From a4226403570631afa64e986ddac20826ce96f85e Mon Sep 17 00:00:00 2001 From: Zsolt Parragi Date: Tue, 7 Jan 2025 20:44:14 +0000 Subject: [PATCH] Removed old CI scripts --- .github/CODEOWNERS | 6 - .github/ISSUE_TEMPLATE/bug.yml | 57 ------ .github/ISSUE_TEMPLATE/config.yml | 5 - .github/ISSUE_TEMPLATE/feature.yml | 34 ---- .github/dependabot.yml | 12 -- .github/pull_request_template.md | 9 - .github/workflows/check.yaml | 56 ------ .github/workflows/docker.yaml | 51 ----- .github/workflows/docs.yaml | 47 ----- .../postgresql-16-ppg-package-pgxs.yml | 176 ----------------- .../postgresql-16-src-make-ssl11.yml | 112 ----------- .github/workflows/postgresql-16-src-make.yml | 112 ----------- .github/workflows/postgresql-16-src-meson.yml | 94 --------- .github/workflows/postgresql-17-src-make.yml | 112 ----------- .../postgresql-17-src-meson-perf.yml | 145 -------------- .github/workflows/postgresql-17-src-meson.yml | 90 --------- .github/workflows/postgresql-perf-results.yml | 48 ----- .../postgresql-pgdg-package-pgxs.yml | 185 ------------------ .github/workflows/scorecard.yml | 48 ----- 19 files changed, 1399 deletions(-) delete mode 100644 .github/CODEOWNERS delete mode 100644 .github/ISSUE_TEMPLATE/bug.yml delete mode 100644 .github/ISSUE_TEMPLATE/config.yml delete mode 100644 .github/ISSUE_TEMPLATE/feature.yml delete mode 100644 .github/dependabot.yml delete mode 100644 .github/pull_request_template.md delete mode 100644 .github/workflows/check.yaml delete mode 100644 .github/workflows/docker.yaml delete mode 100644 .github/workflows/docs.yaml delete mode 100644 .github/workflows/postgresql-16-ppg-package-pgxs.yml delete mode 100644 .github/workflows/postgresql-16-src-make-ssl11.yml delete mode 100644 .github/workflows/postgresql-16-src-make.yml delete mode 100644 .github/workflows/postgresql-16-src-meson.yml delete mode 100644 .github/workflows/postgresql-17-src-make.yml delete mode 100644 .github/workflows/postgresql-17-src-meson-perf.yml delete mode 100644 .github/workflows/postgresql-17-src-meson.yml delete mode 100644 .github/workflows/postgresql-perf-results.yml delete mode 100644 .github/workflows/postgresql-pgdg-package-pgxs.yml delete mode 100644 .github/workflows/scorecard.yml diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS deleted file mode 100644 index a0c835e5c36..00000000000 --- a/.github/CODEOWNERS +++ /dev/null @@ -1,6 +0,0 @@ -# https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners -# Order is important; the last matching pattern takes the most precedence. - -* @dutow @dAdAbird -/documentation/ @nastena1606 -/.github/ @artemgavrilov diff --git a/.github/ISSUE_TEMPLATE/bug.yml b/.github/ISSUE_TEMPLATE/bug.yml deleted file mode 100644 index 3bb8ed39ef0..00000000000 --- a/.github/ISSUE_TEMPLATE/bug.yml +++ /dev/null @@ -1,57 +0,0 @@ -name: Bug Report -description: File a bug report -labels: ["bug"] -assignees: [] -body: - - type: markdown - attributes: - value: | - Thanks for taking the time to fill out this bug report! Please provide as much information as possible, it will help us to address this problem faster. - - type: textarea - id: description - attributes: - label: Description - description: Please describe the problem. - validations: - required: true - - type: textarea - id: expected - attributes: - label: Expected Results - description: What did you expect to happen? - validations: - required: true - - type: textarea - id: actual - attributes: - label: Actual Results - description: What actually happened? - validations: - required: true - - type: textarea - id: version - attributes: - label: Version - description: What version of PostgreSQL and pg_tde are you running? - placeholder: PostgreSQL 17.0, pg_tde v1.0.0 - validations: - required: true - - type: textarea - id: steps - attributes: - label: Steps to reproduce - description: Which steps do we need to take to reproduce this error? - - type: textarea - id: logs - attributes: - label: Relevant logs - description: Please copy and paste any relevant log output. This will be automatically formatted into code, so no need for backticks. - render: Shell - - type: checkboxes - id: terms - attributes: - label: Code of Conduct - description: By submitting this issue, you agree to follow [Percona Community Code of Conduct](https://github.com/percona/community/blob/main/content/contribute/coc.md) - options: - - label: I agree to follow Percona Community Code of Conduct - required: true diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml deleted file mode 100644 index a2f994643b6..00000000000 --- a/.github/ISSUE_TEMPLATE/config.yml +++ /dev/null @@ -1,5 +0,0 @@ -blank_issues_enabled: false -contact_links: - - name: Forum - url: https://forums.percona.com/ - about: Please join our forums for general questions ans discussions. diff --git a/.github/ISSUE_TEMPLATE/feature.yml b/.github/ISSUE_TEMPLATE/feature.yml deleted file mode 100644 index 5e7b9a8d815..00000000000 --- a/.github/ISSUE_TEMPLATE/feature.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: Feature Request -description: Suggest an idea for this project -labels: ["feature"] -assignees: [] -body: - - type: markdown - attributes: - value: | - Thank you for suggesting an idea to make pg_tde better! Please complete the below form to ensure we have all the details to get things started. - - type: textarea - id: description - attributes: - label: Description - description: Description of the feature and of the problem it solves. - validations: - required: true - - type: textarea - id: solution - attributes: - label: Suggested solution - description: A concise description of your preferred solution. - - type: textarea - id: context - attributes: - label: Additional context - description: Any information that may help. - - type: checkboxes - id: terms - attributes: - label: Code of Conduct - description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/percona/community/blob/main/content/contribute/coc.md) - options: - - label: I agree to follow this project's Code of Conduct - required: true diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 5dd35a647eb..00000000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,12 +0,0 @@ ---- -version: 2 -updates: - - package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: "weekly" - - - package-ecosystem: "pip" - directory: "/documentation" - schedule: - interval: "weekly" diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md deleted file mode 100644 index c35e3012e54..00000000000 --- a/.github/pull_request_template.md +++ /dev/null @@ -1,9 +0,0 @@ -PG-0 - -### Description - - - -### Links - - diff --git a/.github/workflows/check.yaml b/.github/workflows/check.yaml deleted file mode 100644 index a9e87107f4a..00000000000 --- a/.github/workflows/check.yaml +++ /dev/null @@ -1,56 +0,0 @@ -name: Checks -on: - pull_request: - -permissions: - contents: read - -jobs: - format: - name: Format - runs-on: ubuntu-22.04 - timeout-minutes: 5 - - steps: - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libcurl4-openssl-dev - - - name: Clone postgres repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: 'postgres/postgres' - ref: 'REL_17_STABLE' - - - name: Checkout sources - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'contrib/pg_tde' - - - name: Configure postgres - run: ./configure - - - name: Install perltidy - run: sudo cpan -T SHANCOCK/Perl-Tidy-20230309.tar.gz - - - name: Install pg_bsd_indent - working-directory: src/tools/pg_bsd_indent - run: sudo make install - - - name: Add pg_bsd_indent and pgindent to path - run: | - echo "/usr/local/pgsql/bin" >> $GITHUB_PATH - echo "${{ github.workspace }}/src/tools/pgindent" >> $GITHUB_PATH - - - name: Format sources - working-directory: contrib/pg_tde - run: | - make update-typedefs - make indent - - - name: Check files are formatted and no source code changes - working-directory: contrib/pg_tde - run: | - git status - git diff --exit-code diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml deleted file mode 100644 index 7225dbbb526..00000000000 --- a/.github/workflows/docker.yaml +++ /dev/null @@ -1,51 +0,0 @@ -name: Docker - -on: - workflow_dispatch: - pull_request: - push: - branches: - - main - -permissions: - contents: read - -jobs: - build-and-push: - name: Build and Push - runs-on: ubuntu-latest - - steps: - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - - - name: Build - uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 - with: - file: docker/Dockerfile - load: true # Put image in local docker - tags: perconalab/pg_tde:latest - - - name: Test - run: | - docker run --pull=never --name pg-tde -e POSTGRES_PASSWORD=mysecretpassword -d perconalab/pg_tde:latest - sleep 10 - IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' pg-tde) - echo $IP - echo "CREATE TABLE test_enc(id SERIAL, k INTEGER DEFAULT '0' NOT NULL, PRIMARY KEY (id)) USING pg_tde;" | docker run -e PGPASSWORD=mysecretpassword --rm postgres psql -h $IP -U postgres - echo "SELECT * FROM test_enc;" | docker run -e PGPASSWORD=mysecretpassword --rm postgres psql -h $IP -U postgres - - - name: Login to Docker Hub - if: ${{ github.ref == 'refs/heads/main' }} - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Push - if: ${{ github.ref == 'refs/heads/main' }} - uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 - with: - file: docker/Dockerfile - push: true - tags: perconalab/pg_tde:latest diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml deleted file mode 100644 index 8ef6d4c49da..00000000000 --- a/.github/workflows/docs.yaml +++ /dev/null @@ -1,47 +0,0 @@ -name: Docs -on: - workflow_dispatch: {} - push: - branches: - - main - paths: - - "documentation/**" - -permissions: - contents: write - -jobs: - release: - name: Release - runs-on: ubuntu-latest - defaults: - run: - working-directory: ${{ github.workspace }}/documentation - - steps: - - name: Chekout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 0 # fetch all commits/branches - - - name: Set up Python - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 - with: - python-version: "3.x" - - - name: Configure git - run: | - git config user.name "GitHub Action" - git config user.email "github-action@users.noreply.github.com" - - - name: Install MkDocs - run: | - python -m pip install --upgrade pip - pip install wheel - if [ -f requirements.txt ]; then pip install -r requirements.txt; fi - - - name: Deploy - run: | - mike set-default main -p - mike retitle main "Beta" -p - mike deploy main -p diff --git a/.github/workflows/postgresql-16-ppg-package-pgxs.yml b/.github/workflows/postgresql-16-ppg-package-pgxs.yml deleted file mode 100644 index 93c3b015e54..00000000000 --- a/.github/workflows/postgresql-16-ppg-package-pgxs.yml +++ /dev/null @@ -1,176 +0,0 @@ -name: postgresql-16-ppg-package-pgxs -on: - pull_request: - workflow_dispatch: - push: - branches: [main] - -permissions: - contents: read - -jobs: - build: - permissions: - contents: write # for ncipollo/release-action to create a release - name: pg-16-ppg-package-pgxs-build - runs-on: ubuntu-22.04 - steps: - - name: Remove old postgres - run: | - sudo apt-get update - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev wget \ - zlib1g-dev libssl-dev libpam0g-dev bison flex libipc-run-perl \ - libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - name: Install percona-release script - run: | - sudo apt-get -y update - sudo apt-get -y upgrade - sudo apt-get install -y wget gnupg2 curl lsb-release - sudo wget \ - https://repo.percona.com/apt/percona-release_latest.generic_all.deb - sudo dpkg -i percona-release_latest.generic_all.deb - - - name: Install Percona Distribution Postgresql 16 & Extensions - run: | - sudo percona-release setup ppg-16 - sudo apt-get update -y - sudo apt-get install -y percona-postgresql-16 \ - percona-postgresql-contrib percona-postgresql-server-dev-all \ - percona-pgpool2 libpgpool2 percona-postgresql-16-pgaudit \ - percona-postgresql-16-pgaudit-dbgsym percona-postgresql-16-repack \ - percona-postgresql-16-repack-dbgsym percona-pgaudit16-set-user \ - percona-pgaudit16-set-user-dbgsym percona-postgresql-16-postgis-3 \ - percona-postgresql-16-postgis-3-scripts \ - percona-postgresql-postgis-scripts percona-postgresql-postgis \ - percona-postgis percona-pg-stat-monitor16 - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/pg_tde - - - name: Change src owner to postgres - run: | - sudo chmod o+rx ~ - sudo chown -R postgres:postgres src - - - name: Build pg_tde - run: | - sudo -u postgres bash -c 'make USE_PGXS=1' - sudo make USE_PGXS=1 install - working-directory: src/pg_tde - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Start pg_tde tests - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - - sudo psql -V - - sudo service postgresql stop - echo "shared_preload_libraries = 'pg_tde'" | - sudo tee -a /etc/postgresql/16/main/postgresql.conf - sudo service postgresql start - - sudo -u postgres bash -c "export ROOT_TOKEN=$ROOT_TOKEN && make installcheck USE_PGXS=1" - working-directory: src/pg_tde - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/pg_tde/regression.diffs - src/pg_tde/logfile - retention-days: 3 - - - name: Report on test fail 2 - if: ${{ failure() }} - run: | - cat src/pg_tde/regression.diffs - - - name: Create release directory - run: | - sudo mkdir pgtde-ppg16 - sudo mkdir -p pgtde-ppg16/usr/lib/postgresql/16/lib/ - sudo mkdir -p pgtde-ppg16/share/postgresql/16/extension/ - sudo cp /usr/share/postgresql/16/extension/pg_tde* pgtde-ppg16/share/postgresql/16/extension/ - sudo cp /usr/lib/postgresql/16/lib/pg_tde* pgtde-ppg16/usr/lib/postgresql/16/lib/ - - - name: Upload tgz - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - with: - name: pg_tde_ppg16_binary - path: pgtde-ppg16 - - - name: Create deb - run: | - sudo mkdir pgtde-ppg16/DEBIAN - sudo sh -c 'echo "Package: pgtde-ppg16" > pgtde-ppg16/DEBIAN/control' - sudo sh -c 'echo "Version: 0.1" >> pgtde-ppg16/DEBIAN/control' - sudo sh -c 'echo "Architecture: amd64" >> pgtde-ppg16/DEBIAN/control' - sudo sh -c 'echo "Maintainer: Percona" >> pgtde-ppg16/DEBIAN/control' - sudo sh -c 'echo "Description: Experimental pg_tde extension" >> pgtde-ppg16/DEBIAN/control' - sudo dpkg-deb --build --root-owner-group pgtde-ppg16 - - - name: Test deb - run: | - sudo rm -rf /usr/share/postgresql/16/extension/pg_tde* - sudo rm -rf /usr/lib/postgresql/16/lib/pg_tde* - sudo dpkg -i --debug=7777 pgtde-ppg16.deb - - - name: Upload deb - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - with: - name: pg_tde_deb - path: pgtde-ppg16.deb - - - name: Create tgz - run: | - cd pgtde-ppg16 && sudo tar -czvf ../pgtde-ppg16.tar.gz . - - - name: Publish release - uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0 - # Only try and deploy on merged code - if: "github.repository == 'percona/pg_tde' && github.ref_name == 'main' && (github.event_name == 'push' || github.event_name == 'schedule')" - with: - artifacts: "pgtde-ppg16.tar.gz,pgtde-ppg16.deb" - omitBody: true - allowUpdates: true - generateReleaseNotes: true - makeLatest: true - tag: "latest" - name: "HEAD" - replacesArtifacts: true diff --git a/.github/workflows/postgresql-16-src-make-ssl11.yml b/.github/workflows/postgresql-16-src-make-ssl11.yml deleted file mode 100644 index adfae4ea331..00000000000 --- a/.github/workflows/postgresql-16-src-make-ssl11.yml +++ /dev/null @@ -1,112 +0,0 @@ -name: postgresql-16-src-make-ssl11 -on: [pull_request, workflow_dispatch] - -permissions: - contents: read - -jobs: - build: - name: pg-16-src-make-test-ssl11 - runs-on: ubuntu-20.04 - steps: - - - - name: Remove old postgres - run: | - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \ - zlib1g-dev libssl-dev libpam0g-dev bison flex \ - libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \ - libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \ - libsystemd-dev gettext tcl-dev libperl-dev pkg-config \ - libselinux1-dev python3-dev libhttp-server-simple-perl\ - uuid-dev liblz4-dev libcurl4-openssl-dev python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - name: Clone postgres repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: 'postgres/postgres' - ref: 'a81e5516fa4bc53e332cb35eefe231147c0e1749' - path: 'src' - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/contrib/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/contrib/pg_tde - - - name: Create pgsql dir - run: mkdir -p /opt/pgsql - - - name: Build postgres - run: | - ./configure --with-openssl --enable-tap-tests=no --enable-cassert - make -j - sudo make install - working-directory: src - - - name: Build pg_tde - run: | - make -j MAJORVERSION=16 - sudo make install - working-directory: src/contrib/pg_tde - - - name: Start postgresql cluster with pg_tde - run: | - export PATH="/usr/local/pgsql/bin:$PATH" - sudo cp /usr/local/pgsql/bin/pg_config /usr/bin - initdb -D /opt/pgsql/data - echo "shared_preload_libraries = 'pg_tde'" >> \ - /opt/pgsql/data/postgresql.conf - pg_ctl -D /opt/pgsql/data -l logfile start - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Test pg_tde - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - make installcheck - working-directory: src/contrib/pg_tde - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/contrib/pg_tde/regression.diffs - logfile - retention-days: 3 - - - name: Report on test fail 2 - if: ${{ failure() }} - run: | - cat src/contrib/pg_tde/regression.diffs diff --git a/.github/workflows/postgresql-16-src-make.yml b/.github/workflows/postgresql-16-src-make.yml deleted file mode 100644 index 0f20716d1ce..00000000000 --- a/.github/workflows/postgresql-16-src-make.yml +++ /dev/null @@ -1,112 +0,0 @@ -name: postgresql-16-src-make -on: [pull_request, workflow_dispatch] - -permissions: - contents: read - -jobs: - build: - name: pg-16-src-make-test - runs-on: ubuntu-22.04 - steps: - - - - name: Remove old postgres - run: | - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \ - zlib1g-dev libssl-dev libpam0g-dev bison flex \ - libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \ - libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \ - libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \ - llvm-11 llvm-11-dev libselinux1-dev python3-dev \ - uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - name: Clone postgres repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: 'postgres/postgres' - ref: 'a81e5516fa4bc53e332cb35eefe231147c0e1749' - path: 'src' - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/contrib/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/contrib/pg_tde - - - name: Create pgsql dir - run: mkdir -p /opt/pgsql - - - name: Build postgres - run: | - ./configure --with-openssl --enable-tap-tests=no --enable-cassert - make -j - sudo make install - working-directory: src - - - name: Build pg_tde - run: | - make -j MAJORVERSION=16 - sudo make install - working-directory: src/contrib/pg_tde - - - name: Start postgresql cluster with pg_tde - run: | - export PATH="/usr/local/pgsql/bin:$PATH" - sudo cp /usr/local/pgsql/bin/pg_config /usr/bin - initdb -D /opt/pgsql/data - echo "shared_preload_libraries = 'pg_tde'" >> \ - /opt/pgsql/data/postgresql.conf - pg_ctl -D /opt/pgsql/data -l logfile start - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Test pg_tde - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - make installcheck - working-directory: src/contrib/pg_tde - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/contrib/pg_tde/regression.diffs - logfile - retention-days: 3 - - - name: Report on test fail 2 - if: ${{ failure() }} - run: | - cat src/contrib/pg_tde/regression.diffs diff --git a/.github/workflows/postgresql-16-src-meson.yml b/.github/workflows/postgresql-16-src-meson.yml deleted file mode 100644 index c305ebed320..00000000000 --- a/.github/workflows/postgresql-16-src-meson.yml +++ /dev/null @@ -1,94 +0,0 @@ -name: postgresql-16-src-meson -on: [pull_request, workflow_dispatch] - -permissions: - contents: read - -jobs: - build: - name: pg-16-src-meson-test - runs-on: ubuntu-22.04 - steps: - - - - name: Remove old postgres - run: | - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \ - zlib1g-dev libssl-dev libpam0g-dev bison flex \ - libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \ - libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \ - libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \ - llvm-11 llvm-11-dev libselinux1-dev python3-dev \ - uuid-dev liblz4-dev meson ninja-build \ - gpg wget libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - name: Clone postgres repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: 'postgres/postgres' - ref: 'a81e5516fa4bc53e332cb35eefe231147c0e1749' - path: 'src' - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/contrib/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/contrib/pg_tde - - - name: Include pg_tde in meson build - run: | - echo "subdir('pg_tde')" >> src/contrib/meson.build - - - name: Build postgres - run: | - meson setup build --prefix `pwd`/../inst --buildtype=debug -Dcassert=true - cd build && ninja && ninja install - working-directory: src - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Test pg_tde - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - - meson test --suite setup -v - meson test --suite pg_tde -v --num-processes 1 - working-directory: src/build - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/build/testrun/pg_tde/regress/ - retention-days: 3 \ No newline at end of file diff --git a/.github/workflows/postgresql-17-src-make.yml b/.github/workflows/postgresql-17-src-make.yml deleted file mode 100644 index 6dd648bc090..00000000000 --- a/.github/workflows/postgresql-17-src-make.yml +++ /dev/null @@ -1,112 +0,0 @@ -name: postgresql-17-src-make -on: [pull_request, workflow_dispatch] - -permissions: - contents: read - -jobs: - build: - name: pg-17-src-make-test - runs-on: ubuntu-22.04 - steps: - - - - name: Remove old postgres - run: | - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \ - zlib1g-dev libssl-dev libpam0g-dev bison flex \ - libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \ - libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \ - libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \ - llvm-11 llvm-11-dev libselinux1-dev python3-dev \ - uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - name: Clone postgres repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: 'postgres/postgres' - ref: 'REL_17_STABLE' - path: 'src' - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/contrib/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/contrib/pg_tde - - - name: Create pgsql dir - run: mkdir -p /opt/pgsql - - - name: Build postgres - run: | - ./configure --with-openssl --enable-tap-tests=no --enable-cassert - make -j - sudo make install - working-directory: src - - - name: Build pg_tde - run: | - make -j MAJORVERSION=17 - sudo make install - working-directory: src/contrib/pg_tde - - - name: Start postgresql cluster with pg_tde - run: | - export PATH="/usr/local/pgsql/bin:$PATH" - sudo cp /usr/local/pgsql/bin/pg_config /usr/bin - initdb -D /opt/pgsql/data - echo "shared_preload_libraries = 'pg_tde'" >> \ - /opt/pgsql/data/postgresql.conf - pg_ctl -D /opt/pgsql/data -l logfile start - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Test pg_tde - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - make installcheck - working-directory: src/contrib/pg_tde - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/contrib/pg_tde/regression.diffs - logfile - retention-days: 3 - - - name: Report on test fail 2 - if: ${{ failure() }} - run: | - cat src/contrib/pg_tde/regression.diffs diff --git a/.github/workflows/postgresql-17-src-meson-perf.yml b/.github/workflows/postgresql-17-src-meson-perf.yml deleted file mode 100644 index 91e5b8a9299..00000000000 --- a/.github/workflows/postgresql-17-src-meson-perf.yml +++ /dev/null @@ -1,145 +0,0 @@ -name: Perf test -on: [pull_request] -permissions: - contents: read - -jobs: - build: - runs-on: ubuntu-22.04 - steps: - - - - name: Remove old postgres - run: | - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \ - zlib1g-dev libssl-dev libpam0g-dev bison flex \ - libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \ - libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \ - libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \ - llvm-11 llvm-11-dev libselinux1-dev python3-dev \ - uuid-dev liblz4-dev meson ninja-build \ - sysbench libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - name: Clone postgres repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: 'percona-lab/postgres' - ref: 'TDE_REL_17_STABLE' - path: 'src' - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/contrib/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/contrib/pg_tde - - - name: Build postgres - run: | - meson setup build --prefix `pwd`/../inst --buildtype=release - cd build && ninja && ninja install - working-directory: src - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Test pg_tde - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - - meson test --suite setup -v - meson test --suite pg_tde -v --num-processes 1 - working-directory: src/build - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/build/testrun/pg_tde/regress/ - retention-days: 3 - - - name: Setup test environment - run: | - bin/initdb -D data - echo "shared_preload_libraries = 'pg_tde'" >> data/postgresql.conf - bin/pg_ctl -D data start - bin/createdb sbtest - bin/createdb sbtest2 - bin/createuser sbtest -s - bin/psql sbtest2 <<< "CREATE EXTENSION pg_tde;" - bin/psql sbtest2 <<< "SELECT pg_tde_add_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');" - bin/psql sbtest2 <<< "SELECT pg_tde_set_principal_key('test-db-principal-key','file-vault');" - cp -r ../src/contrib/pg_tde/sysbench . - cp -r ../src/contrib/pg_tde/perf . - working-directory: inst - - - name: Run baseline performance tests - run: | - sysbench --db-driver=pgsql --threads=1 sysbench/oltp_insert.lua --tables=1 --table-size=10000 --pgsql-db=sbtest prepare - sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest run - sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest run | tee perf_norm - working-directory: inst - - - name: Run TDE performance tests - run: | - sysbench --db-driver=pgsql --threads=1 sysbench/oltp_common_tde.lua --tables=1 --table-size=10000 --pgsql-db=sbtest2 prepare - sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest2 run - sysbench --db-driver=pgsql --threads=1 sysbench/oltp_read_only.lua --tables=1 --table-size=10000 --pgsql-db=sbtest2 run | tee perf_tde - working-directory: inst - - - name: Run seq read performance tests - run: | - export PATH=../bin/:$PATH - ./seq_read.sh | tee seq_read - working-directory: inst/perf - - - name: Print results - run: | - NORM_Q=$(cat perf_norm | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g') - TDE_Q=$(cat perf_tde | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g') - echo "Norm queries: $NORM_Q" - echo "TDE queries: $TDE_Q" - echo "Performance test results:" >> pr_perf_results - echo "Normal queries: $(cat perf_norm | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g')" >> pr_perf_results - echo "TDE queries: $(cat perf_tde | grep 'total number of events' | cut -d ':' -f 2 | sed 's/ //g')" >> pr_perf_results - echo "Percentage: $(($TDE_Q*100/$NORM_Q))%" >> pr_perf_results - cat perf/seq_read >> pr_perf_results - PERF_RESULT=$(cat pr_perf_results) - echo "PERF_RESULT<> $GITHUB_ENV - echo "$PERF_RESULT" >> $GITHUB_ENV - echo "EOF" >> $GITHUB_ENV - working-directory: inst - - - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - with: - name: pr_perf_results - path: inst/pr_perf_results diff --git a/.github/workflows/postgresql-17-src-meson.yml b/.github/workflows/postgresql-17-src-meson.yml deleted file mode 100644 index 0c6a374aa9d..00000000000 --- a/.github/workflows/postgresql-17-src-meson.yml +++ /dev/null @@ -1,90 +0,0 @@ -name: postgresql-17-src-meson -on: [pull_request, workflow_dispatch] - -permissions: - contents: read - -jobs: - build: - name: pg-17-src-meson-test - runs-on: ubuntu-22.04 - steps: - - - - name: Remove old postgres - run: | - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get update - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev \ - zlib1g-dev libssl-dev libpam0g-dev bison flex \ - libipc-run-perl -y docbook-xsl docbook-xsl libxml2 libxml2-utils \ - libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \ - libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \ - llvm-11 llvm-11-dev libselinux1-dev python3-dev \ - uuid-dev liblz4-dev meson ninja-build \ - gpg wget libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - name: Clone postgres repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - repository: 'percona/postgres' - ref: 'TDE_REL_17_STABLE' - path: 'src' - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/contrib/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/contrib/pg_tde - - - name: Build postgres - run: | - meson setup build --prefix `pwd`/../inst --buildtype=debug -Dcassert=true - cd build && ninja && ninja install - working-directory: src - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Test pg_tde - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - meson test --suite setup -v - meson test --suite pg_tde -v --num-processes 1 - working-directory: src/build - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/build/testrun/pg_tde/ - src/contrib/pg_tde/t/results/ - retention-days: 3 diff --git a/.github/workflows/postgresql-perf-results.yml b/.github/workflows/postgresql-perf-results.yml deleted file mode 100644 index 830ed8e6081..00000000000 --- a/.github/workflows/postgresql-perf-results.yml +++ /dev/null @@ -1,48 +0,0 @@ -name: Perf test results - -on: - workflow_run: - workflows: [Perf test] - types: - - completed - -permissions: - contents: read - pull-requests: write - -jobs: - download: - runs-on: ubuntu-latest - steps: - - name: 'Download artifact' - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 - with: - script: | - let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({ - owner: context.repo.owner, - repo: context.repo.repo, - run_id: context.payload.workflow_run.id, - }); - let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => { - return artifact.name == "pr_perf_results" - })[0]; - let download = await github.rest.actions.downloadArtifact({ - owner: context.repo.owner, - repo: context.repo.repo, - artifact_id: matchArtifact.id, - archive_format: 'zip', - }); - let fs = require('fs'); - fs.writeFileSync(`${process.env.GITHUB_WORKSPACE}/pr_perf_results.zip`, Buffer.from(download.data)); - - - name: 'Unzip artifact' - run: | - unzip pr_perf_results.zip - - - name: 'Create comment' - run: | - gh pr comment ${PR_NUMBER} -F pr_perf_results --repo ${{ github.repository }} --edit-last || \ - gh pr comment ${PR_NUMBER} -F pr_perf_results --repo ${{ github.repository }} - env: - PR_NUMBER: ${{ github.event.number }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/postgresql-pgdg-package-pgxs.yml b/.github/workflows/postgresql-pgdg-package-pgxs.yml deleted file mode 100644 index 554390957da..00000000000 --- a/.github/workflows/postgresql-pgdg-package-pgxs.yml +++ /dev/null @@ -1,185 +0,0 @@ -name: postgresql-pgdg-package-pgxs -on: - pull_request: - workflow_dispatch: - push: - branches: [main] - -permissions: - contents: read - -jobs: - build: - permissions: - contents: write # for ncipollo/release-action to create a release - name: pg-pgdg-package-pgxs-build - runs-on: ubuntu-24.04 - strategy: - matrix: - postgresql-version: [16, 17] - steps: - - name: Remove old postgres - run: | - sudo apt-get update - sudo apt purge postgresql-client-common postgresql-common \ - postgresql postgresql* - sudo rm -rf /var/lib/postgresql /var/log/postgresql /etc/postgresql \ - /usr/lib/postgresql /usr/include/postgresql /usr/share/postgresql \ - /etc/postgresql - sudo rm -f /usr/bin/pg_config - - - name: Install dependencies - run: | - sudo apt-get install -y libreadline6-dev systemtap-sdt-dev wget \ - zlib1g-dev libssl-dev libpam0g-dev bison flex libipc-run-perl \ - libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip - sudo /usr/bin/perl -MCPAN -e 'install IPC::Run' - sudo /usr/bin/perl -MCPAN -e 'install Text::Trim' - wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg - echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list - sudo apt update && sudo apt install -y vault - - - - name: Install PG Distribution Postgresql - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - run: | - sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt \ - $(lsb_release -cs)-pgdg main $POSTGRESQL_VERSION" > /etc/apt/sources.list.d/pgdg.list' - sudo wget --quiet -O - \ - https://www.postgresql.org/media/keys/ACCC4CF8.asc | - sudo apt-key add - - sudo apt update - sudo apt -y install postgresql-$POSTGRESQL_VERSION postgresql-server-dev-$POSTGRESQL_VERSION - - - name: Clone pg_tde repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - path: 'src/pg_tde' - - - name: Checkout libkmip submodule - run: | - git submodule update --init --recursive - working-directory: src/pg_tde - - - name: Change src owner to postgres - run: | - sudo chmod o+rx ~ - sudo chown -R postgres:postgres src - - - name: Build pg_tde - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - run: | - sudo -u postgres bash -c 'make USE_PGXS=1' - sudo make USE_PGXS=1 MAJORVERSION=$POSTGRESQL_VERSION install - working-directory: src/pg_tde - - - name: Setup kmip 1 - run: | - wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py - python3 create_certificates.py - cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem - working-directory: /tmp - - - name: Start pg_tde tests - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - run: | - TV=$(mktemp) - { exec >$TV; vault server -dev; } & - pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log & - sleep 10 - export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n) - echo "Root token: $ROOT_TOKEN" - - sudo psql -V - - sudo service postgresql stop - echo "shared_preload_libraries = 'pg_tde'" | - sudo tee -a /etc/postgresql/$POSTGRESQL_VERSION/main/postgresql.conf - sudo service postgresql start - - sudo -u postgres bash -c "export ROOT_TOKEN=$ROOT_TOKEN && make installcheck USE_PGXS=1" - working-directory: src/pg_tde - - - name: Report on test fail - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - if: ${{ failure() }} - with: - name: Regressions diff and postgresql log - path: | - src/pg_tde/regression.diffs - src/pg_tde/logfile - retention-days: 3 - - - name: Report on test fail 2 - if: ${{ failure() }} - run: | - cat src/pg_tde/regression.diffs - - - name: Create release directory - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - run: | - sudo -E mkdir pgtde-pgdg$POSTGRESQL_VERSION - sudo -E mkdir -p pgtde-pgdg$POSTGRESQL_VERSION/usr/lib/postgresql/$POSTGRESQL_VERSION/lib/ - sudo -E mkdir -p pgtde-pgdg$POSTGRESQL_VERSION/share/postgresql/$POSTGRESQL_VERSION/extension/ - sudo -E cp /usr/share/postgresql/$POSTGRESQL_VERSION/extension/pg_tde* pgtde-pgdg$POSTGRESQL_VERSION/share/postgresql/$POSTGRESQL_VERSION/extension/ - sudo -E cp /usr/lib/postgresql/$POSTGRESQL_VERSION/lib/pg_tde* pgtde-pgdg$POSTGRESQL_VERSION/usr/lib/postgresql/$POSTGRESQL_VERSION/lib/ - - - name: Upload tgz - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - with: - name: pg_tde_pgdg$POSTGRESQL_VERSION_binary - path: pgtde-pgdg$POSTGRESQL_VERSION - - - name: Create deb - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - run: | - sudo -E mkdir pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN - sudo -E sh -c 'echo "Package: pgtde-pgdg$POSTGRESQL_VERSION" > pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control' - sudo -E sh -c 'echo "Version: 0.1" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control' - sudo -E sh -c 'echo "Architecture: amd64" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control' - sudo -E sh -c 'echo "Maintainer: Percona" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control' - sudo -E sh -c 'echo "Description: Experimental pg_tde extension" >> pgtde-pgdg$POSTGRESQL_VERSION/DEBIAN/control' - sudo -E dpkg-deb --build --root-owner-group pgtde-pgdg$POSTGRESQL_VERSION - - - name: Test deb - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - run: | - sudo -E rm -rf /usr/share/postgresql/$POSTGRESQL_VERSION/extension/pg_tde* - sudo -E rm -rf /usr/lib/postgresql/$POSTGRESQL_VERSION/lib/pg_tde* - sudo -E dpkg -i --debug=7777 pgtde-pgdg$POSTGRESQL_VERSION.deb - - - name: Upload deb - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - with: - name: pg_tde_deb - path: pgtde-pgdg$POSTGRESQL_VERSION.deb - - - name: Create tgz - env: - POSTGRESQL_VERSION: ${{ matrix.postgresql-version }} - run: | - cd pgtde-pgdg$POSTGRESQL_VERSION && sudo tar -czvf ../pgtde-pgdg$POSTGRESQL_VERSION.tar.gz . - - - name: Publish release - uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5 # v1.14.0 - # Only try and deploy on merged code - if: "github.repository == 'percona/pg_tde' && github.ref_name == 'main' && (github.event_name == 'push' || github.event_name == 'schedule')" - with: - artifacts: "pgtde-pgdg${{ matrix.postgresql-version }}.tar.gz,pgtde-pgdg${{ matrix.postgresql-version }}.deb" - omitBody: true - allowUpdates: true - generateReleaseNotes: true - makeLatest: true - tag: "latest" - name: "HEAD" - replacesArtifacts: true diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml deleted file mode 100644 index 95de836ed9f..00000000000 --- a/.github/workflows/scorecard.yml +++ /dev/null @@ -1,48 +0,0 @@ -name: Scorecard -on: - # To guarantee Maintained check is occasionally updated. See - # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained - schedule: - - cron: "24 3 * * 1" - push: - branches: - - main - -# Declare default permissions as read only. -permissions: read-all - -jobs: - analysis: - name: Analysis - runs-on: ubuntu-latest - permissions: - # Needed to upload the results to code-scanning dashboard. - security-events: write - # Needed to publish results and get a badge (see publish_results below). - id-token: write - - steps: - - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - persist-credentials: false - - - name: Run analysis - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 - with: - results_file: results.sarif - results_format: sarif - publish_results: true - - - name: Upload results - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 - with: - name: SARIF file - path: results.sarif - retention-days: 5 - - # Upload the results to GitHub's code scanning dashboard (optional). - - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 - with: - sarif_file: results.sarif