From 57346e177563581a3d552ddee20b21d85f13a6c3 Mon Sep 17 00:00:00 2001
From: Michael Haehnel <michael.haehnel@netgo.de>
Date: Wed, 19 Jul 2023 20:48:46 +0200
Subject: [PATCH] CHORE: Fix harbor-admin stage user

---
 roles/harbor_realm/defaults/main.yml            | 2 +-
 roles/postgres/tasks/_update_database_state.yml | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/roles/harbor_realm/defaults/main.yml b/roles/harbor_realm/defaults/main.yml
index 1556c5e..e454497 100644
--- a/roles/harbor_realm/defaults/main.yml
+++ b/roles/harbor_realm/defaults/main.yml
@@ -21,7 +21,7 @@ current_realm_users:
     requiredActions: []
 
 current_realm_admin_users:
-  - username: "harbor-realm-admin"
+  - username: "harbor-admin"
     password: "{{ infrastructure_realm_admin_password_vault }}"
     email: "{{ harbor_oidc_admin_email }}"
     firstName: "Netgo"
diff --git a/roles/postgres/tasks/_update_database_state.yml b/roles/postgres/tasks/_update_database_state.yml
index 269e2db..7219112 100644
--- a/roles/postgres/tasks/_update_database_state.yml
+++ b/roles/postgres/tasks/_update_database_state.yml
@@ -78,7 +78,7 @@
     - item.stdout == '0'
     - server_type == 'master'
 
-- name: "Grant CREATE privilege on public schema for if necessary"
+- name: "Grant CREATE privilege on public schema if necessary"
   community.postgresql.postgresql_privs:
     role: "{{ item.item.name }}"
     type: schema
@@ -135,7 +135,7 @@
 - name: "Create PostgreSQL readonly group"
   community.postgresql.postgresql_user:
     name: "postgres_readonly"
-    role_attr_flags: NOLOGIN,NOSUPERUSER,NOCREATEDB,NOCREATEROLE,NOREPLICATION
+    role_attr_flags: NOLOGIN,NOSUPERUSER,NOCREATEDB,NOCREATEROLE,NOREPLICATION,INHERIT
     login_user: "{{ postgres_admin_user }}"
     state: present
   become: true
@@ -202,7 +202,7 @@
   community.postgresql.postgresql_user:
     name: "{{ pgadmin4_oidc_dev_username }}"
     password: "{{ pgadmin4_oidc_dev_password }}"
-    role_attr_flags: LOGIN,NOSUPERUSER,NOCREATEDB,NOCREATEROLE,NOREPLICATION
+    role_attr_flags: LOGIN,NOSUPERUSER,NOCREATEDB,NOCREATEROLE,NOREPLICATION,INHERIT
     login_user: "{{ postgres_admin_user }}"
     state: present
   become: true
@@ -213,7 +213,7 @@
 - name: "Add {{ pgadmin4_oidc_dev_username }} to group 'postgres_readonly'"
   community.postgresql.postgresql_user:
     name: "{{ pgadmin4_oidc_dev_username }}"
-    role_attr_flags: "NOSUPERUSER,NOCREATEDB,NOCREATEROLE,NOREPLICATION"
+    role_attr_flags: NOSUPERUSER,NOCREATEDB,NOCREATEROLE,NOREPLICATION,INHERIT
     groups: "postgres_readonly"
     login_user: "{{ postgres_admin_user }}"
     state: present