File: ci.yaml

package info (click to toggle)
python-vertica 1.4.0-2
  • links: PTS, VCS
  • area: contrib
  • in suites: forky, sid
  • size: 948 kB
  • sloc: python: 6,914; makefile: 4
file content (100 lines) | stat: -rw-r--r-- 5,504 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
name: CI

on: [push, pull_request]

jobs:
  build:

    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ['3.7', '3.8', '3.9', '3.10', '3.11', '3.12', 'pypy3.10']

    env:
      REALM: test
      USER: oauth_user
      PASSWORD: password
      CLIENT_ID: vertica
      CLIENT_SECRET: P9f8350QQIUhFfK1GF5sMhq4Dm3P6Sbs

    steps:
      - name: Check out repository
        uses: actions/checkout@v4
      - name: Set up Python ${{ matrix.python-version }}
        uses: actions/setup-python@v5
        with:
          python-version: ${{ matrix.python-version }}
      - name: Set up a Keycloak docker container
        timeout-minutes: 5
        run: |
          docker network create -d bridge my-network
          docker run -d -p 8080:8080 \
            --name keycloak --network my-network \
            -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin \
            quay.io/keycloak/keycloak:23.0.4 start-dev
          docker container ls

      - name: Set up a Vertica server docker container
        timeout-minutes: 15
        run: |
          docker run -d -p 5433:5433 -p 5444:5444 \
            --name vertica_docker --network my-network \
            opentext/vertica-ce:24.2.0-1
          echo "Vertica startup ..."
          until docker exec vertica_docker test -f /data/vertica/VMart/agent_start.out; do \
            echo "..."; \
            sleep 3; \
          done;
          echo "Vertica is up"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "\l"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "select version()"

      - name: Configure Keycloak
        run: |
          echo "Wait for keycloak ready ..."
          bash -c 'while true; do curl -s localhost:8080 &>/dev/null; ret=$?; [[ $ret -eq 0 ]] && break; echo "..."; sleep 3; done'

          docker exec -i keycloak /bin/bash <<EOF
            /opt/keycloak/bin/kcadm.sh config credentials --server http://localhost:8080 --realm master --user admin --password admin
            /opt/keycloak/bin/kcadm.sh create realms -s realm=${REALM} -s enabled=true
            /opt/keycloak/bin/kcadm.sh update realms/${REALM} -s accessTokenLifespan=3600
            /opt/keycloak/bin/kcadm.sh get realms/${REALM}
            /opt/keycloak/bin/kcadm.sh create users -r ${REALM} -s username=${USER} -s enabled=true
            /opt/keycloak/bin/kcadm.sh set-password -r ${REALM} --username ${USER} --new-password ${PASSWORD}
            /opt/keycloak/bin/kcadm.sh get users -r ${REALM}
            /opt/keycloak/bin/kcadm.sh create clients -r ${REALM} -s clientId=${CLIENT_ID} -s enabled=true \
              -s 'redirectUris=["/*"]' -s 'webOrigins=["/*"]' -s secret=${CLIENT_SECRET} -s directAccessGrantsEnabled=true -o
          EOF

          # Retrieving an Access Token
          curl --location --request POST http://`hostname`:8080/realms/${REALM}/protocol/openid-connect/token \
              --header 'Content-Type: application/x-www-form-urlencoded' \
              --data-urlencode "username=${USER}" \
              --data-urlencode "password=${PASSWORD}" \
              --data-urlencode "client_id=${CLIENT_ID}" \
              --data-urlencode "client_secret=${CLIENT_SECRET}" \
              --data-urlencode 'grant_type=password' -o oauth.json
          cat oauth.json | python3 -c 'import json,sys;obj=json.load(sys.stdin);print(obj["access_token"])' > access_token.txt

          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "CREATE AUTHENTICATION v_oauth METHOD 'oauth' HOST '0.0.0.0/0';"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET client_id = '${CLIENT_ID}';"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET client_secret = '${CLIENT_SECRET}';"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET discovery_url = 'http://`hostname`:8080/realms/${REALM}/.well-known/openid-configuration';"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_oauth SET introspect_url = 'http://`hostname`:8080/realms/${REALM}/protocol/openid-connect/token/introspect';"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "SELECT * FROM client_auth WHERE auth_name='v_oauth';"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "CREATE USER ${USER};"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "GRANT AUTHENTICATION v_oauth TO ${USER};"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "GRANT ALL ON SCHEMA PUBLIC TO ${USER};"
          # A dbadmin-specific authentication record (connect remotely) is needed after setting up an OAuth user
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "CREATE AUTHENTICATION v_dbadmin_hash METHOD 'hash' HOST '0.0.0.0/0';"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "ALTER AUTHENTICATION v_dbadmin_hash PRIORITY 10000;"
          docker exec -u dbadmin vertica_docker /opt/vertica/bin/vsql -c "GRANT AUTHENTICATION v_dbadmin_hash TO dbadmin;"

      - name: Install dependencies
        run: pip install tox
      - name: Run tests
        run: |
          export VP_TEST_USER=dbadmin
          export VP_TEST_OAUTH_ACCESS_TOKEN=`cat access_token.txt`
          export VP_TEST_OAUTH_USER=${USER}
          tox -e py