Skip to content

Use HTML URL for security issues #26304

Use HTML URL for security issues

Use HTML URL for security issues #26304

# Test building the extension on Windows
name: Regression Windows
"on":
schedule:
# run daily 0:00 on main branch
- cron: '0 0 * * *'
push:
branches:
- main
- prerelease_test
- trigger/windows_tests
paths-ignore:
- '**.md'
- 'LICENSE*'
- NOTICE
- 'bootstrap*'
pull_request:
paths-ignore:
- '**.md'
- 'LICENSE*'
- NOTICE
- 'bootstrap*'
jobs:
config:
runs-on: ubuntu-latest
outputs:
build_type: ${{ steps.build_type.outputs.build_type }}
pg14_latest: ${{ steps.config.outputs.pg14_latest }}
pg15_latest: ${{ steps.config.outputs.pg15_latest }}
pg16_latest: ${{ steps.config.outputs.pg16_latest }}
pg17_latest: ${{ steps.config.outputs.pg17_latest }}
steps:
- name: Checkout source code
uses: actions/checkout@v4
- name: Read configuration
id: config
run: python .github/gh_config_reader.py
- name: Set build_type
id: build_type
run: |
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
echo "build_type=['Debug']" >>$GITHUB_OUTPUT
else
echo "build_type=['Debug','Release']" >>$GITHUB_OUTPUT
fi
build:
# Change the JOB_NAME variable below when changing the name.
name: PG${{ matrix.pg }} ${{ matrix.build_type }} ${{ matrix.os }}
runs-on: ${{ matrix.os }}
needs: config
strategy:
fail-fast: false
matrix:
pg: [ 14, 15, 16, 17 ]
os: [ windows-2022 ]
build_type: ${{ fromJson(needs.config.outputs.build_type) }}
ignores: ["chunk_adaptive metadata telemetry"]
tsl_ignores: ["compression_algos"]
tsl_skips: ["bgw_db_scheduler bgw_db_scheduler_fixed"]
pg_config: ["-cfsync=off -cstatement_timeout=60s"]
include:
- pg: 14
pg_version: ${{ needs.config.outputs.pg14_latest }}
- pg: 15
pg_version: ${{ needs.config.outputs.pg15_latest }}
- pg: 16
pg_version: ${{ needs.config.outputs.pg16_latest }}
- pg: 17
pg_version: ${{ needs.config.outputs.pg17_latest }}
env:
# PostgreSQL configuration
PGPORT: 55432
PGDATA: pgdata
TABLESPACE1: D:\tablespace1\
TABLESPACE2: D:\tablespace2\
steps:
- name: Setup WSL
uses: Vampire/[email protected]
with:
additional-packages:
cmake
gawk
gcc
git
gnupg
make
postgresql-client
postgresql-common
tree
- name: Configure git
# Since we want to reuse the checkout in the WSL environment
# we have to prevent git from changing the line ending in the
# shell scripts as that would break them.
run: |
git config --global core.autocrlf false
git config --global core.eol lf
- name: Checkout TimescaleDB source
uses: actions/checkout@v4
# We are going to rebuild Postgres daily, so that it doesn't suddenly break
# ages after the original problem.
- name: Get date for build caching
id: get-date
env:
WSLENV: GITHUB_OUTPUT/p
shell: wsl-bash {0}
run: |
echo "date=$(date +"%d")" >> $GITHUB_OUTPUT
# Use a cache for the PostgreSQL installation to speed things up
# and avoid unnecessary package downloads. Since we only save
# the directory containing the binaries, the runs with a cache
# hit won't have PostgreSQL installed with a running service
# since the installer never runs. We therefore install with
# --extract-only and launch our own test instance, which is
# probably better anyway since it gives us more control.
- name: Cache PostgreSQL installation
uses: actions/cache@v4
id: cache-postgresql
with:
path: ~\PostgreSQL\${{ matrix.pg }}
key: "${{ runner.os }}-build-pg${{ matrix.pkg_version }}\
-${{ steps.get-date.outputs.date }}-${{ hashFiles('.github/**') }}"
# Force install PostgreSQL 17 since the package still on moderation
# https://community.chocolatey.org/packages/postgresql17
- name: Install PostgreSQL ${{ matrix.pg }} (using ${{ matrix.pg_version }})
if: github.event_name != 'schedule' && steps.cache-postgresql.outputs.cache-hit != 'true'
run: |
choco feature disable --name=usePackageExitCodes
choco feature disable --name=showDownloadProgress
choco install postgresql${{ matrix.pg }} --version ${{ matrix.pg_version }} `
--force -y --install-args="'--prefix $HOME\PostgreSQL\${{ matrix.pg }} --extract-only yes'"
# This is for nightly builds. Here we pick the latest version of the package.
- name: Install PostgreSQL ${{ matrix.pg }}
if: github.event_name == 'schedule' && steps.cache-postgresql.outputs.cache-hit != 'true'
run: |
choco feature disable --name=usePackageExitCodes
choco feature disable --name=showDownloadProgress
choco install postgresql${{ matrix.pg }} `
--force -y --install-args="'--prefix $HOME\PostgreSQL\${{ matrix.pg }} --extract-only yes'"
- name: Configure TimescaleDB
run: cmake -B build_win -DCMAKE_BUILD_TYPE=${{ matrix.build_type }} `
-DPG_PATH="$HOME/PostgreSQL/${{ matrix.pg }}" `
-DOPENSSL_ROOT_DIR="$HOME/PostgreSQL/${{ matrix.pg }}" -DASSERTIONS=ON `
-DTEST_PG_LOG_DIRECTORY="log"
- name: Build TimescaleDB
run: cmake --build build_win --config ${{ matrix.build_type }}
- name: Install TimescaleDB
run: cmake --install build_win --config ${{ matrix.build_type }}
- name: Setup postgres cluster
run: |
~/PostgreSQL/${{ matrix.pg }}/bin/initdb -U postgres -A trust --locale=en_US --encoding=UTF8
mkdir -p ${{ env.TABLESPACE1 }}\_default
mkdir -p ${{ env.TABLESPACE2 }}\_default
icacls ${{ env.TABLESPACE1 }} /grant runneradmin:F /T
icacls ${{ env.TABLESPACE2 }} /grant runneradmin:F /T
copy build_win/test/postgresql.conf ${{ env.PGDATA }}
copy build_win/test/pg_hba.conf ${{ env.PGDATA }}
icacls . /grant runneradmin:F /T
~/PostgreSQL/${{ matrix.pg }}/bin/pg_ctl start -o "${{ matrix.pg_config }}" --log=postmaster.log
~/PostgreSQL/${{ matrix.pg }}/bin/pg_isready -U postgres -d postgres --timeout=60
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'CREATE USER root SUPERUSER LOGIN;'
echo "PG version:"
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'SELECT version();'
echo "Log configuration:"
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'SHOW logging_collector;'
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'SHOW log_filename;'
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'SHOW log_directory;'
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'SELECT pg_current_logfile();'
echo "Data directory:"
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'SHOW data_directory;'
- name: Install postgres for test runner
shell: wsl-bash {0}
run: |
yes | /usr/share/postgresql-common/pgdg/apt.postgresql.org.sh || true
apt-get install -y --force-yes postgresql-server-dev-${{ matrix.pg }}
- name: Run tests
shell: wsl-bash {0}
run: |
export TEST_TABLESPACE1_PREFIX='${{ env.TABLESPACE1 }}'
export TEST_TABLESPACE2_PREFIX='${{ env.TABLESPACE2 }}'
cmake -B build_wsl -DCMAKE_BUILD_TYPE=${{ matrix.build_type }} -DTEST_PGPORT_LOCAL=${{ env.PGPORT }}
make -C build_wsl isolationchecklocal | tee -a installcheck.log
make -C build_wsl regresschecklocal IGNORES="${{ matrix.ignores }}" | tee -a installcheck.log
- name: Setup postgres cluster for TSL tests
run: |
~/PostgreSQL/${{ matrix.pg }}/bin/pg_ctl stop
timeout 10
Remove-Item -Recurse ${{ env.PGDATA }}
~/PostgreSQL/${{ matrix.pg }}/bin/initdb -U postgres -A trust --locale=en_US --encoding=UTF8
copy build_win/tsl/test/postgresql.conf ${{ env.PGDATA }}
copy build_win/tsl/test/pg_hba.conf ${{ env.PGDATA }}
~/PostgreSQL/${{ matrix.pg }}/bin/pg_ctl start -o "${{ matrix.pg_config }}" --log="postmaster.log"
~/PostgreSQL/${{ matrix.pg }}/bin/pg_isready -U postgres -d postgres --timeout=30
~/PostgreSQL/${{ matrix.pg }}/bin/psql -U postgres -d postgres -c 'CREATE USER root SUPERUSER LOGIN;'
- name: Run TSL tests
shell: wsl-bash {0}
run: |
export TEST_TABLESPACE1_PREFIX='${{ env.TABLESPACE1 }}'
export TEST_TABLESPACE2_PREFIX='${{ env.TABLESPACE2 }}'
make -C build_wsl isolationchecklocal-t | tee -a installcheck.log
make -C build_wsl -k regresschecklocal-t \
IGNORES="${{ matrix.tsl_ignores }} ${{ matrix.tsl_ignores_version }}" \
SKIPS="${{ matrix.tsl_skips }} ${{ matrix.tsl_skips_version }}" | tee -a installcheck.log
- name: Show regression diffs
id: collectlogs
if: always()
env:
WSLENV: GITHUB_OUTPUT/p
shell: wsl-bash {0}
run: |
find . -name regression.diffs -exec cat {} + > regression.log
if [[ -s regression.log ]]; then echo "regression_diff=true" >>$GITHUB_OUTPUT; fi
grep -e 'FAILED' -e 'failed (ignored)' -e 'not ok' installcheck.log || true
cat regression.log
- name: Save regression diffs
if: always() && steps.collectlogs.outputs.regression_diff == 'true'
uses: actions/upload-artifact@v4
with:
name: Regression ${{ matrix.pg }} diff ${{ matrix.os }} ${{ matrix.build_type }} Build
path: |
regression.log
installcheck.log
- name: Save PostgreSQL log
if: always()
uses: actions/upload-artifact@v4
with:
name: PostgreSQL ${{ matrix.pg }} log ${{ matrix.os }} ${{ matrix.build_type }} Build
path: ${{ env.PGDATA }}\log\postmaster.log
- name: Upload test results to the database
if: always()
shell: wsl-bash {0}
env:
# Update when adding new variables.
WSLENV: "JOB_NAME:CI_STATS_DB:GITHUB_EVENT_NAME:GITHUB_REF_NAME\
:GITHUB_REPOSITORY:GITHUB_RUN_ATTEMPT:GITHUB_RUN_ID:GITHUB_RUN_NUMBER:JOB_STATUS"
# GitHub Actions allow you neither to use the env context for the job name,
# nor to access the job name from the step context, so we have to
# duplicate it to work around this nonsense.
JOB_NAME: PG${{ matrix.pg }} ${{ matrix.build_type }} ${{ matrix.os }}
CI_STATS_DB: ${{ secrets.CI_STATS_DB }}
GITHUB_EVENT_NAME: ${{ github.event_name }}
GITHUB_REF_NAME: ${{ github.ref_name }}
GITHUB_REPOSITORY: ${{ github.repository }}
GITHUB_RUN_ATTEMPT: ${{ github.run_attempt }}
GITHUB_RUN_ID: ${{ github.run_id }}
GITHUB_RUN_NUMBER: ${{ github.run_number }}
JOB_STATUS: ${{ job.status }}
run: |
if [[ "${{ github.event_name }}" == "pull_request" ]] ;
then
GITHUB_PR_NUMBER="${{ github.event.number }}"
else
GITHUB_PR_NUMBER=0
fi
export GITHUB_PR_NUMBER
scripts/upload_ci_stats.sh