Allow TLS enabled connections when providing an established channel #1349
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
on: | |
push: | |
branches: | |
- "main" | |
pull_request: | |
branches: | |
- "*" | |
env: | |
LOG_LEVEL: info | |
jobs: | |
linux-unit: | |
strategy: | |
fail-fast: false | |
matrix: | |
swift-image: | |
- swift:5.9-jammy | |
- swift:5.10-noble | |
- swift:6.0-noble | |
- swiftlang/swift:nightly-main-jammy | |
container: ${{ matrix.swift-image }} | |
runs-on: ubuntu-latest | |
steps: | |
- name: Display OS and Swift versions | |
shell: bash | |
run: | | |
[[ -z "${SWIFT_PLATFORM}" ]] && SWIFT_PLATFORM="$(. /etc/os-release && echo "${ID}${VERSION_ID}")" | |
[[ -z "${SWIFT_VERSION}" ]] && SWIFT_VERSION="$(cat /.swift_tag 2>/dev/null || true)" | |
printf 'OS: %s\nTag: %s\nVersion:\n' "${SWIFT_PLATFORM}-${RUNNER_ARCH}" "${SWIFT_VERSION}" | |
swift --version | |
- name: Check out package | |
uses: actions/checkout@v4 | |
- name: Run unit tests with Thread Sanitizer | |
run: | | |
swift test --filter='^(PostgresNIOTests|ConnectionPoolModuleTests)' --sanitize=thread --enable-code-coverage | |
- name: Submit code coverage | |
uses: vapor/[email protected] | |
with: | |
codecov_token: ${{ secrets.CODECOV_TOKEN }} | |
linux-integration-and-dependencies: | |
strategy: | |
fail-fast: false | |
matrix: | |
postgres-image: | |
- postgres:17 | |
- postgres:15 | |
- postgres:12 | |
include: | |
- postgres-image: postgres:17 | |
postgres-auth: scram-sha-256 | |
- postgres-image: postgres:15 | |
postgres-auth: md5 | |
- postgres-image: postgres:12 | |
postgres-auth: trust | |
container: | |
image: swift:5.10-noble | |
volumes: [ 'pgrunshare:/var/run/postgresql' ] | |
runs-on: ubuntu-latest | |
env: | |
# Unfortunately, fluent-postgres-driver details leak through here | |
POSTGRES_DB: 'test_database' | |
POSTGRES_DB_A: 'test_database' | |
POSTGRES_DB_B: 'test_database' | |
POSTGRES_USER: 'test_username' | |
POSTGRES_USER_A: 'test_username' | |
POSTGRES_USER_B: 'test_username' | |
POSTGRES_PASSWORD: 'test_password' | |
POSTGRES_PASSWORD_A: 'test_password' | |
POSTGRES_PASSWORD_B: 'test_password' | |
POSTGRES_HOSTNAME: 'psql-a' | |
POSTGRES_HOSTNAME_A: 'psql-a' | |
POSTGRES_HOSTNAME_B: 'psql-b' | |
POSTGRES_SOCKET: '/var/run/postgresql/.s.PGSQL.5432' | |
POSTGRES_HOST_AUTH_METHOD: ${{ matrix.postgres-auth }} | |
services: | |
psql-a: | |
image: ${{ matrix.postgres-image }} | |
volumes: [ 'pgrunshare:/var/run/postgresql' ] | |
env: | |
POSTGRES_USER: 'test_username' | |
POSTGRES_DB: 'test_database' | |
POSTGRES_PASSWORD: 'test_password' | |
POSTGRES_HOST_AUTH_METHOD: ${{ matrix.postgres-auth }} | |
POSTGRES_INITDB_ARGS: --auth-host=${{ matrix.postgres-auth }} | |
psql-b: | |
image: ${{ matrix.postgres-image }} | |
volumes: [ 'pgrunshare:/var/run/postgresql' ] | |
env: | |
POSTGRES_USER: 'test_username' | |
POSTGRES_DB: 'test_database' | |
POSTGRES_PASSWORD: 'test_password' | |
POSTGRES_HOST_AUTH_METHOD: ${{ matrix.postgres-auth }} | |
POSTGRES_INITDB_ARGS: --auth-host=${{ matrix.postgres-auth }} | |
steps: | |
- name: Display OS and Swift versions | |
run: | | |
[[ -z "${SWIFT_PLATFORM}" ]] && SWIFT_PLATFORM="$(. /etc/os-release && echo "${ID}${VERSION_ID}")" | |
[[ -z "${SWIFT_VERSION}" ]] && SWIFT_VERSION="$(cat /.swift_tag 2>/dev/null || true)" | |
printf 'OS: %s\nTag: %s\nVersion:\n' "${SWIFT_PLATFORM}-${RUNNER_ARCH}" "${SWIFT_VERSION}" && swift --version | |
- name: Check out package | |
uses: actions/checkout@v4 | |
with: { path: 'postgres-nio' } | |
- name: Run integration tests | |
run: swift test --package-path postgres-nio --filter=^IntegrationTests | |
- name: Check out postgres-kit dependent | |
uses: actions/checkout@v4 | |
with: { repository: 'vapor/postgres-kit', path: 'postgres-kit' } | |
- name: Check out fluent-postgres-driver dependent | |
uses: actions/checkout@v4 | |
with: { repository: 'vapor/fluent-postgres-driver', path: 'fluent-postgres-driver' } | |
- name: Use local package in dependents | |
run: | | |
swift package --package-path postgres-kit edit postgres-nio --path postgres-nio | |
swift package --package-path fluent-postgres-driver edit postgres-nio --path postgres-nio | |
- name: Run postgres-kit tests | |
run: swift test --package-path postgres-kit | |
- name: Run fluent-postgres-driver tests | |
run: swift test --package-path fluent-postgres-driver | |
macos-all: | |
strategy: | |
fail-fast: false | |
matrix: | |
postgres-formula: | |
# Only test one version on macOS, let Linux do the rest | |
- postgresql@16 | |
postgres-auth: | |
# Only test one auth method on macOS, Linux tests will cover the others | |
- scram-sha-256 | |
xcode-version: | |
- '~15' | |
include: | |
- xcode-version: '~15' | |
macos-version: 'macos-14' | |
runs-on: ${{ matrix.macos-version }} | |
env: | |
POSTGRES_HOSTNAME: 127.0.0.1 | |
POSTGRES_USER: 'test_username' | |
POSTGRES_PASSWORD: 'test_password' | |
POSTGRES_DB: 'postgres' | |
POSTGRES_AUTH_METHOD: ${{ matrix.postgres-auth }} | |
POSTGRES_SOCKET: '/tmp/.s.PGSQL.5432' | |
POSTGRES_FORMULA: ${{ matrix.postgres-formula }} | |
steps: | |
- name: Select latest available Xcode | |
uses: maxim-lobanov/setup-xcode@v1 | |
with: | |
xcode-version: ${{ matrix.xcode-version }} | |
- name: Install Postgres, setup DB and auth, and wait for server start | |
run: | | |
export PATH="$(brew --prefix)/opt/${POSTGRES_FORMULA}/bin:$PATH" PGDATA=/tmp/vapor-postgres-test | |
# ** BEGIN ** Work around bug in both Homebrew and GHA | |
(brew upgrade [email protected] || true) && (brew link --force --overwrite [email protected] || true) | |
(brew upgrade [email protected] || true) && (brew link --force --overwrite [email protected] || true) | |
(brew upgrade || true) | |
# ** END ** Work around bug in both Homebrew and GHA | |
brew install --overwrite "${POSTGRES_FORMULA}" | |
brew link --overwrite --force "${POSTGRES_FORMULA}" | |
initdb --locale=C --auth-host "${POSTGRES_AUTH_METHOD}" -U "${POSTGRES_USER}" --pwfile=<(echo "${POSTGRES_PASSWORD}") | |
pg_ctl start --wait | |
timeout-minutes: 15 | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
- name: Run all tests | |
run: swift test | |
api-breakage: | |
if: github.event_name == 'pull_request' | |
runs-on: ubuntu-latest | |
container: swift:noble | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
# https://github.com/actions/checkout/issues/766 | |
- name: API breaking changes | |
run: | | |
git config --global --add safe.directory "${GITHUB_WORKSPACE}" | |
swift package diagnose-api-breaking-changes origin/main | |
# gh-codeql: | |
# if: ${{ false }} | |
# runs-on: ubuntu-latest | |
# container: swift:noble | |
# permissions: { actions: write, contents: read, security-events: write } | |
# steps: | |
# - name: Check out code | |
# uses: actions/checkout@v4 | |
# - name: Mark repo safe in non-fake global config | |
# run: git config --global --add safe.directory "${GITHUB_WORKSPACE}" | |
# - name: Initialize CodeQL | |
# uses: github/codeql-action/init@v3 | |
# with: | |
# languages: swift | |
# - name: Perform build | |
# run: swift build | |
# - name: Run CodeQL analyze | |
# uses: github/codeql-action/analyze@v3 |