-
Notifications
You must be signed in to change notification settings - Fork 14
142 lines (125 loc) · 6.47 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: CI
on:
# Triggers the workflow on push or pull request events but only for the main branch
push:
branches: [ master ]
pull_request:
branches: [ master ]
# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:
env:
V_HOST: localhost
V_PORT: 5433
V_USER: dbadmin
V_DATABASE: VMart
KC_REALM: test
KC_USER: oauth_user
KC_PASSWORD: password
KC_CLIENT_ID: vertica
KC_CLIENT_SECRET: P9f8350QQIUhFfK1GF5sMhq4Dm3P6Sbs
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
#os: [ubuntu-latest, windows-latest, macos-latest]
# let's make it a little bit simple for now
# current minimal version will be 12.
# TODO: investigate the multipe version matrix with single Vertica instance
node: ['12', '14', '16', '18', '20']
os: [ubuntu-latest]
name: Node.js ${{ matrix.node }} (${{ matrix.os }})
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v4
- name: Setup node
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
cache: yarn
- name: build
run: yarn
- name: boostrap
run: yarn lerna bootstrap
- name: Set up a Keycloak docker container
timeout-minutes: 5
run: |
docker network create -d bridge my-network
docker run -d -p 8080:8080 \
--name keycloak --network my-network \
-e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin \
quay.io/keycloak/keycloak:23.0.4 start-dev
docker container ls
- name: Setup Vertica server docker container
timeout-minutes: 15
run: |
docker run -d -p 5433:5433 -p 5444:5444 \
--mount type=volume,source=vertica-data,target=/data \
--name vertica_ce --network my-network \
opentext/vertica-ce:24.2.0-1
echo "Vertica startup ..."
until docker exec vertica_ce test -f /data/vertica/VMart/agent_start.out; do \
echo "..."; \
sleep 3; \
done;
echo "Vertica is up"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "\l"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "select version()"
- name: Configure Keycloak
run: |
echo "Wait for keycloak ready ..."
bash -c 'while true; do curl -s localhost:8080 &>/dev/null; ret=$?; [[ $ret -eq 0 ]] && break; echo "..."; sleep 3; done'
docker exec -i keycloak /bin/bash <<EOF
/opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080 --realm master --user admin --password admin
/opt/keycloak/bin/kcadm.sh create realms -s realm=${KC_REALM} -s enabled=true
/opt/keycloak/bin/kcadm.sh update realms/${KC_REALM} -s accessTokenLifespan=3600
/opt/keycloak/bin/kcadm.sh get realms/${KC_REALM}
/opt/keycloak/bin/kcadm.sh create users -r ${KC_REALM} -s username=${KC_USER} -s enabled=true
/opt/keycloak/bin/kcadm.sh set-password -r ${KC_REALM} --username ${KC_USER} --new-password ${KC_PASSWORD}
/opt/keycloak/bin/kcadm.sh get users -r ${KC_REALM}
/opt/keycloak/bin/kcadm.sh create clients -r ${KC_REALM} -s clientId=${KC_CLIENT_ID} -s enabled=true \
-s 'redirectUris=["/*"]' -s 'webOrigins=["/*"]' -s secret=${KC_CLIENT_SECRET} -s directAccessGrantsEnabled=true -o
EOF
# Retrieving an Access Token
curl --location --request POST http://`hostname`:8080/realms/${KC_REALM}/protocol/openid-connect/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode "username=${KC_USER}" \
--data-urlencode "password=${KC_PASSWORD}" \
--data-urlencode "client_id=${KC_CLIENT_ID}" \
--data-urlencode "client_secret=${KC_CLIENT_SECRET}" \
--data-urlencode 'grant_type=password' -o oauth.json
cat oauth.json | python3 -c 'import json,sys;obj=json.load(sys.stdin);print(obj["access_token"])' > access_token.txt
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "CREATE AUTHENTICATION v_oauth METHOD 'oauth' HOST '0.0.0.0/0';"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET client_id = '${KC_CLIENT_ID}';"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET client_secret = '${KC_CLIENT_SECRET}';"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET discovery_url = 'http://`hostname`:8080/realms/${KC_REALM}/.well-known/openid-configuration';"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET introspect_url = 'http://`hostname`:8080/realms/${KC_REALM}/protocol/openid-connect/token/introspect';"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "SELECT * FROM client_auth WHERE auth_name='v_oauth';"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "CREATE USER ${KC_USER};"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "GRANT AUTHENTICATION v_oauth TO ${KC_USER};"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "GRANT ALL ON SCHEMA PUBLIC TO ${KC_USER};"
# A dbadmin-specific authentication record (connect remotely) is needed after setting up an OAuth user
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "CREATE AUTHENTICATION v_dbadmin_hash METHOD 'hash' HOST '0.0.0.0/0';"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_dbadmin_hash PRIORITY 10000;"
docker exec -u dbadmin vertica_ce /opt/vertica/bin/vsql -c "GRANT AUTHENTICATION v_dbadmin_hash TO dbadmin;"
- name: test-v-connection-string
if: always()
run: |
cd packages/v-connection-string
yarn test
- name: test-v-pool
if: always()
run: |
cd packages/v-pool
yarn test
- name: test-v-protocol
if: always()
run: |
cd packages/v-protocol
yarn test
- name: test-vertica-nodejs
if: always()
run: |
export VTEST_OAUTH_ACCESS_TOKEN=`cat access_token.txt`
cd packages/vertica-nodejs
yarn test