feat(db): boostrap only option if resource management is exogenous

The database resource management including privileges granting can be
done by external secops. It can be undesirable to grant the grant option
to the framework user.

This commit implements the possibility to remove user resource
management from frappe entirely and only boostrap the database with its
target user.

frappe/commands/site.py

@@ -48,6 +48,11 @@ from frappe.exceptions import SiteNotSpecifiedError
 @click.option(
 	"--set-default", is_flag=True, default=False, help="Set the new site as default site"
 )
+@click.option(
+	"--setup-db/--no-setup-db",
+	default=True,
+	help="Create user and database in mariadb/postgres; only boostrap if false",
+)
 def new_site(
 	site,
 	db_root_username=None,
@@ -64,6 +69,7 @@ def new_site(
 	db_host=None,
 	db_port=None,
 	set_default=False,
+	setup_db=True,
 ):
 	"Create a new site"
 	from frappe.installer import _new_site, extract_sql_from_archive
@@ -88,6 +94,7 @@ def new_site(
 		db_type=db_type,
 		db_host=db_host,
 		db_port=db_port,
+		setup_db=setup_db,
 	)
 
 	if set_default:

frappe/database/mariadb/setup_db.py

@@ -55,8 +55,6 @@ def setup_database(force, source_sql, verbose, no_mariadb_socket=False):
 	# close root connection
 	root_conn.close()
 
-	bootstrap_database(db_name, verbose, source_sql)
-
 
 def drop_user_and_database(db_name, root_login, root_password):
 	frappe.local.db = get_root_connection(root_login, root_password)
@@ -75,8 +73,8 @@ def bootstrap_database(db_name, verbose, source_sql=None):
 		sys.exit(1)
 
 	import_db_from_sql(source_sql, verbose)
-
 	frappe.connect(db_name=db_name)
+
 	if "tabDefaultValue" not in frappe.db.get_tables(cached=False):
 		from click import secho
 

frappe/database/postgres/setup_db.py

@@ -14,9 +14,6 @@ def setup_database(force, source_sql=None, verbose=False):
 	root_conn.sql("GRANT ALL PRIVILEGES ON DATABASE `{0}` TO {0}".format(frappe.conf.db_name))
 	root_conn.close()
 
-	bootstrap_database(frappe.conf.db_name, verbose, source_sql=source_sql)
-	frappe.connect()
-
 
 def bootstrap_database(db_name, verbose, source_sql=None):
 	frappe.connect(db_name=db_name)

frappe/installer.py

@@ -48,6 +48,7 @@ def _new_site(
 	db_type=None,
 	db_host=None,
 	db_port=None,
+	setup_db=True,
 ):
 	"""Install a new Frappe site"""
 
@@ -91,6 +92,7 @@ def _new_site(
 			db_host=db_host,
 			db_port=db_port,
 			no_mariadb_socket=no_mariadb_socket,
+			setup=setup_db,
 		)
 
 		apps_to_install = (
@@ -128,9 +130,10 @@ def install_db(
 	db_host=None,
 	db_port=None,
 	no_mariadb_socket=False,
+	setup=True,
 ):
 	import frappe.database
-	from frappe.database import setup_database
+	from frappe.database import bootstrap_database, setup_database
 
 	if not db_type:
 		db_type = frappe.conf.db_type
@@ -152,7 +155,15 @@ def install_db(
 
 	frappe.flags.root_login = root_login
 	frappe.flags.root_password = root_password
-	setup_database(force, source_sql, verbose, no_mariadb_socket)
+
+	if setup:
+		setup_database(force, source_sql, verbose, no_mariadb_socket)
+
+	bootstrap_database(
+		db_name=frappe.conf.db_name,
+		verbose=verbose,
+		source_sql=source_sql,
+	)
 
 	frappe.conf.admin_password = frappe.conf.admin_password or admin_password