
        v_period_interval := '1 day'::interval;
-        v_start_time := date_trunc('day', now() AT TIME ZONE 'UTC');
+        v_start_time := date_trunc('day', now(), 'UTC');
        -- Calculate how many past days cover the retention period (86400 seconds = 1 day)
        v_past_iterations := ceil(extract(epoch from p_keep_history) / 86400)::integer;
        
    ELSIF p_period = 'week' THEN
        v_period_interval := '1 week'::interval;
-        v_start_time := date_trunc('week', now() AT TIME ZONE 'UTC');
+        v_start_time := date_trunc('week', now(), 'UTC');
        -- 604800 seconds = 1 week
        v_past_iterations := ceil(extract(epoch from p_keep_history) / 604800)::integer;

    ELSIF p_period = 'month' THEN
        v_period_interval := '1 month'::interval;
-        v_start_time := date_trunc('month', now() AT TIME ZONE 'UTC');
+        v_start_time := date_trunc('month', now(), 'UTC');
        -- Approximate 30 days per month (2592000 seconds)
        v_past_iterations := ceil(extract(epoch from p_keep_history) / 2592000)::integer;
        
    ELSIF p_period LIKE '%hour%' THEN
        v_period_interval := p_period::interval;
-        v_start_time := date_trunc('hour', now() AT TIME ZONE 'UTC');
+        v_start_time := to_timestamp(floor(extract(epoch from now()) / extract(epoch from v_period_interval)) * extract(epoch from v_period_interval));
        v_past_iterations := ceil(extract(epoch from p_keep_history) / extract(epoch from v_period_interval))::integer;
        
    ELSE
@@ -221,3 +231,14 @@ BEGIN
    END LOOP;
 END;
 $$;
+
+-- Trigger function to silently discard housekeeper tasks for partitioned tables
+CREATE OR REPLACE FUNCTION partitions.housekeeper_insert_trigger()
+RETURNS TRIGGER AS $$
+BEGIN
+    IF EXISTS (SELECT 1 FROM partitions.config WHERE table_name = NEW.tablename) THEN
+        RETURN NULL;
+    END IF;
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;