On Fri, Sep 01, 2023 at 12:01:37AM +0200, Jim Jones wrote:
> Often we make changes in the pg_hba.conf and leave a #comment there, just in
> case we forget why the change was done. To avoid having to open the
> configuration file every time just to check the comments, it would be quite
> nice to have the option to read these comments in the pg_hba_file_rules
> view. Something like adding it in the end of the line and wrapping it with
> characters like "", '', {}, [], etc
>
> For instance, this pg_hba.conf ...
>
> # TYPE DATABASE USER ADDRESS METHOD
> local all all trust [foo]
> host all all 127.0.0.1/32 trust
> host all all ::1/128 trust [bar]
> local replication all trust
> host replication all 127.0.0.1/32 trust
> hostssl replication all ::1/128 cert map=abc [this will fail
> :)]
>
> ... could be displayed like this
hba.c is complex enough these days (inclusion logic, tokenization of
the items) that I am not in favor of touching its code paths for
anything like that. This is not something that can apply only to
pg_hba.conf, but to all configuration files. And this touches in
adding support for a second type of comment format. This is one of
these areas where we may want a smarter version of pg_read_file that
returns a SRF for (line_number, line_contents) of a file read? Note
that it is possible to add comments at the end of a HBA entry already,
like:
local all all trust # My comment, and this is a correct HBA entry.
--
Michael
