authzed
failed to create datastore: failed to load bootstrap files: could not lookup caveat
What platforms are affected?
linux, macos
What architectures are affected?
amd64, arm64
What SpiceDB version are you using?
docker.io/authzed/spicedb Tag | latest sha256:a25495d7f49c85ff71f13f0fb8f6bc91dc541754b772636a746f5672b60349fd
Steps to Reproduce
The issue only happens in case of using the caveats feature in the scheme. zed import command gives no errors when directly importing schema to spicedb. No schema error in the playground
works
spicedb serve --datastore-bootstrap-files=./schema.yaml --grpc-preshared-key "foobar"
Setup spicedb using docker-compoe:
docker-compose.yaml
spicedb:
image: "authzed/spicedb"
command: "serve"
restart: "always"
configs:
- bootstrap_file
ports:
- "8080:8080"
- "9090:9090"
- "50051:50051"
environment:
- "SPICEDB_GRPC_PRESHARED_KEY=${SPICEDB_GRPC_PRESHARED_KEY}"
- "SPICEDB_DATASTORE_ENGINE=postgres"
- "SPICEDB_DATASTORE_BOOTSTRAP_FILES=/bootstrap_file"
- "SPICEDB_DATASTORE_CONN_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@database:5432/spicedb?sslmode=disable"
depends_on:
- "migrate"
migrate:
image: "authzed/spicedb"
command: "datastore migrate head"
restart: "on-failure"
environment:
- "SPICEDB_DATASTORE_ENGINE=postgres"
- "SPICEDB_DATASTORE_CONN_URI=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@database:5432/spicedb?sslmode=disable"
depends_on:
- "database"
database:
image: "postgres"
command: -c track_commit_timestamp=on
ports:
- "5432:5432"
environment:
- "POSTGRES_PASSWORD=${POSTGRES_PASSWORD}"
- "POSTGRES_DB=${POSTGRES_DBNAME}"
configs:
spicedb_pre_shared:
environment: "SPICEDB_GRPC_PRESHARED_KEY"
bootstrap_file:
file: ./schema.yaml
secrets:
spicedb_pre_shared:
file: ./.secrets/local-spicedb-secret
env file (.env)
SPICEDB_GRPC_PRESHARED_KEY="foobar"
POSTGRES_PASSWORD="postgres"
POSTGRES_USER="postgres"
POSTGRES_DBNAME="spicedb"
Schema (schema.yaml)
definition user {}
definition prod/user {}
definition organization {
relation member: user
}
definition event_type {
relation organization: organization#member
permission list_behavior_groups = organization->member
}
definition behavior_group {
relation event_type: event_type with is_tuesday
relation organization: organization
permission view = event_type->organization + organization->member
}
caveat is_tuesday(today string) {
today == 'tuesday'
}
Run
docker compose --env-file .env -f ./docker-compose.yaml up -d
Expected Result
Schema bootstrap with no errors.
Actual Result
ive)","SchemaPrefixesRequired":false,"SchemaWatchHeartbeat":1000,"ShutdownGracePeriod":0,"SilentlyDisableTelemetry":false,"StreamingAPITimeout":30000,"TelemetryCAOverridePath":"(empty)","TelemetryEndpoint":"https://telemetry.authzed.com/","TelemetryInterval":3600000,"V1SchemaAdditiveOnly":false,"WatchHeartbeat":1000,"time":"2024-07-30T11:23:09Z","message":"configuration"}
{"level":"info","time":"2024-07-30T11:23:09Z","message":"using postgres datastore engine"}
{"level":"info","interval":180000,"time":"2024-07-30T11:23:09Z","message":"datastore garbage collection worker started"}
�{"level":"info","files":["/bootstrap_file"],"time":"2024-07-30T11:23:09Z","message":"initializing datastore from bootstrap files"}
�{"level":"info","filePath":"/bootstrap_file","schemaDefinitionCount":6,"time":"2024-07-30T11:23:09Z","message":"adding schema definitions"}
�{"level":"warn","error":"could not lookup caveat is_tuesday for relation event_type: caveat with name is_tuesday not found","time":"2024-07-30T11:23:09Z","message":"unable to determine if pgx error is retryable"}
{"level":"error","error":"failed to create datastore: failed to load bootstrap files: could not lookup caveat is_tuesday for relation event_type: caveat with name is_tuesday not found","time":"2024-07-30T11:23:09Z","message":"terminated with errors"}
{"level":"debug","message":"maxprocs: Leaving GOMAXPROCS=10: CPU quota undefined"}
