Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Basic KMIP keyring implementation #325

Merged
merged 3 commits into from
Nov 28, 2024
Merged

Basic KMIP keyring implementation #325

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4f68d54
Basic KMIP keyring implementation
dutow Nov 3, 2024
e86a067
CI fixes
dutow Nov 6, 2024
67345ae
comp fix
dutow Nov 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 14 additions & 1 deletion .github/workflows/postgresql-16-ppg-package-pgxs.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
run: |
sudo apt-get install -y libreadline6-dev systemtap-sdt-dev wget \
zlib1g-dev libssl-dev libpam0g-dev bison flex libipc-run-perl \
libcurl4-openssl-dev libhttp-server-simple-perl
libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
Expand Down Expand Up @@ -64,6 +64,11 @@ jobs:
with:
path: 'src/pg_tde'

- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/pg_tde

- name: Change src owner to postgres
run: |
sudo chmod o+rx ~
Expand All @@ -76,10 +81,18 @@ jobs:
sudo make USE_PGXS=1 install
working-directory: src/pg_tde

- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp

- name: Start pg_tde tests
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
Expand Down
83 changes: 0 additions & 83 deletions .github/workflows/postgresql-16-src-make-macos.yml
View file
Open in desktop

This file was deleted.

15 changes: 14 additions & 1 deletion .github/workflows/postgresql-16-src-make-ssl11.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config \
libselinux1-dev python3-dev libhttp-server-simple-perl\
uuid-dev liblz4-dev libcurl4-openssl-dev
uuid-dev liblz4-dev libcurl4-openssl-dev python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
Expand All @@ -47,6 +47,11 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'

- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde

- name: Create pgsql dir
run: mkdir -p /opt/pgsql
Expand Down Expand Up @@ -74,10 +79,18 @@ jobs:
/opt/pgsql/data/postgresql.conf
pg_ctl -D /opt/pgsql/data -l logfile start

- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp

- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
Expand Down
15 changes: 14 additions & 1 deletion .github/workflows/postgresql-16-src-make.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl
uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
Expand All @@ -47,6 +47,11 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'

- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde

- name: Create pgsql dir
run: mkdir -p /opt/pgsql
Expand All @@ -73,11 +78,19 @@ jobs:
echo "shared_preload_libraries = 'pg_tde'" >> \
/opt/pgsql/data/postgresql.conf
pg_ctl -D /opt/pgsql/data -l logfile start

- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp

- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
Expand Down
67 changes: 0 additions & 67 deletions .github/workflows/postgresql-16-src-meson-macos.yml
View file
Open in desktop

This file was deleted.

15 changes: 14 additions & 1 deletion .github/workflows/postgresql-16-src-meson.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev meson ninja-build \
gpg wget libcurl4-openssl-dev libhttp-server-simple-perl
gpg wget libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
Expand All @@ -48,6 +48,11 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'

- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde

- name: Include pg_tde in meson build
run: |
Expand All @@ -58,11 +63,19 @@ jobs:
meson setup build --prefix `pwd`/../inst --buildtype=debug -Dcassert=true
cd build && ninja && ninja install
working-directory: src

- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp

- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
Expand Down
15 changes: 14 additions & 1 deletion .github/workflows/postgresql-17-src-make.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev \
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl
uuid-dev liblz4-dev libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
Expand All @@ -47,6 +47,11 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'

- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde

- name: Create pgsql dir
run: mkdir -p /opt/pgsql
Expand Down Expand Up @@ -74,10 +79,18 @@ jobs:
/opt/pgsql/data/postgresql.conf
pg_ctl -D /opt/pgsql/data -l logfile start

- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp

- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
Expand Down
15 changes: 14 additions & 1 deletion .github/workflows/postgresql-17-src-meson-perf.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
libsystemd-dev gettext tcl-dev libperl-dev pkg-config clang-11 \
llvm-11 llvm-11-dev libselinux1-dev python3-dev \
uuid-dev liblz4-dev meson ninja-build \
sysbench libcurl4-openssl-dev libhttp-server-simple-perl
sysbench libcurl4-openssl-dev libhttp-server-simple-perl python3-pykmip
sudo /usr/bin/perl -MCPAN -e 'install IPC::Run'
sudo /usr/bin/perl -MCPAN -e 'install Text::Trim'
wget -O- https://apt.releases.hashicorp.com/gpg | sudo gpg --dearmor -o /usr/share/keyrings/hashicorp-archive-keyring.gpg
Expand All @@ -48,17 +48,30 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: 'src/contrib/pg_tde'

- name: Checkout libkmip submodule
run: |
git submodule update --init --recursive
working-directory: src/contrib/pg_tde

- name: Build postgres
run: |
meson setup build --prefix `pwd`/../inst --buildtype=release
cd build && ninja && ninja install
working-directory: src

- name: Setup kmip 1
run: |
wget https://raw.githubusercontent.com/OpenKMIP/PyKMIP/refs/heads/master/bin/create_certificates.py
python3 create_certificates.py
cat client_certificate_jane_doe.pem >> client_key_jane_doe.pem
working-directory: /tmp

- name: Test pg_tde
run: |
TV=$(mktemp)
{ exec >$TV; vault server -dev; } &
pykmip-server -f `pwd`/../contrib/pg_tde/pykmip-server.conf -l /tmp/kmip-server.log &
sleep 10
export ROOT_TOKEN=$(cat $TV | grep "Root Token" | cut -d ":" -f 2 | xargs echo -n)
echo "Root token: $ROOT_TOKEN"
Expand Down
Loading
Loading