open-dsi
/
postgres
mirror of https://github.com/postgres/postgres
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Removed old CI scripts

Browse Source
pull/209/head
Zsolt Parragi 8 months ago
parent 5a1cfae10d
commit a422640357
19 changed files with 0 additions and 1399 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      .github/CODEOWNERS
  2. 57
      .github/ISSUE_TEMPLATE/bug.yml
  3. 5
      .github/ISSUE_TEMPLATE/config.yml
  4. 34
      .github/ISSUE_TEMPLATE/feature.yml
  5. 12
      .github/dependabot.yml
  6. 9
      .github/pull_request_template.md
  7. 56
      .github/workflows/check.yaml
  8. 51
      .github/workflows/docker.yaml
  9. 47
      .github/workflows/docs.yaml
  10. 176
      .github/workflows/postgresql-16-ppg-package-pgxs.yml
  11. 112
      .github/workflows/postgresql-16-src-make-ssl11.yml
  12. 112
      .github/workflows/postgresql-16-src-make.yml
  13. 94
      .github/workflows/postgresql-16-src-meson.yml
  14. 112
      .github/workflows/postgresql-17-src-make.yml
  15. 145
      .github/workflows/postgresql-17-src-meson-perf.yml
  16. 90
      .github/workflows/postgresql-17-src-meson.yml
  17. 48
      .github/workflows/postgresql-perf-results.yml
  18. 185
      .github/workflows/postgresql-pgdg-package-pgxs.yml
  19. 48
      .github/workflows/scorecard.yml

6
.github/CODEOWNERS
Unescape View File

@ -1,6 +0,0 @@
# https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners
# Order is important; the last matching pattern takes the most precedence.
* @dutow @dAdAbird
/documentation/ @nastena1606
/.github/ @artemgavrilov

57
.github/ISSUE_TEMPLATE/bug.yml
Unescape View File

@ -1,57 +0,0 @@
name: Bug Report
description: File a bug report
labels: ["bug"]
assignees: []
body:
- type: markdown
attributes:
value: |
Thanks for taking the time to fill out this bug report! Please provide as much information as possible, it will help us to address this problem faster.
- type: textarea
id: description
attributes:
label: Description
description: Please describe the problem.
validations:
required: true
- type: textarea
id: expected
attributes:
label: Expected Results
description: What did you expect to happen?
validations:
required: true
- type: textarea
id: actual
attributes:
label: Actual Results
description: What actually happened?
validations:
required: true
- type: textarea
id: version
attributes:
label: Version
description: What version of PostgreSQL and pg_tde are you running?
placeholder: PostgreSQL 17.0, pg_tde v1.0.0
validations:
required: true
- type: textarea
id: steps
attributes:
label: Steps to reproduce
description: Which steps do we need to take to reproduce this error?
- type: textarea
id: logs
attributes:
label: Relevant logs
description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks.
render: Shell
- type: checkboxes
id: terms
attributes:
label: Code of Conduct
description: By submitting this issue, you agree to follow [Percona Community Code of Conduct](https://github.com/percona/community/blob/main/content/contribute/coc.md)
options:
- label: I agree to follow Percona Community Code of Conduct
required: true

5
.github/ISSUE_TEMPLATE/config.yml
Unescape View File

@ -1,5 +0,0 @@
blank_issues_enabled: false
contact_links:
- name: Forum
url: https://forums.percona.com/
about: Please join our forums for general questions ans discussions.

34
.github/ISSUE_TEMPLATE/feature.yml
Unescape View File

@ -1,34 +0,0 @@
name: Feature Request
description: Suggest an idea for this project
labels: ["feature"]
assignees: []
body:
- type: markdown
attributes:
value: |
Thank you for suggesting an idea to make pg_tde better! Please complete the below form to ensure we have all the details to get things started.
- type: textarea
id: description
attributes:
label: Description
description: Description of the feature and of the problem it solves.
validations:
required: true
- type: textarea
id: solution
attributes:
label: Suggested solution
description: A concise description of your preferred solution.
- type: textarea
id: context
attributes:
label: Additional context
description: Any information that may help.
- type: checkboxes
id: terms
attributes:
label: Code of Conduct
description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/percona/community/blob/main/content/contribute/coc.md)
options:
- label: I agree to follow this project's Code of Conduct
required: true

12
.github/dependabot.yml
Unescape View File

@ -1,12 +0,0 @@
---
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
- package-ecosystem: "pip"
directory: "/documentation"
schedule:
interval: "weekly"

9
.github/pull_request_template.md
Unescape View File

@ -1,9 +0,0 @@
PG-0
### Description
<!--- Describe your changes in detail -->
### Links
<!--- Please provide links to any related PRs in this or other repositories --->

56
.github/workflows/check.yaml
Unescape View File

@ -1,56 +0,0 @@
name: Checks
on:
pull_request:
permissions:
contents: read
jobs:
format:
name: Format
runs-on: ubuntu-22.04
timeout-minutes: 5
steps:
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libcurl4-openssl-dev
- name: Clone postgres repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'postgres/postgres'
ref: 'REL_17_STABLE'
- name: Checkout sources
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'contrib/pg_tde'
- name: Configure postgres
run: ./configure
- name: Install perltidy
run: sudo cpan -T SHANCOCK/Perl-Tidy-20230309.tar.gz
- name: Install pg_bsd_indent
working-directory: src/tools/pg_bsd_indent
run: sudo make install
- name: Add pg_bsd_indent and pgindent to path
run: |
echo "/usr/local/pgsql/bin" >> $GITHUB_PATH
echo "${{ github.workspace }}/src/tools/pgindent" >> $GITHUB_PATH
- name: Format sources
working-directory: contrib/pg_tde
run: |
make update-typedefs
make indent
- name: Check files are formatted and no source code changes
working-directory: contrib/pg_tde
run: |
git status
git diff --exit-code

51
.github/workflows/docker.yaml
Unescape View File

@ -1,51 +0,0 @@
name: Docker
on:
workflow_dispatch:
pull_request:
push:
branches:
- main
permissions:
contents: read
jobs:
build-and-push:
name: Build and Push
runs-on: ubuntu-latest
steps:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
- name: Build
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
file: docker/Dockerfile
load: true # Put image in local docker
tags: perconalab/pg_tde:latest
- name: Test
run: |
docker run --pull=never --name pg-tde -e POSTGRES_PASSWORD=mysecretpassword -d perconalab/pg_tde:latest
sleep 10
IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' pg-tde)
echo $IP
echo "CREATE TABLE test_enc(id SERIAL, k INTEGER DEFAULT '0' NOT NULL, PRIMARY KEY (id)) USING pg_tde;" | docker run -e PGPASSWORD=mysecretpassword --rm postgres psql -h $IP -U postgres
echo "SELECT * FROM test_enc;" | docker run -e PGPASSWORD=mysecretpassword --rm postgres psql -h $IP -U postgres
- name: Login to Docker Hub
if: ${{ github.ref == 'refs/heads/main' }}
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Push
if: ${{ github.ref == 'refs/heads/main' }}
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
file: docker/Dockerfile
push: true
tags: perconalab/pg_tde:latest

47
.github/workflows/docs.yaml
Unescape View File

@ -1,47 +0,0 @@
name: Docs
on:
workflow_dispatch: {}
push:
branches:
- main
paths:
- "documentation/**"
permissions:
contents: write
jobs:
release:
name: Release
runs-on: ubuntu-latest
defaults:
run:
working-directory: ${{ github.workspace }}/documentation
steps:
- name: Chekout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0 # fetch all commits/branches
- name: Set up Python
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
with:
python-version: "3.x"
- name: Configure git
run: |
git config user.name "GitHub Action"
git config user.email "github-action@users.noreply.github.com"
- name: Install MkDocs
run: |
python -m pip install --upgrade pip
pip install wheel
if [ -f requirements.txt ]; then pip install -r requirements.txt; fi
- name: Deploy
run: |
mike set-default main -p
mike retitle main "Beta" -p
mike deploy main -p

176
.github/workflows/postgresql-16-ppg-package-pgxs.yml
Unescape View File

@ -1,176 +0,0 @@
name: postgresql-16-ppg-package-pgxs
on:
pull_request:
workflow_dispatch:
push:
branches: [main]
permissions:
contents: read
jobs:
build:
permissions:
contents: write # for ncipollo/release-action to create a release
name: pg-16-ppg-package-pgxs-build
runs-on: ubuntu-22.04
steps:
- name: Remove old postgres
run: |
sudo apt-get update
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev wget \
zlib1g-dev libssl-dev libpam0g-dev bison flex libipc-run-perl \
libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Install percona-release script
run: |
sudo apt-get -y update
sudo apt-get -y upgrade
sudo apt-get install -y wget gnupg2 curl lsb-release
sudo wget \
https://repo.percona.com/apt/percona-release_latest.generic_all.deb
sudo dpkg -i percona-release_latest.generic_all.deb
- name: Install Percona Distribution Postgresql 16 & Extensions
run: |
sudo percona-release setup ppg-16
sudo apt-get update -y
sudo apt-get install -y percona-postgresql-16 \
percona-postgresql-contrib percona-postgresql-server-dev-all \
percona-pgpool2 libpgpool2 percona-postgresql-16-pgaudit \
percona-postgresql-16-pgaudit-dbgsym percona-postgresql-16-repack \
percona-postgresql-16-repack-dbgsym percona-pgaudit16-set-user \
percona-pgaudit16-set-user-dbgsym percona-postgresql-16-postgis-3 \
percona-postgresql-16-postgis-3-scripts \
percona-postgresql-postgis-scripts percona-postgresql-postgis \
percona-postgis percona-pg-stat-monitor16
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/pg_tde
- name: Change src owner to postgres
run: |
sudo chmod o+rx ~
sudo chown -R postgres:postgres src
- name: Build pg_tde
run: |
sudo -u postgres bash -c 'make USE_PGXS=1'
sudo make USE_PGXS=1 install
working-directory: src/pg_tde
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Start pg_tde tests
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
sudo psql -V
sudo service postgresql stop
echo "shared_preload_libraries = 'pg_tde'" |
sudo tee -a /etc/postgresql/16/main/postgresql.conf
sudo service postgresql start
sudo -u postgres bash -c "export ROOT_TOKEN=$ROOT_TOKEN && make installcheck USE_PGXS=1"
working-directory: src/pg_tde
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/pg_tde/regression.diffs
src/pg_tde/logfile
retention-days: 3
- name: Report on test fail 2
if: ${{ failure() }}
run: |
cat src/pg_tde/regression.diffs
- name: Create release directory
run: |
sudo mkdir pgtde-ppg16
sudo mkdir -p pgtde-ppg16/usr/lib/postgresql/16/lib/
sudo mkdir -p pgtde-ppg16/share/postgresql/16/extension/
sudo cp /usr/share/postgresql/16/extension/pg_tde* pgtde-ppg16/share/postgresql/16/extension/
sudo cp /usr/lib/postgresql/16/lib/pg_tde* pgtde-ppg16/usr/lib/postgresql/16/lib/
- name: Upload tgz
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: pg_tde_ppg16_binary
path: pgtde-ppg16
- name: Create deb
run: |
sudo mkdir pgtde-ppg16/DEBIAN
sudo sh -c 'echo "Package: pgtde-ppg16" > pgtde-ppg16/DEBIAN/control'
sudo sh -c 'echo "Version: 0.1" >> pgtde-ppg16/DEBIAN/control'
sudo sh -c 'echo "Architecture: amd64" >> pgtde-ppg16/DEBIAN/control'
sudo sh -c 'echo "Maintainer: Percona" >> pgtde-ppg16/DEBIAN/control'
sudo sh -c 'echo "Description: Experimental pg_tde extension" >> pgtde-ppg16/DEBIAN/control'
sudo dpkg-deb --build --root-owner-group pgtde-ppg16
- name: Test deb
run: |
sudo rm -rf /usr/share/postgresql/16/extension/pg_tde*
sudo rm -rf /usr/lib/postgresql/16/lib/pg_tde*
sudo dpkg -i --debug=7777 pgtde-ppg16.deb
- name: Upload deb
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: pg_tde_deb
path: pgtde-ppg16.deb
- name: Create tgz
run: |
cd pgtde-ppg16 && sudo tar -czvf ../pgtde-ppg16.tar.gz .
- name: Publish release
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
# Only try and deploy on merged code
if: "github.repository == 'percona/pg_tde' && github.ref_name == 'main' && (github.event_name == 'push' || github.event_name == 'schedule')"
with:
artifacts: "pgtde-ppg16.tar.gz,pgtde-ppg16.deb"
omitBody: true
allowUpdates: true
generateReleaseNotes: true
makeLatest: true
tag: "latest"
name: "HEAD"
replacesArtifacts: true

112
.github/workflows/postgresql-16-src-make-ssl11.yml
Unescape View File

@ -1,112 +0,0 @@
name: postgresql-16-src-make-ssl11
on: [pull_request, workflow_dispatch]
permissions:
contents: read
jobs:
build:
name: pg-16-src-make-test-ssl11
runs-on: ubuntu-20.04
steps:
- name: Remove old postgres
run: |
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \
zlib1g-dev libssl-dev libpam0g-dev bison flex \
libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config \
libselinux1-dev python3-dev libhttp-server-simple-perl\
uuid-dev liblz4-dev libcurl4-openssl-dev python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Clone postgres repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'postgres/postgres'
ref: 'a81e5516fa4bc53e332cb35eefe231147c0e1749'
path: 'src'
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde
- name: Create pgsql dir
run: mkdir -p /opt/pgsql
- name: Build postgres
run: |
./configure --with-openssl --enable-tap-tests=no --enable-cassert
make -j
sudo make install
working-directory: src
- name: Build pg_tde
run: |
make -j MAJORVERSION=16
sudo make install
working-directory: src/contrib/pg_tde
- name: Start postgresql cluster with pg_tde
run: |
export PATH="/usr/local/pgsql/bin:$PATH"
sudo cp /usr/local/pgsql/bin/pg_config /usr/bin
initdb -D /opt/pgsql/data
echo "shared_preload_libraries = 'pg_tde'" >> \
/opt/pgsql/data/postgresql.conf
pg_ctl -D /opt/pgsql/data -l logfile start
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
make installcheck
working-directory: src/contrib/pg_tde
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/contrib/pg_tde/regression.diffs
logfile
retention-days: 3
- name: Report on test fail 2
if: ${{ failure() }}
run: |
cat src/contrib/pg_tde/regression.diffs

112
.github/workflows/postgresql-16-src-make.yml
Unescape View File

@ -1,112 +0,0 @@
name: postgresql-16-src-make
on: [pull_request, workflow_dispatch]
permissions:
contents: read
jobs:
build:
name: pg-16-src-make-test
runs-on: ubuntu-22.04
steps:
- name: Remove old postgres
run: |
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \
zlib1g-dev libssl-dev libpam0g-dev bison flex \
libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Clone postgres repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'postgres/postgres'
ref: 'a81e5516fa4bc53e332cb35eefe231147c0e1749'
path: 'src'
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde
- name: Create pgsql dir
run: mkdir -p /opt/pgsql
- name: Build postgres
run: |
./configure --with-openssl --enable-tap-tests=no --enable-cassert
make -j
sudo make install
working-directory: src
- name: Build pg_tde
run: |
make -j MAJORVERSION=16
sudo make install
working-directory: src/contrib/pg_tde
- name: Start postgresql cluster with pg_tde
run: |
export PATH="/usr/local/pgsql/bin:$PATH"
sudo cp /usr/local/pgsql/bin/pg_config /usr/bin
initdb -D /opt/pgsql/data
echo "shared_preload_libraries = 'pg_tde'" >> \
/opt/pgsql/data/postgresql.conf
pg_ctl -D /opt/pgsql/data -l logfile start
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
make installcheck
working-directory: src/contrib/pg_tde
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/contrib/pg_tde/regression.diffs
logfile
retention-days: 3
- name: Report on test fail 2
if: ${{ failure() }}
run: |
cat src/contrib/pg_tde/regression.diffs

94
.github/workflows/postgresql-16-src-meson.yml
Unescape View File

@ -1,94 +0,0 @@
name: postgresql-16-src-meson
on: [pull_request, workflow_dispatch]
permissions:
contents: read
jobs:
build:
name: pg-16-src-meson-test
runs-on: ubuntu-22.04
steps:
- name: Remove old postgres
run: |
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \
zlib1g-dev libssl-dev libpam0g-dev bison flex \
libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev meson ninja-build \
gpg wget libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Clone postgres repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'postgres/postgres'
ref: 'a81e5516fa4bc53e332cb35eefe231147c0e1749'
path: 'src'
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde
- name: Include pg_tde in meson build
run: |
echo "subdir('pg_tde')" >> src/contrib/meson.build
- name: Build postgres
run: |
meson setup build --prefix `pwd`/../inst --buildtype=debug -Dcassert=true
cd build && ninja && ninja install
working-directory: src
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
meson test --suite setup -v
meson test --suite pg_tde -v --num-processes 1
working-directory: src/build
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/build/testrun/pg_tde/regress/
retention-days: 3

112
.github/workflows/postgresql-17-src-make.yml
Unescape View File

@ -1,112 +0,0 @@
name: postgresql-17-src-make
on: [pull_request, workflow_dispatch]
permissions:
contents: read
jobs:
build:
name: pg-17-src-make-test
runs-on: ubuntu-22.04
steps:
- name: Remove old postgres
run: |
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \
zlib1g-dev libssl-dev libpam0g-dev bison flex \
libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Clone postgres repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'postgres/postgres'
ref: 'REL_17_STABLE'
path: 'src'
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde
- name: Create pgsql dir
run: mkdir -p /opt/pgsql
- name: Build postgres
run: |
./configure --with-openssl --enable-tap-tests=no --enable-cassert
make -j
sudo make install
working-directory: src
- name: Build pg_tde
run: |
make -j MAJORVERSION=17
sudo make install
working-directory: src/contrib/pg_tde
- name: Start postgresql cluster with pg_tde
run: |
export PATH="/usr/local/pgsql/bin:$PATH"
sudo cp /usr/local/pgsql/bin/pg_config /usr/bin
initdb -D /opt/pgsql/data
echo "shared_preload_libraries = 'pg_tde'" >> \
/opt/pgsql/data/postgresql.conf
pg_ctl -D /opt/pgsql/data -l logfile start
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
make installcheck
working-directory: src/contrib/pg_tde
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/contrib/pg_tde/regression.diffs
logfile
retention-days: 3
- name: Report on test fail 2
if: ${{ failure() }}
run: |
cat src/contrib/pg_tde/regression.diffs

145
.github/workflows/postgresql-17-src-meson-perf.yml
Unescape View File

@ -1,145 +0,0 @@
name: Perf test
on: [pull_request]
permissions:
contents: read
jobs:
build:
runs-on: ubuntu-22.04
steps:
- name: Remove old postgres
run: |
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \
zlib1g-dev libssl-dev libpam0g-dev bison flex \
libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev meson ninja-build \
sysbench libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Clone postgres repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'percona-lab/postgres'
ref: 'TDE_REL_17_STABLE'
path: 'src'
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde
- name: Build postgres
run: |
meson setup build --prefix `pwd`/../inst --buildtype=release
cd build && ninja && ninja install
working-directory: src
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
meson test --suite setup -v
meson test --suite pg_tde -v --num-processes 1
working-directory: src/build
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/build/testrun/pg_tde/regress/
retention-days: 3
- name: Setup test environment
run: |
bin/initdb -D data
echo "shared_preload_libraries = 'pg_tde'" >> data/postgresql.conf
bin/pg_ctl -D data start
bin/createdb sbtest
bin/createdb sbtest2
bin/createuser sbtest -s
bin/psql sbtest2 <<< "CREATE EXTENSION pg_tde;"
bin/psql sbtest2 <<< "SELECT pg_tde_add_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');"
bin/psql sbtest2 <<< "SELECT pg_tde_set_principal_key('test-db-principal-key','file-vault');"
cp -r ../src/contrib/pg_tde/sysbench .
cp -r ../src/contrib/pg_tde/perf .
working-directory: inst
- name: Run baseline performance tests
run: |
sysbench --db-driver=pgsql --threads=1 sysbench/oltp_insert.lua --tables=1 --table-size=10000 --pgsql-db=sbtest prepare
sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest run
sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest run | tee perf_norm
working-directory: inst
- name: Run TDE performance tests
run: |
sysbench --db-driver=pgsql --threads=1 sysbench/oltp_common_tde.lua --tables=1 --table-size=10000 --pgsql-db=sbtest2 prepare
sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest2 run
sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest2 run | tee perf_tde
working-directory: inst
- name: Run seq read performance tests
run: |
export PATH=../bin/:$PATH
./seq_read.sh | tee seq_read
working-directory: inst/perf
- name: Print results
run: |
NORM_Q=$(cat perf_norm | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g')
TDE_Q=$(cat perf_tde | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g')
echo "Norm queries: $NORM_Q"
echo "TDE queries: $TDE_Q"
echo "Performance test results:" >> pr_perf_results
echo "Normal queries: $(cat perf_norm | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g')" >> pr_perf_results
echo "TDE queries: $(cat perf_tde | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g')" >> pr_perf_results
echo "Percentage: $(($TDE_Q*100/$NORM_Q))%" >> pr_perf_results
cat perf/seq_read >> pr_perf_results
PERF_RESULT=$(cat pr_perf_results)
echo "PERF_RESULT<<EOF" >> $GITHUB_ENV
echo "$PERF_RESULT" >> $GITHUB_ENV
echo "EOF" >> $GITHUB_ENV
working-directory: inst
- uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: pr_perf_results
path: inst/pr_perf_results

90
.github/workflows/postgresql-17-src-meson.yml
Unescape View File

@ -1,90 +0,0 @@
name: postgresql-17-src-meson
on: [pull_request, workflow_dispatch]
permissions:
contents: read
jobs:
build:
name: pg-17-src-meson-test
runs-on: ubuntu-22.04
steps:
- name: Remove old postgres
run: |
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \
zlib1g-dev libssl-dev libpam0g-dev bison flex \
libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev meson ninja-build \
gpg wget libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Clone postgres repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: 'percona/postgres'
ref: 'TDE_REL_17_STABLE'
path: 'src'
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde
- name: Build postgres
run: |
meson setup build --prefix `pwd`/../inst --buildtype=debug -Dcassert=true
cd build && ninja && ninja install
working-directory: src
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
meson test --suite setup -v
meson test --suite pg_tde -v --num-processes 1
working-directory: src/build
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/build/testrun/pg_tde/
src/contrib/pg_tde/t/results/
retention-days: 3

48
.github/workflows/postgresql-perf-results.yml
Unescape View File

@ -1,48 +0,0 @@
name: Perf test results
on:
workflow_run:
workflows: [Perf test]
types:
- completed
permissions:
contents: read
pull-requests: write
jobs:
download:
runs-on: ubuntu-latest
steps:
- name: 'Download artifact'
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
script: |
let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.payload.workflow_run.id,
});
let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
return artifact.name == "pr_perf_results"
})[0];
let download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
archive_format: 'zip',
});
let fs = require('fs');
fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/pr_perf_results.zip`, Buffer.from(download.data));
- name: 'Unzip artifact'
run: |
unzip pr_perf_results.zip
- name: 'Create comment'
run: |
gh pr comment ${PR_NUMBER} -F pr_perf_results --repo ${{ github.repository }} --edit-last || \
gh pr comment ${PR_NUMBER} -F pr_perf_results --repo ${{ github.repository }}
env:
PR_NUMBER: ${{ github.event.number }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

185
.github/workflows/postgresql-pgdg-package-pgxs.yml
Unescape View File

@ -1,185 +0,0 @@
name: postgresql-pgdg-package-pgxs
on:
pull_request:
workflow_dispatch:
push:
branches: [main]
permissions:
contents: read
jobs:
build:
permissions:
contents: write # for ncipollo/release-action to create a release
name: pg-pgdg-package-pgxs-build
runs-on: ubuntu-24.04
strategy:
matrix:
postgresql-version: [16, 17]
steps:
- name: Remove old postgres
run: |
sudo apt-get update
sudo apt purge postgresql-client-common postgresql-common \
postgresql postgresql*
sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \
/usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \
/etc/postgresql
sudo rm -f /usr/bin/pg_config
- name: Install dependencies
run: |
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev wget \
zlib1g-dev libssl-dev libpam0g-dev bison flex libipc-run-perl \
libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt update && sudo apt install -y vault
- name: Install PG Distribution Postgresql
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
run: |
sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt \
$(lsb_release -cs)-pgdg main $POSTGRESQL_VERSION" > /etc/apt/sources.list.d/pgdg.list'
sudo wget --quiet -O - \
https://www.postgresql.org/media/keys/ACCC4CF8.asc |
sudo apt-key add -
sudo apt update
sudo apt -y install postgresql-$POSTGRESQL_VERSION postgresql-server-dev-$POSTGRESQL_VERSION
- name: Clone pg_tde repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/pg_tde'
- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/pg_tde
- name: Change src owner to postgres
run: |
sudo chmod o+rx ~
sudo chown -R postgres:postgres src
- name: Build pg_tde
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
run: |
sudo -u postgres bash -c 'make USE_PGXS=1'
sudo make USE_PGXS=1 MAJORVERSION=$POSTGRESQL_VERSION install
working-directory: src/pg_tde
- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp
- name: Start pg_tde tests
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
sudo psql -V
sudo service postgresql stop
echo "shared_preload_libraries = 'pg_tde'" |
sudo tee -a /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf
sudo service postgresql start
sudo -u postgres bash -c "export ROOT_TOKEN=$ROOT_TOKEN && make installcheck USE_PGXS=1"
working-directory: src/pg_tde
- name: Report on test fail
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
if: ${{ failure() }}
with:
name: Regressions diff and postgresql log
path: |
src/pg_tde/regression.diffs
src/pg_tde/logfile
retention-days: 3
- name: Report on test fail 2
if: ${{ failure() }}
run: |
cat src/pg_tde/regression.diffs
- name: Create release directory
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
run: |
sudo -E mkdir pgtde-pgdg$POSTGRESQL_VERSION
sudo -E mkdir -p pgtde-pgdg$POSTGRESQL_VERSION/usr/lib/postgresql/$POSTGRESQL_VERSION/lib/
sudo -E mkdir -p pgtde-pgdg$POSTGRESQL_VERSION/share/postgresql/$POSTGRESQL_VERSION/extension/
sudo -E cp /usr/share/postgresql/$POSTGRESQL_VERSION/extension/pg_tde* pgtde-pgdg$POSTGRESQL_VERSION/share/postgresql/$POSTGRESQL_VERSION/extension/
sudo -E cp /usr/lib/postgresql/$POSTGRESQL_VERSION/lib/pg_tde* pgtde-pgdg$POSTGRESQL_VERSION/usr/lib/postgresql/$POSTGRESQL_VERSION/lib/
- name: Upload tgz
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: pg_tde_pgdg$POSTGRESQL_VERSION_binary
path: pgtde-pgdg$POSTGRESQL_VERSION
- name: Create deb
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
run: |
sudo -E mkdir pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN
sudo -E sh -c 'echo "Package: pgtde-pgdg$POSTGRESQL_VERSION" > pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control'
sudo -E sh -c 'echo "Version: 0.1" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control'
sudo -E sh -c 'echo "Architecture: amd64" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control'
sudo -E sh -c 'echo "Maintainer: Percona" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control'
sudo -E sh -c 'echo "Description: Experimental pg_tde extension" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control'
sudo -E dpkg-deb --build --root-owner-group pgtde-pgdg$POSTGRESQL_VERSION
- name: Test deb
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
run: |
sudo -E rm -rf /usr/share/postgresql/$POSTGRESQL_VERSION/extension/pg_tde*
sudo -E rm -rf /usr/lib/postgresql/$POSTGRESQL_VERSION/lib/pg_tde*
sudo -E dpkg -i --debug=7777 pgtde-pgdg$POSTGRESQL_VERSION.deb
- name: Upload deb
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: pg_tde_deb
path: pgtde-pgdg$POSTGRESQL_VERSION.deb
- name: Create tgz
env:
POSTGRESQL_VERSION: ${{ matrix.postgresql-version }}
run: |
cd pgtde-pgdg$POSTGRESQL_VERSION && sudo tar -czvf ../pgtde-pgdg$POSTGRESQL_VERSION.tar.gz .
- name: Publish release
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0
# Only try and deploy on merged code
if: "github.repository == 'percona/pg_tde' && github.ref_name == 'main' && (github.event_name == 'push' || github.event_name == 'schedule')"
with:
artifacts: "pgtde-pgdg${{ matrix.postgresql-version }}.tar.gz,pgtde-pgdg${{ matrix.postgresql-version }}.deb"
omitBody: true
allowUpdates: true
generateReleaseNotes: true
makeLatest: true
tag: "latest"
name: "HEAD"
replacesArtifacts: true

48
.github/workflows/scorecard.yml
Unescape View File

@ -1,48 +0,0 @@
name: Scorecard
on:
# To guarantee Maintained check is occasionally updated. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: "24 3 * * 1"
push:
branches:
- main
# Declare default permissions as read only.
permissions: read-all
jobs:
analysis:
name: Analysis
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to publish results and get a badge (see publish_results below).
id-token: write
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Run analysis
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
with:
results_file: results.sarif
results_format: sarif
publish_results: true
- name: Upload results
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: SARIF file
path: results.sarif
retention-days: 5
# Upload the results to GitHub's code scanning dashboard (optional).
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
with:
sarif_file: results.sarif
Write Preview
Loading…
Cancel
Save