Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions .github/workflows/release-eql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,10 +36,11 @@ jobs:
- name: Build EQL release
run: |
just build
mv release/cipherstash-encrypt-dsl.sql release/cipherstash-eql.sql

- name: Publish EQL release artifacts
uses: softprops/action-gh-release@v2
if: startsWith(github.ref, 'refs/tags/')
with:
files: release/cipherstash-eql.sql
files: |
release/cipherstash-eql.sql
release/cipherstash-eql-uninstall.sql
51 changes: 51 additions & 0 deletions .github/workflows/test-eql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
name: "Test EQL"
on:
push:
branches:
- main
paths:
- ".github/workflows/test-eql.yml"
- "sql/*.sql"

pull_request:
branches:
- main
paths:
- ".github/workflows/test-eql.yml"
- "sql/*.sql"

workflow_dispatch:

defaults:
run:
shell: bash -l {0}

jobs:
test:
name: "Test EQL SQL components"
runs-on: ubuntu-24.04

strategy:
fail-fast: false
matrix:
postgres-version: [17, 16, 15, 14]

env:
CS_DATABASE__PASSWORD:
CS_DATABASE__PORT: 5432
CS_DATABASE__NAME: test

steps:
- uses: actions/checkout@v4

- uses: extractions/setup-just@v1

- uses: ankane/setup-postgres@v1
with:
postgres-version: ${{ matrix.postgres-version }}
database: ${{ env.CS_DATABASE__NAME }}

- name: Test EQL
run: |
just build test
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -183,3 +183,5 @@ cipherstash-proxy.toml

# build artifacts
release/

.mise.*
56 changes: 46 additions & 10 deletions justfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,32 +2,68 @@ set dotenv-load
set positional-arguments


test_dsl:
test:
#!/usr/bin/env bash
set -euxo pipefail

PGPASSWORD=$CS_DATABASE__PASSWORD dropdb --force --if-exists --username $CS_DATABASE__USERNAME --port $CS_DATABASE__PORT cs_migrator_test
PGPASSWORD=$CS_DATABASE__PASSWORD createdb --username $CS_DATABASE__USERNAME --port $CS_DATABASE__PORT cs_migrator_test
just build
just reset

connection_url=postgresql://$CS_DATABASE__USERNAME:@localhost:$CS_DATABASE__PORT/cs_migrator_test
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f sql/dsl-core.sql
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f sql/dsl-config-schema.sql
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f sql/dsl-config-functions.sql
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f sql/dsl-encryptindex.sql
connection_url=postgresql://${CS_DATABASE__USERNAME:-$USER}:@localhost:$CS_DATABASE__PORT/$CS_DATABASE__NAME

# tests
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f tests/core.sql
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f tests/config.sql
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f tests/encryptindex.sql

dropdb --username $CS_DATABASE__USERNAME --port $CS_DATABASE__PORT cs_migrator_test
# Uninstall
PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f release/cipherstash-encrypt-uninstall.sql



build:
#!/usr/bin/env bash
set -euxo pipefail

cat sql/database-extensions/postgresql/install.sql sql/ore-cllw.sql sql/ste-vec.sql sql/dsl-core.sql sql/dsl-config-schema.sql sql/dsl-config-functions.sql sql/dsl-encryptindex.sql > release/cipherstash-encrypt-dsl.sql
mkdir -p release

rm -f release/cipherstash-encrypt-uninstall.sql
rm -f release/cipherstash-encrypt.sql

# Collect all the drops
# In reverse order (tac) so that we drop the constraints before the tables
grep -h -E '^(DROP|ALTER DOMAIN [^ ]+ DROP CONSTRAINT)' sql/0*-*.sql | tac > release/cipherstash-encrypt-tmp-drop.sql
# types are always last
cat sql/666-drop_types.sql >> release/cipherstash-encrypt-tmp-drop.sql


# Build cipherstash-encrypt.sql
# drop everything first
cat release/cipherstash-encrypt-tmp-drop.sql > release/cipherstash-encrypt.sql
# cat the rest of the sql files
cat sql/0*-*.sql >> release/cipherstash-encrypt.sql


# Build cipherstash-encrypt-uninstall.sql
# prepend the drops to the main sql file
cat release/cipherstash-encrypt-tmp-drop.sql >> release/cipherstash-encrypt-uninstall.sql
# uninstall renames configuration table
cat sql/666-rename_configuration_table.sql >> release/cipherstash-encrypt-uninstall.sql

# remove the drop file
rm release/cipherstash-encrypt-tmp-drop.sql


reset:
#!/usr/bin/env bash
set -euxo pipefail

PGPASSWORD=$CS_DATABASE__PASSWORD dropdb --force --if-exists --username ${CS_DATABASE__USERNAME:-$USER} --port $CS_DATABASE__PORT $CS_DATABASE__NAME
PGPASSWORD=$CS_DATABASE__PASSWORD createdb --username ${CS_DATABASE__USERNAME:-$USER} --port $CS_DATABASE__PORT $CS_DATABASE__NAME

connection_url=postgresql://${CS_DATABASE__USERNAME:-$USER}:@localhost:$CS_DATABASE__PORT/$CS_DATABASE__NAME

PGPASSWORD=$CS_DATABASE__PASSWORD psql $connection_url -f release/cipherstash-encrypt.sql


psql:
Expand Down
Loading
Loading