datafusion-postgres-cli-0.7.0 is not a library.
datafusion-postgres
A PostgreSQL-compatible server for Apache DataFusion, supporting authentication, role-based access control, and SSL/TLS encryption. Available as both a library and CLI tool.
Built on pgwire to provide PostgreSQL wire protocol compatibility for analytical workloads. It was originally an example of the pgwire project.
✨ Key Features
- 🔌 Full PostgreSQL Wire Protocol - Compatible with all PostgreSQL clients and drivers
- 🛡️ Security Features - Authentication, RBAC, and SSL/TLS encryption
- 🏗️ Complete System Catalogs - Real
pg_catalogtables with accurate metadata - 📊 Advanced Data Types - Comprehensive Arrow ↔ PostgreSQL type mapping
- 🔄 Transaction Support - ACID transaction lifecycle (BEGIN/COMMIT/ROLLBACK)
- ⚡ High Performance - Apache DataFusion's columnar query execution
🎯 Features
Core Functionality
- ✅ Library and CLI tool
- ✅ PostgreSQL wire protocol compatibility
- ✅ Complete
pg_catalogsystem tables - ✅ Arrow ↔ PostgreSQL data type mapping
- ✅ PostgreSQL functions (version, current_schema, has_table_privilege, etc.)
Security & Authentication
- ✅ User authentication and RBAC
- ✅ Granular permissions (SELECT, INSERT, UPDATE, DELETE, CREATE, DROP)
- ✅ Role inheritance and grant management
- ✅ SSL/TLS encryption
- ✅ Query-level permission checking
Transaction Support
- ✅ ACID transaction lifecycle
- ✅ BEGIN/COMMIT/ROLLBACK with all variants
- ✅ Failed transaction handling and recovery
Future Enhancements
- ⏳ Connection pooling optimizations
- ⏳ Advanced authentication (LDAP, certificates)
- ⏳ COPY protocol for bulk data loading
🔐 Authentication
Supports standard pgwire authentication methods:
- Cleartext:
CleartextStartupHandlerfor simple password authentication - MD5:
MD5StartupHandlerfor MD5-hashed passwords - SCRAM:
SASLScramAuthStartupHandlerfor secure authentication
See auth.rs for complete implementation examples using DfAuthSource.
🚀 Quick Start
The Library datafusion-postgres
The high-level entrypoint of datafusion-postgres library is the serve
function which takes a datafusion SessionContext and some server configuration
options.
use Arc;
use SessionContext;
use ;
// Create datafusion SessionContext
let session_context = new;
// Configure your `session_context`
// ...
// Start the Postgres compatible server with SSL/TLS
let server_options = new
.with_host
.with_port
.with_tls_cert_path
.with_tls_key_path;
serve.await
Security Features
// The server automatically includes:
// - User authentication (default postgres superuser)
// - Role-based access control with predefined roles:
// - readonly: SELECT permissions
// - readwrite: SELECT, INSERT, UPDATE, DELETE permissions
// - dbadmin: Full administrative permissions
// - SSL/TLS encryption when certificates are provided
// - Query-level permission checking
The CLI datafusion-postgres-cli
Command-line tool to serve JSON/CSV/Arrow/Parquet/Avro files as PostgreSQL-compatible tables.
datafusion-postgres-cli 0.6.1
A PostgreSQL interface for DataFusion. Serve CSV/JSON/Arrow/Parquet files as tables.
USAGE:
datafusion-postgres-cli [OPTIONS]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
--arrow <arrow-tables>... Arrow files to register as table, using syntax `table_name:file_path`
--avro <avro-tables>... Avro files to register as table, using syntax `table_name:file_path`
--csv <csv-tables>... CSV files to register as table, using syntax `table_name:file_path`
-d, --dir <directory> Directory to serve, all supported files will be registered as tables
--host <host> Host address the server listens to [default: 127.0.0.1]
--json <json-tables>... JSON files to register as table, using syntax `table_name:file_path`
--parquet <parquet-tables>... Parquet files to register as table, using syntax `table_name:file_path`
-p <port> Port the server listens to [default: 5432]
--tls-cert <tls-cert> Path to TLS certificate file for SSL/TLS encryption
--tls-key <tls-key> Path to TLS private key file for SSL/TLS encryption
🔒 Security Options
# Run with SSL/TLS encryption
# Run without encryption (development only)
📋 Example Usage
Basic Example
Host a CSV dataset as a PostgreSQL-compatible table:
Loaded delhiclimate.csv as table climate
TLS not configured. Running without encryption.
Listening on 127.0.0.1:5432 (unencrypted)
Connect with psql
🔐 Authentication: The default setup allows connections without authentication for development. For secure deployments, use
DfAuthSourcewith standard pgwire authentication handlers (cleartext, MD5, or SCRAM). Seeauth.rsfor implementation examples.
postgres=> SELECT COUNT(*) FROM climate;
count
-------
1462
(1 row)
postgres=> SELECT date, meantemp FROM climate WHERE meantemp > 35 LIMIT 5;
date | meantemp
------------+----------
2017-05-15 | 36.9
2017-05-16 | 37.9
2017-05-17 | 38.6
2017-05-18 | 37.4
2017-05-19 | 35.4
(5 rows)
postgres=> BEGIN;
BEGIN
postgres=> SELECT AVG(meantemp) FROM climate;
avg
------------------
25.4955206557617
(1 row)
postgres=> COMMIT;
COMMIT
🔐 Production Setup with SSL/TLS
# Generate SSL certificates
# Start secure server
Loaded delhiclimate.csv as table climate
TLS enabled using cert: server.crt and key: server.key
Listening on 127.0.0.1:5432 with TLS encryption
License
This library is released under Apache license.