bundle: per-bundle ignore rules

[erichanson]

Right now there's just one global table for ignored_schema, ignored_relation, ignored_row and ignored_column, and trackable_nontable_relation. The rows in these tables are verson-controlled, so when you checkout a commit, the entire bundle system's behavior can be modified. This needs to change. There's a use for global ignore rules (e.g. ignoring bundle's internal tables), but there also needs to be per-bundle "scope of concern" setting. Some bundles will want to track schema (e.g. putting a meta row in trackable_nontable_relation), others will not.

[erichanson]

This dovetails into the whole question of "What even is a trackable row."

Knowns:

• untracked_rows is an awesome feature. There's something very magic though about knowing that everything in the database is either ignored by rule, tracked by a bundle, or shows up in untracked. It means there's a record of everything, no shenanigans.
• untracked_rows is expensive to compute, because you have to look at every row in the whole database and see if it's in the head commit of any bundle. It requires sane maintenance of global ignore rules.
• If one were to install Aquameta on an existing database, setting up rules to ignore huge tables will be essential. A nice UI will make this easy and fun.
• Right now, ignore rules are global and affect all repositories, even though each repository can add to them. This is weird and probably wrong. Pulling down a third-party bundle shouldn't change the behavior of another third-party bundle.
• I think there's place for global ignore rules, though, but these are the rules that the system administrator sets up when the bundle system is installed, rules that vary from user to user, that say, "ignore this huge table". Also some core internal rules will say things like "ignore bundle.bundle", aka don't version control the version control system, unless you're crazy.

Proposal:

1. Keep global ignore rules, to be maintained by the system administrator, that override everything, and ideally prevent Aquameta from making modifications to anything ignored.
2. Introduce per-bundle tracking rules
   • per-bundle rules are opt-in rather than opt-out. Say what is to be tracked, rather than to be ignored, aka bundle.bundle_tracked_relation
   • typically used for bundles that create their own schema
   • we could say that a bundle that creates its own schema MAY (not must) auto-track rows in their tables
   • all kinds of hybrid patterns here where one bundle creates schema and another adds rows to it
   • murky, try it and find out

[erichanson]

There may be an analog here to the infamous Oops, You Wrote a Database w.r.t. grant, policies, roles, and row-level security. All of this can probably be declared and enforced by policy in an elegant way. Bears much consideration.

Oops, You Wrote a ACL