engine upgrade fails when db tables are owned indirectly

[betanummeric]

Apparently, ovirt-engine insists on having the user used for database connections own all postgres objects directly:

Failed to execute stage 'Setup validation': Cannot upgrade the Engine database schema due to wrong ownership of some database entities.

The error is raised here:

ovirt-engine/packaging/setup/plugins/ovirt-engine-setup/ovirt-engine/db/schema.py

Lines 298 to 343 in a65cf0e

	def _checkDatabaseOwnership(self):
	statement = database.Statement(
	dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS,
	environment=self.environment,
	)
	result = statement.execute(
	statement="""
	select
	nsp.nspname as object_schema,
	cls.relname as object_name,
	rol.rolname as owner,
	case cls.relkind
	when 'r' then 'TABLE'
	when 'i' then 'INDEX'
	when 'S' then 'SEQUENCE'
	when 'v' then 'VIEW'
	when 'c' then 'TYPE'
	else
	cls.relkind::text
	end as object_type
	from
	pg_class cls join
	pg_roles rol on rol.oid = cls.relowner join
	pg_namespace nsp on nsp.oid = cls.relnamespace
	where
	nsp.nspname not in ('information_schema', 'pg_catalog') and
	nsp.nspname not like 'pg_%%' and
	cls.relname not like 'pg_%%' and
	rol.rolname != %(user)s
	order by
	nsp.nspname,
	cls.relname
	""",
	args=dict(
	user=self.environment[oenginecons.EngineDBEnv.USER],
	),
	ownConnection=True,
	transaction=False,
	)
	if len(result) > 0:
	raise RuntimeError(
	_(
	'Cannot upgrade the Engine database schema due to wrong '
	'ownership of some database entities.\n'
	)
	)

I'd like to put the postgres user in a postgres group and make that group owner of the tables etc. This makes it possible to share owner privileges with other users. The ovirt-engine user would still have full privileges, but the check fails, due to the rol.rolname != %(user)s .

My request is to let the check succeed also when the user is a member of the owner role.

[betanummeric]

resolved by PR #842