add PGXN packaging: META.json, Makefile, .gitignore *.zip

.gitignore

@@ -4,6 +4,7 @@
 *.iml
 **/*.rs.bk
 Cargo.lock
+*.zip
 tests/pg_regress/results
 tests/pg_regress/regression.diffs
 tests/pg_regress/regression.out

META.json

@@ -0,0 +1,39 @@
+{
+   "name": "pg_command_fw",
+   "abstract": "PostgreSQL extension that intercepts and blocks DDL, utility commands, and dangerous built-in functions via configurable hooks",
+   "description": "A PostgreSQL security extension that enforces a configurable DDL/utility command firewall. Uses the ProcessUtility hook to intercept TRUNCATE, DROP TABLE, ALTER SYSTEM, LOAD, and COPY commands, and the post-parse analyze hook to block pg_read_file/pg_read_binary_file/pg_stat_file calls. Supports per-category GUC flags, superuser bypass, per-role blocklists, production schema scoping, audit logging, and custom error hints.",
+   "version": "0.1.0",
+   "maintainer": "RustWizard <rustwizard.0@gmail.com>",
+   "license": "bsd",
+   "provides": {
+      "pg_command_fw": {
+         "abstract": "DDL/utility command firewall via ProcessUtility and post-parse analyze hooks",
+         "file": "pg_command_fw.control",
+         "version": "0.1.0"
+      }
+   },
+   "resources": {
+      "homepage": "https://github.com/rustwizard/pg_command_fw",
+      "bugtracker": {
+         "web": "https://github.com/rustwizard/pg_command_fw/issues"
+      },
+      "repository": {
+         "url": "https://github.com/rustwizard/pg_command_fw.git",
+         "web": "https://github.com/rustwizard/pg_command_fw",
+         "type": "git"
+      }
+   },
+   "prereqs": {
+      "runtime": {
+         "requires": {
+            "PostgreSQL": "15.0.0"
+         }
+      }
+   },
+   "tags": ["security", "ddl", "firewall", "hook", "pgrx", "rust", "truncate", "copy", "alter-system"],
+   "generated_by": "hand",
+   "meta-spec": {
+      "version": "1.0.0",
+      "url": "https://pgxn.org/spec/"
+   }
+}

Makefile

@@ -0,0 +1,46 @@
+PG_CONFIG    ?= pg_config
+
+PG_VER       := $(shell $(PG_CONFIG) --version | grep -oE '[0-9]+' | head -1)
+PG_PKGLIBDIR := $(shell $(PG_CONFIG) --pkglibdir)
+PG_SHAREDIR  := $(shell $(PG_CONFIG) --sharedir)
+PG_BINDIR    := $(shell $(PG_CONFIG) --bindir)
+
+EXTENSION    = pg_command_fw
+VERSION      := $(shell grep '^version' Cargo.toml | head -1 | sed 's/.*"\(.*\)"/\1/')
+PACKAGE_DIR  = target/release/$(EXTENSION)-pg$(PG_VER)
+
+# .so on Linux, .dylib on macOS
+UNAME_S      := $(shell uname -s)
+ifeq ($(UNAME_S),Darwin)
+    LIB_EXT = dylib
+else
+    LIB_EXT = so
+endif
+
+PGXN_ZIP     = $(EXTENSION)-$(VERSION).zip
+
+.PHONY: all package install clean pgxn-zip
+
+all: package
+
+package:
+	cargo pgrx package --pg-config $(PG_CONFIG)
+
+install: package
+	install -m 755 \
+		"$(PACKAGE_DIR)$(PG_PKGLIBDIR)/$(EXTENSION).$(LIB_EXT)" \
+		"$(PG_PKGLIBDIR)/"
+	install -m 644 \
+		"$(PACKAGE_DIR)$(PG_SHAREDIR)/extension/$(EXTENSION).control" \
+		"$(PG_SHAREDIR)/extension/"
+	install -m 644 \
+		"$(PACKAGE_DIR)$(PG_SHAREDIR)/extension/$(EXTENSION)"--*.sql \
+		"$(PG_SHAREDIR)/extension/"
+
+pgxn-zip:
+	git archive --format=zip --prefix=$(EXTENSION)-$(VERSION)/ HEAD \
+		-o $(PGXN_ZIP)
+	@echo "Created $(PGXN_ZIP)"
+
+clean:
+	cargo clean