feat(neon): add Role resource for managing database users #1144
+1,298
−7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…1093) * test(cloudflare): comprehensive dead letter queue tests Adds comprehensive test coverage for the dead letter queue feature in QueueConsumer, which was fixed in PR alchemy-run#1092. Tests cover: - DLQ with string reference (queue name) - DLQ with Queue object reference - Updating consumer to add DLQ - Worker eventSources with DLQ settings Also includes the missing fix for build-worker-options.ts to properly handle deadLetterQueue in Miniflare local development, and updates queue-consumer.ts to preserve DLQ settings from props when the API doesn't return them in the response. Related: alchemy-run#1092 * test(cloudflare): comprehensive dead letter queue tests Adds comprehensive test coverage for the dead letter queue feature in QueueConsumer, which was fixed in PR alchemy-run#1092. Tests cover: - DLQ with string reference (queue name) - DLQ with Queue object reference - Updating consumer to add DLQ - Worker eventSources with DLQ settings Also includes the missing fix for build-worker-options.ts to properly handle deadLetterQueue in Miniflare local development, and updates queue-consumer.ts to preserve DLQ settings from props when the API doesn't return them in the response. Related: alchemy-run#1092 * Improved the DLQ test and fixed the typings for being root not in settings * Removed DLQ response, since Cloudflare missed that DX in the API we will callback to the props instead for something to be there for the user --------- Co-authored-by: Sam Goodwin <[email protected]>
Add NeonRole resource for managing Postgres database roles (users) in Neon branches: - Resource implementation with automatic password generation - Support for protected (no-login) roles - Secret encryption for passwords - Full lifecycle management (create, update, delete) - Comprehensive test suite (4 test cases, all passing) - User-facing documentation with examples - Provider overview docs with Role included All tests passing with 100% success rate. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Address reviewer feedback about confusing naming: - Renamed `protected` property to `noLogin` in NeonRole - Updated all tests to use `noLogin` instead of `protected` - Updated documentation to reflect the change - All 4 tests still passing The `protected` name was confusing because: - In NeonBranch, `protected` means "prevent deletion" - In NeonRole, it was being used for "cannot login" Now `noLogin` clearly indicates the role cannot be used for login, which maps directly to the Neon API's `no_login` parameter. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Update comment to reference noLogin instead of protected
Mkassabov
reviewed
Oct 18, 2025
Comment on lines
+150
to
+163
|
|
||
| // Create temporary preview branch that expires in 7 days | ||
| const expiresAt = new Date(Date.now() + 7 * 24 * 60 * 60 * 1000); | ||
|
|
||
| const preview = await NeonBranch(`preview-${prNumber}`, { | ||
| project, | ||
| name: `preview-pr-${prNumber}`, | ||
| parentBranch: project.branch.id, | ||
| expiresAt: expiresAt.toISOString(), | ||
| endpoints: [ | ||
| { type: "read_write" } | ||
| ], | ||
| }); | ||
|
|
There was a problem hiding this comment.
why does it need to expire, if this runs in a PR environment it should be torn down once the PR is merged. If a pr is open for more than 7 days this could cause problems no?
There was a problem hiding this comment.
I guess with alchemy there isn't really a use case for expiresAt (maybe there is?) but the api supports it, your call if it should be included or not.
There was a problem hiding this comment.
Also this was already part of the source code, this PR just fills adds a role + fills the branch documentation gap
Address code review feedback from @Mkassabov and @sam-goodwin: - Changed from throwing an error to calling this.replace() when role name changes - Consistent with how project/branch immutable properties are handled - Allows Alchemy to properly replace the resource instead of failing All tests passing (4/4). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Address code review feedback from @Mkassabov: - Change password type from Secret to Secret<string> - Remove markdown headings from @example blocks - Keep only the TypeScript code in examples All tests passing (4/4). 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
- Add connectionUris property to NeonRole output type - Rename RoleData → NeonRoleData for consistent naming with NeonConnectionUri - Create createConnectionUri helper to build connection URIs from components - Generate connection URIs during role creation from branch endpoints/databases - Update NeonRole tests to verify connectionUris structure This makes NeonRole consistent with NeonBranch and NeonProject, which both provide connection URIs. The URIs are generated at creation time and persisted in state, matching the pattern used by other Neon resources. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
|
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the ✨ Finishing touches🧪 Generate unit tests (beta)
Comment |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds the
NeonRoleresource for managing Postgres database roles(users) within Neon branches.
Summary
The
NeonRoleresource enables programmatic management of database userswith automatic password generation, secret encryption, and full lifecycle
support.
Changes
Core Implementation
alchemy/src/neon/role.ts- Complete resource implementation with:no_loginflagNeonProjectandNeonBranchresourcesTests
alchemy/test/neon/role.test.ts- Comprehensive test suite:Documentation
alchemy-web/src/content/docs/providers/neon/role.md- Complete userdocumentation with 8 usage examples
alchemy-web/src/content/docs/providers/neon/index.md- Updatedprovider overview to include Role resource
alchemy-web/src/content/docs/providers/neon/branch.md- AddedBranch documentation for completeness
Usage Example