diff --git a/physical/postgresql.go b/physical/postgresql.go index a8f8b1633..cd1f3abf9 100644 --- a/physical/postgresql.go +++ b/physical/postgresql.go @@ -30,7 +30,7 @@ func newPostgreSQLBackend(conf map[string]string) (Backend, error) { unquoted_table, ok := conf["table"] if !ok { - unquoted_table = "vault" + unquoted_table = "vault_kv_store" } quoted_table := pq.QuoteIdentifier(unquoted_table) @@ -51,16 +51,16 @@ func newPostgreSQLBackend(conf map[string]string) (Backend, error) { // upsert. var put_statement string if upsert_required { - put_statement = "SELECT vault_upsert($1, $2)" + put_statement = "SELECT vault_kv_put($1, $2)" } else { put_statement = "INSERT INTO " + quoted_table + " VALUES($1, $2)" + - " ON CONFLICT (vault_key) DO " + - " UPDATE SET vault_value = $2" + " ON CONFLICT (key) DO " + + " UPDATE SET value = $2" } // Setup the backend. m := &PostgreSQLBackend{ - table: unquoted_table, + table: quoted_table, client: db, statements: make(map[string]*sql.Stmt), } @@ -68,9 +68,9 @@ func newPostgreSQLBackend(conf map[string]string) (Backend, error) { // Prepare all the statements required statements := map[string]string{ "put": put_statement, - "get": "SELECT vault_value FROM " + quoted_table + " WHERE vault_key = $1", - "delete": "DELETE FROM " + quoted_table + " WHERE vault_key = $1", - "list": "SELECT vault_key FROM " + quoted_table + " WHERE vault_key LIKE $1", + "get": "SELECT value FROM " + quoted_table + " WHERE key = $1", + "delete": "DELETE FROM " + quoted_table + " WHERE key = $1", + "list": "SELECT key FROM " + quoted_table + " WHERE key LIKE $1", } for name, query := range statements { if err := m.prepare(name, query); err != nil { diff --git a/physical/postgresql_test.go b/physical/postgresql_test.go index 7c12d0fc7..ae1dcfd0f 100644 --- a/physical/postgresql_test.go +++ b/physical/postgresql_test.go @@ -15,7 +15,7 @@ func TestPostgreSQLBackend(t *testing.T) { table := os.Getenv("PGTABLE") if table == "" { - table = "vault" + table = "vault_kv_store" } // Run vault tests diff --git a/website/source/docs/config/index.html.md b/website/source/docs/config/index.html.md index b5efe91dc..666bd7504 100644 --- a/website/source/docs/config/index.html.md +++ b/website/source/docs/config/index.html.md @@ -315,29 +315,29 @@ The PostgreSQL backend has the following options: A list of all supported parameters can be found in [the pq library documentation](https://godoc.org/github.com/lib/pq#hdr-Connection_String_Parameters). * `table` (optional) - The name of the table to write vault data to. Defaults - to "vault". + to "vault_kv_store". Make sure the PostgreSQL database you choose (or create) for vault storage has a table suitable for storing vault's data: ```sql -CREATE TABLE vault ( - vault_key TEXT PRIMARY KEY, - vault_value BYTEA +CREATE TABLE vault_kv_store ( + key TEXT PRIMARY KEY, + value BYTEA ); ``` If you're using a version of PostgreSQL prior to 9.5, vault will expect an -upsert function to exist named "vault_upsert". The recommanded function to use +upsert function to exist named "vault_kv_put". The recommanded function to use for this operation is: ```sql -CREATE FUNCTION vault_upsert(_key TEXT, _value BYTEA) RETURNS VOID AS +CREATE FUNCTION vault_kv_put(_key TEXT, _value BYTEA) RETURNS VOID AS $$ BEGIN LOOP -- first try to update the key - UPDATE vault SET vault_value = _value WHERE vault_key = _key; + UPDATE vault_kv_store SET value = _value WHERE key = _key; IF found THEN RETURN; END IF; @@ -345,7 +345,7 @@ BEGIN -- if someone else inserts the same key concurrently, -- we could get a unique-key failure BEGIN - INSERT INTO vault (vault_key, vault_value) VALUES (_key, _value); + INSERT INTO vault_kv_store (key, value) VALUES (_key, _value); RETURN; EXCEPTION WHEN unique_violation THEN -- Do nothing, and loop to try the UPDATE again.