yuanbiao
/
emqx
1
0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

test(CI): add cts

This commit is contained in:
zhanghongtong 2020-12-24 13:53:08 +08:00 committed by Rory Z
parent bcb63bcc18
commit 6989c7a83d
33 changed files with 894 additions and 95 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
.ci/apps_tests/.env
View File

@ -1,5 +1,5 @@
MYSQL_VSN=5.7
REDIS_VSN=6
MONGO_VSN=4.1
PGSQL_VSN=11
LDAP_VSN=2.4.50
MYSQL_TAG=5.7
REDIS_TAG=6
MONGO_TAG=4.1
PGSQL_TAG=11
LDAP_TAG=2.4.50

10
.ci/apps_tests/docker-compose.yaml
View File

@ -19,7 +19,7 @@ services:
mysql_server:
container_name: mysql
image: mysql:${MYSQL_VSN}
image: mysql:${MYSQL_TAG}
restart: always
ports:
- 3306:3306
@ -47,7 +47,7 @@ services:
redis_server:
container_name: redis
image: redis:${REDIS_VSN}
image: redis:${REDIS_TAG}
ports:
- 6379:6379
command:
@ -65,7 +65,7 @@ services:
mongo_server:
container_name: mongo
image: mongo:${MONGO_VSN}
image: mongo:${MONGO_TAG}
ports:
- 27017:27017
restart: always
@ -83,7 +83,7 @@ services:
pgsql_server:
container_name: pgsql
image: postgres:${PGSQL_VSN}
image: postgres:${PGSQL_TAG}
ports:
- 5432:5432
restart: always
@ -99,7 +99,7 @@ services:
build:
context: ./emqx_ldap
args:
LDAP_VSN: ${LDAP_VSN}
LDAP_TAG: ${LDAP_TAG}
image: emqx-ldap:1.0
ports:
- 389:389

10
.ci/apps_tests/emqx_ldap/Dockerfile
View File

@ -1,13 +1,13 @@
FROM buildpack-deps:stretch
ARG LDAP_VSN=2.4.50
ARG LDAP_TAG=2.4.50
RUN apt-get update && apt-get install -y groff groff-base
RUN wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-${LDAP_VSN}.tgz \
&& gunzip -c openldap-${LDAP_VSN}.tgz | tar xvfB - \
&& cd openldap-${LDAP_VSN} \
RUN wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-${LDAP_TAG}.tgz \
&& gunzip -c openldap-${LDAP_TAG}.tgz | tar xvfB - \
&& cd openldap-${LDAP_TAG} \
&& ./configure && make depend && make && make install \
&& cd .. && rm -rf openldap-${LDAP_VSN}
&& cd .. && rm -rf openldap-${LDAP_TAG}
COPY ./slapd.conf /usr/local/etc/openldap/slapd.conf
COPY ./schema/emqx.io.ldif /usr/local/etc/openldap/schema/emqx.io.ldif

40
.ci/compatibility_tests/docker-compose-ldap.yaml Normal file
View File

@ -0,0 +1,40 @@
version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
depends_on:
- ldap_server
networks:
- emqx_bridge
volumes:
- ../../.:/emqx
working_dir: /emqx
tty: true
ldap_server:
container_name: ldap
build:
context: ./openldap
args:
LDAP_TAG: ${LDAP_TAG}
image: openldap
ports:
- 389:389
restart: always
networks:
- emqx_bridge
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.239.0/24
gateway: 172.100.239.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

43
.ci/compatibility_tests/docker-compose-mongo-tls.yaml Normal file
View File

@ -0,0 +1,43 @@
version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../../:/emqx
working_dir: /emqx
networks:
- emqx_bridge
depends_on:
- mongo_server
tty: true
mongo_server:
container_name: mongo
image: mongo:${MONGO_TAG}
restart: always
environment:
MONGO_INITDB_DATABASE: mqtt
volumes:
- ../../apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/mongodb.pem/:/etc/certs/mongodb.pem
networks:
- emqx_bridge
command:
--ipv6
--bind_ip_all
--sslMode requireSSL
--sslPEMKeyFile /etc/certs/mongodb.pem
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

20
apps/emqx_auth_mongo/docker-compose-ssl.yml → .ci/compatibility_tests/docker-compose-mongo.yaml
View File

@ -2,9 +2,11 @@ version: '3'
services:
erlang:
image: erlang:22.1
container_name: erlang
image: erlang:22.3
volumes:
- ./:/emqx_auth_mongo
- ../..:/emqx
working_dir: /emqx
networks:
- emqx_bridge
depends_on:
@ -12,20 +14,26 @@ services:
tty: true
mongo_server:
container_name: mongo
image: mongo:${MONGO_TAG}
restart: always
environment:
MONGO_INITDB_DATABASE: mqtt
volumes:
- ./test/emqx_auth_mongo_SUITE_data/mongodb.pem/:/etc/certs/mongodb.pem
networks:
- emqx_bridge
command:
--ipv6
--bind_ip_all
--sslMode requireSSL
--sslPEMKeyFile /etc/certs/mongodb.pem
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

20
apps/emqx_auth_mysql/docker-compose-ssl.yml → .ci/compatibility_tests/docker-compose-mysql-tls.yaml
View File

@ -2,9 +2,11 @@ version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ./:/emqx_auth_mysql
- ../../:/emqx
working_dir: /emqx
networks:
- emqx_bridge
depends_on:
@ -12,15 +14,16 @@ services:
tty: true
mysql_server:
container_name: mysql
image: mysql:${MYSQL_TAG}
restart: always
environment:
MYSQL_ROOT_PASSWORD: public
MYSQL_DATABASE: mqtt
volumes:
- ./test/emqx_auth_mysql_SUITE_data/ca.pem:/etc/certs/ca-cert.pem
- ./test/emqx_auth_mysql_SUITE_data/server-cert.pem:/etc/certs/server-cert.pem
- ./test/emqx_auth_mysql_SUITE_data/server-key.pem:/etc/certs/server-key.pem
- ../../apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/ca.pem:/etc/certs/ca-cert.pem
- ../../apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/server-cert.pem:/etc/certs/server-cert.pem
- ../../apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/server-key.pem:/etc/certs/server-key.pem
networks:
- emqx_bridge
command:
@ -39,3 +42,12 @@ services:
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

14
apps/emqx_auth_mysql/docker-compose.yml → .ci/compatibility_tests/docker-compose-mysql.yaml
View File

@ -2,9 +2,11 @@ version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ./:/emqx_auth_mysql
- ../../:/emqx
working_dir: /emqx
networks:
- emqx_bridge
depends_on:
@ -12,6 +14,7 @@ services:
tty: true
mysql_server:
container_name: mysql
image: mysql:${MYSQL_TAG}
restart: always
environment:
@ -32,3 +35,12 @@ services:
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

45
.ci/compatibility_tests/docker-compose-pgsql-tls.yaml Normal file
View File

@ -0,0 +1,45 @@
version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../../:/emqx
working_dir: /emqx
networks:
- emqx_bridge
depends_on:
- pgsql_server
tty: true
pgsql_server:
container_name: pgsql
image: postgres:${PGSQL_TAG}
restart: always
environment:
POSTGRES_PASSWORD: public
POSTGRES_USER: root
POSTGRES_DB: mqtt
volumes:
- ../../apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/pg.conf:/etc/postgresql/postgresql.conf
- ../../apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/server-cert.pem:/etc/postgresql/server-cert.pem
- ../../apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/server-key.pem:/etc/postgresql/server-key.pem
command:
- -c
- config_file=/etc/postgresql/postgresql.conf
networks:
- emqx_bridge
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

20
apps/emqx_auth_pgsql/.ci/docker-compose.yml → .ci/compatibility_tests/docker-compose-pgsql.yaml
View File

@ -2,9 +2,11 @@ version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../:/emqx_auth_pgsql
- ../../:/emqx
working_dir: /emqx
networks:
- emqx_bridge
depends_on:
@ -12,11 +14,8 @@ services:
tty: true
pgsql_server:
build:
context: ./pgsql
args:
BUILD_FROM: postgres:${PGSQL_TAG}
image: emqx-pgsql
container_name: pgsql
image: postgres:${PGSQL_TAG}
restart: always
environment:
POSTGRES_PASSWORD: public
@ -28,3 +27,12 @@ services:
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

12
apps/emqx_auth_redis/.ci/docker-compose-cluster-tls.yml → .ci/compatibility_tests/docker-compose-redis-cluster-tls.yaml
View File

@ -4,20 +4,22 @@ version: '2.4'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../:/emqx_auth_redis
- ../..:/emqx
networks:
- app_net
depends_on:
- redis_cluster
working_dir: /emqx
tty: true
redis_cluster:
image: redis:6.0.9
container_name: redis-cluster
container_name: redis
image: redis:${REDIS_TAG}
volumes:
- ../test/emqx_auth_redis_SUITE_data/certs:/tls
- ../../apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs:/tls
- ./redis/:/data/conf
command: bash -c "/bin/bash /data/conf/redis.sh --node cluster --tls-enabled && while true; do echo 1; sleep 1; done"
networks:
@ -36,4 +38,4 @@ networks:
- subnet: 172.16.239.0/24
gateway: 172.16.239.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1
gateway: 2001:3200:3200::1

8
apps/emqx_auth_redis/.ci/docker-compose-cluster.yml → .ci/compatibility_tests/docker-compose-redis-cluster.yaml
View File

@ -4,18 +4,20 @@ version: '2.4'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../:/emqx_auth_redis
- ../..:/emqx
networks:
- app_net
depends_on:
- redis_cluster
working_dir: /emqx
tty: true
redis_cluster:
image: redis:${REDIS_TAG}
container_name: redis-cluster
container_name: redis
volumes:
- ./redis/:/data/conf
command: bash -c "/bin/bash /data/conf/redis.sh --node cluster && while true; do echo 1; sleep 1; done"
@ -35,4 +37,4 @@ networks:
- subnet: 172.16.239.0/24
gateway: 172.16.239.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1
gateway: 2001:3200:3200::1

8
apps/emqx_auth_redis/.ci/docker-compose-sentinel.yml → .ci/compatibility_tests/docker-compose-redis-sentinel.yaml
View File

@ -4,18 +4,20 @@ version: '2.4'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../:/emqx_auth_redis
- ../..:/emqx
networks:
- app_net
depends_on:
- redis_cluster
working_dir: /emqx
tty: true
redis_cluster:
container_name: redis
image: redis:${REDIS_TAG}
container_name: redis-cluster
volumes:
- ./redis/:/data/conf
command: bash -c "/bin/bash /data/conf/redis.sh --node sentinel && while true; do echo 1; sleep 1; done"
@ -35,4 +37,4 @@ networks:
- subnet: 172.16.239.0/24
gateway: 172.16.239.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1
gateway: 2001:3200:3200::1

18
apps/emqx_auth_redis/.ci/docker-compose-tls.yml → .ci/compatibility_tests/docker-compose-redis-singer-tls.yaml
View File

@ -2,19 +2,22 @@ version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../:/emqx_auth_redis
- ../..:/emqx
networks:
- emqx_bridge
depends_on:
- redis_server
working_dir: /emqx
tty: true
redis_server:
image: redis:6.0.9
container_name: redis
image: redis:${REDIS_TAG}
volumes:
- ../test/emqx_auth_redis_SUITE_data/certs:/tls
- ../../apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs:/tls
command:
- redis-server
- "--bind 0.0.0.0 ::"
@ -29,3 +32,12 @@ services:
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

14
apps/emqx_auth_redis/.ci/docker-compose.yml → .ci/compatibility_tests/docker-compose-redis-singer.yaml
View File

@ -2,16 +2,19 @@ version: '3'
services:
erlang:
container_name: erlang
image: erlang:22.3
volumes:
- ../:/emqx_auth_redis
- ../..:/emqx
networks:
- emqx_bridge
depends_on:
- redis_server
working_dir: /emqx
tty: true
redis_server:
container_name: redis
image: redis:${REDIS_TAG}
command:
- redis-server
@ -23,3 +26,12 @@ services:
networks:
emqx_bridge:
driver: bridge
name: emqx_bridge
enable_ipv6: true
ipam:
driver: default
config:
- subnet: 172.100.100.0/24
gateway: 172.100.100.1
- subnet: 2001:3200:3200::/64
gateway: 2001:3200:3200::1

26
.ci/compatibility_tests/openldap/Dockerfile Normal file
View File

@ -0,0 +1,26 @@
FROM buildpack-deps:stretch
ARG LDAP_TAG=2.4.50
RUN apt-get update && apt-get install -y groff groff-base
RUN wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-${LDAP_TAG}.tgz \
&& gunzip -c openldap-${LDAP_TAG}.tgz | tar xvfB - \
&& cd openldap-${LDAP_TAG} \
&& ./configure && make depend && make && make install \
&& cd .. && rm -rf openldap-${LDAP_TAG}
COPY ./slapd.conf /usr/local/etc/openldap/slapd.conf
COPY ./schema/emqx.io.ldif /usr/local/etc/openldap/schema/emqx.io.ldif
COPY ./schema/emqx.schema /usr/local/etc/openldap/schema/emqx.schema
COPY ./certs/*.pem /usr/local/etc/openldap/
RUN mkdir -p /usr/local/etc/openldap/data \
&& slapadd -l /usr/local/etc/openldap/schema/emqx.io.ldif -f /usr/local/etc/openldap/slapd.conf
WORKDIR /usr/local/etc/openldap
EXPOSE 389 636
ENTRYPOINT ["/usr/local/libexec/slapd", "-h", "ldap:/// ldaps:///", "-d", "3", "-f", "/usr/local/etc/openldap/slapd.conf"]
CMD []

20
.ci/compatibility_tests/openldap/certs/cacert.pem Normal file
View File

@ -0,0 +1,20 @@
-----BEGIN CERTIFICATE-----
MIIDUTCCAjmgAwIBAgIJAPPYCjTmxdt/MA0GCSqGSIb3DQEBCwUAMD8xCzAJBgNV
BAYTAkNOMREwDwYDVQQIDAhoYW5nemhvdTEMMAoGA1UECgwDRU1RMQ8wDQYDVQQD
DAZSb290Q0EwHhcNMjAwNTA4MDgwNjUyWhcNMzAwNTA2MDgwNjUyWjA/MQswCQYD
VQQGEwJDTjERMA8GA1UECAwIaGFuZ3pob3UxDDAKBgNVBAoMA0VNUTEPMA0GA1UE
AwwGUm9vdENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcgVLex1
EZ9ON64EX8v+wcSjzOZpiEOsAOuSXOEN3wb8FKUxCdsGrsJYB7a5VM/Jot25Mod2
juS3OBMg6r85k2TWjdxUoUs+HiUB/pP/ARaaW6VntpAEokpij/przWMPgJnBF3Ur
MjtbLayH9hGmpQrI5c2vmHQ2reRZnSFbY+2b8SXZ+3lZZgz9+BaQYWdQWfaUWEHZ
uDaNiViVO0OT8DRjCuiDp3yYDj3iLWbTA/gDL6Tf5XuHuEwcOQUrd+h0hyIphO8D
tsrsHZ14j4AWYLk1CPA6pq1HIUvEl2rANx2lVUNv+nt64K/Mr3RnVQd9s8bK+TXQ
KGHd2Lv/PALYuwIDAQABo1AwTjAdBgNVHQ4EFgQUGBmW+iDzxctWAWxmhgdlE8Pj
EbQwHwYDVR0jBBgwFoAUGBmW+iDzxctWAWxmhgdlE8PjEbQwDAYDVR0TBAUwAwEB
/zANBgkqhkiG9w0BAQsFAAOCAQEAGbhRUjpIred4cFAFJ7bbYD9hKu/yzWPWkMRa
ErlCKHmuYsYk+5d16JQhJaFy6MGXfLgo3KV2itl0d+OWNH0U9ULXcglTxy6+njo5
CFqdUBPwN1jxhzo9yteDMKF4+AHIxbvCAJa17qcwUKR5MKNvv09C6pvQDJLzid7y
E2dkgSuggik3oa0427KvctFf8uhOV94RvEDyqvT5+pgNYZ2Yfga9pD/jjpoHEUlo
88IGU8/wJCx3Ds2yc8+oBg/ynxG8f/HmCC1ET6EHHoe2jlo8FpU/SgGtghS1YL30
IWxNsPrUP+XsZpBJy/mvOhE5QXo6Y35zDqqj8tI7AGmAWu22jg==
-----END CERTIFICATE-----

19
.ci/compatibility_tests/openldap/certs/cert.pem Normal file
View File

@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDEzCCAfugAwIBAgIBAjANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJDTjER
MA8GA1UECAwIaGFuZ3pob3UxDDAKBgNVBAoMA0VNUTEPMA0GA1UEAwwGUm9vdENB
MB4XDTIwMDUwODA4MDcwNVoXDTMwMDUwNjA4MDcwNVowPzELMAkGA1UEBhMCQ04x
ETAPBgNVBAgMCGhhbmd6aG91MQwwCgYDVQQKDANFTVExDzANBgNVBAMMBlNlcnZl
cjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNeWT3pE+QFfiRJzKmn
AMUrWo3K2j/Tm3+Xnl6WLz67/0rcYrJbbKvS3uyRP/stXyXEKw9CepyQ1ViBVFkW
Aoy8qQEOWFDsZc/5UzhXUnb6LXr3qTkFEjNmhj+7uzv/lbBxlUG1NlYzSeOB6/RT
8zH/lhOeKhLnWYPXdXKsa1FL6ij4X8DeDO1kY7fvAGmBn/THh1uTpDizM4YmeI+7
4dmayA5xXvARte5h4Vu5SIze7iC057N+vymToMk2Jgk+ZZFpyXrnq+yo6RaD3ANc
lrc4FbeUQZ5a5s5Sxgs9a0Y3WMG+7c5VnVXcbjBRz/aq2NtOnQQjikKKQA8GF080
BQkCAwEAAaMaMBgwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQEL
BQADggEBAJefnMZpaRDHQSNUIEL3iwGXE9c6PmIsQVE2ustr+CakBp3TZ4l0enLt
iGMfEVFju69cO4oyokWv+hl5eCMkHBf14Kv51vj448jowYnF1zmzn7SEzm5Uzlsa
sqjtAprnLyof69WtLU1j5rYWBuFX86yOTwRAFNjm9fvhAcrEONBsQtqipBWkMROp
iUYMkRqbKcQMdwxov+lHBYKq9zbWRoqLROAn54SRqgQk6c15JdEfgOOjShbsOkIH
UhqcwRkQic7n1zwHVGVDgNIZVgmJ2IdIWBlPEC7oLrRrBD/X1iEEXtKab6p5o22n
KB5mN+iQaE+Oe2cpGKZJiJRdM+IqDDQ=
-----END CERTIFICATE-----

19
.ci/compatibility_tests/openldap/certs/client-cert.pem Normal file
View File

@ -0,0 +1,19 @@
-----BEGIN CERTIFICATE-----
MIIDEzCCAfugAwIBAgIBATANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJDTjER
MA8GA1UECAwIaGFuZ3pob3UxDDAKBgNVBAoMA0VNUTEPMA0GA1UEAwwGUm9vdENB
MB4XDTIwMDUwODA4MDY1N1oXDTMwMDUwNjA4MDY1N1owPzELMAkGA1UEBhMCQ04x
ETAPBgNVBAgMCGhhbmd6aG91MQwwCgYDVQQKDANFTVExDzANBgNVBAMMBkNsaWVu
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMy4hoksKcZBDbY680u6
TS25U51nuB1FBcGMlF9B/t057wPOlxF/OcmbxY5MwepS41JDGPgulE1V7fpsXkiW
1LUimYV/tsqBfymIe0mlY7oORahKji7zKQ2UBIVFhdlvQxunlIDnw6F9popUgyHt
dMhtlgZK8oqRwHxO5dbfoukYd6J/r+etS5q26sgVkf3C6dt0Td7B25H9qW+f7oLV
PbcHYCa+i73u9670nrpXsC+Qc7Mygwa2Kq/jwU+ftyLQnOeW07DuzOwsziC/fQZa
nbxR+8U9FNftgRcC3uP/JMKYUqsiRAuaDokARZxVTV5hUElfpO6z6/NItSDvvh3i
eikCAwEAAaMaMBgwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQEL
BQADggEBABchYxKo0YMma7g1qDswJXsR5s56Czx/I+B41YcpMBMTrRqpUC0nHtLk
M7/tZp592u/tT8gzEnQjZLKBAhFeZaR3aaKyknLqwiPqJIgg0pgsBGITrAK3Pv4z
5/YvAJJKgTe5UdeTz6U4lvNEux/4juZ4pmqH4qSFJTOzQS7LmgSmNIdd072rwXBd
UzcSHzsJgEMb88u/LDLjj1pQ7AtZ4Tta8JZTvcgBFmjB0QUi6fgkHY6oGat/W4kR
jSRUBlMUbM/drr2PVzRc2dwbFIl3X+ZE6n5Sl3ZwRAC/s92JU6CPMRW02muVu6xl
goraNgPISnrbpR6KjxLZkVembXzjNNc=
-----END CERTIFICATE-----

27
.ci/compatibility_tests/openldap/certs/client-key.pem Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAzLiGiSwpxkENtjrzS7pNLblTnWe4HUUFwYyUX0H+3TnvA86X
EX85yZvFjkzB6lLjUkMY+C6UTVXt+mxeSJbUtSKZhX+2yoF/KYh7SaVjug5FqEqO
LvMpDZQEhUWF2W9DG6eUgOfDoX2milSDIe10yG2WBkryipHAfE7l1t+i6Rh3on+v
561LmrbqyBWR/cLp23RN3sHbkf2pb5/ugtU9twdgJr6Lve73rvSeulewL5BzszKD
BrYqr+PBT5+3ItCc55bTsO7M7CzOIL99BlqdvFH7xT0U1+2BFwLe4/8kwphSqyJE
C5oOiQBFnFVNXmFQSV+k7rPr80i1IO++HeJ6KQIDAQABAoIBAGWgvPjfuaU3qizq
uti/FY07USz0zkuJdkANH6LiSjlchzDmn8wJ0pApCjuIE0PV/g9aS8z4opp5q/gD
UBLM/a8mC/xf2EhTXOMrY7i9p/I3H5FZ4ZehEqIw9sWKK9YzC6dw26HabB2BGOnW
5nozPSQ6cp2RGzJ7BIkxSZwPzPnVTgy3OAuPOiJytvK+hGLhsNaT+Y9bNDvplVT2
ZwYTV8GlHZC+4b2wNROILm0O86v96O+Qd8nn3fXjGHbMsAnONBq10bZS16L4fvkH
5G+W/1PeSXmtZFppdRRDxIW+DWcXK0D48WRliuxcV4eOOxI+a9N2ZJZZiNLQZGwg
w3A8+mECgYEA8HuJFrlRvdoBe2U/EwUtG74dcyy30L4yEBnN5QscXmEEikhaQCfX
Wm6EieMcIB/5I5TQmSw0cmBMeZjSXYoFdoI16/X6yMMuATdxpvhOZGdUGXxhAH+x
xoTUavWZnEqW3fkUU71kT5E2f2i+0zoatFESXHeslJyz85aAYpP92H0CgYEA2e5A
Yozt5eaA1Gyhd8SeptkEU4xPirNUnVQHStpMWUb1kzTNXrPmNWccQ7JpfpG6DcYl
zUF6p6mlzY+zkMiyPQjwEJlhiHM2NlL1QS7td0R8ewgsFoyn8WsBI4RejWrEG9td
EDniuIw+pBFkcWthnTLHwECHdzgquToyTMjrBB0CgYEA28tdGbrZXhcyAZEhHAZA
Gzog+pKlkpEzeonLKIuGKzCrEKRecIK5jrqyQsCjhS0T7ZRnL4g6i0s+umiV5M5w
fcc292pEA1h45L3DD6OlKplSQVTv55/OYS4oY3YEJtf5mfm8vWi9lQeY8sxOlQpn
O+VZTdBHmTC8PGeTAgZXHZUCgYA6Tyv88lYowB7SN2qQgBQu8jvdGtqhcs/99GCr
H3N0I69LPsKAR0QeH8OJPXBKhDUywESXAaEOwS5yrLNP1tMRz5Vj65YUCzeDG3kx
gpvY4IMp7ArX0bSRvJ6mYSFnVxy3k174G3TVCfksrtagHioVBGQ7xUg5ltafjrms
n8l55QKBgQDVzU8tQvBVqY8/1lnw11Vj4fkE/drZHJ5UkdC1eenOfSWhlSLfUJ8j
ds7vEWpRPPoVuPZYeR1y78cyxKe1GBx6Wa2lF5c7xjmiu0xbRnrxYeLolce9/ntp
asClqpnHT8/VJYTD7Kqj0fouTTZf0zkig/y+2XERppd8k+pSKjUCPQ==
-----END RSA PRIVATE KEY-----

27
.ci/compatibility_tests/openldap/certs/key.pem Normal file
View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAs15ZPekT5AV+JEnMqacAxStajcraP9Obf5eeXpYvPrv/Stxi
sltsq9Le7JE/+y1fJcQrD0J6nJDVWIFUWRYCjLypAQ5YUOxlz/lTOFdSdvotevep
OQUSM2aGP7u7O/+VsHGVQbU2VjNJ44Hr9FPzMf+WE54qEudZg9d1cqxrUUvqKPhf
wN4M7WRjt+8AaYGf9MeHW5OkOLMzhiZ4j7vh2ZrIDnFe8BG17mHhW7lIjN7uILTn
s36/KZOgyTYmCT5lkWnJeuer7KjpFoPcA1yWtzgVt5RBnlrmzlLGCz1rRjdYwb7t
zlWdVdxuMFHP9qrY206dBCOKQopADwYXTzQFCQIDAQABAoIBAQCuvCbr7Pd3lvI/
n7VFQG+7pHRe1VKwAxDkx2t8cYos7y/QWcm8Ptwqtw58HzPZGWYrgGMCRpzzkRSF
V9g3wP1S5Scu5C6dBu5YIGc157tqNGXB+SpdZddJQ4Nc6yGHXYERllT04ffBGc3N
WG/oYS/1cSteiSIrsDy/91FvGRCi7FPxH3wIgHssY/tw69s1Cfvaq5lr2NTFzxIG
xCvpJKEdSfVfS9I7LYiymVjst3IOR/w76/ZFY9cRa8ZtmQSWWsm0TUpRC1jdcbkm
ZoJptYWlP+gSwx/fpMYftrkJFGOJhHJHQhwxT5X/ajAISeqjjwkWSEJLwnHQd11C
Zy2+29lBAoGBANlEAIK4VxCqyPXNKfoOOi5dS64NfvyH4A1v2+KaHWc7lqaqPN49
ezfN2n3X+KWx4cviDD914Yc2JQ1vVJjSaHci7yivocDo2OfZDmjBqzaMp/y+rX1R
/f3MmiTqMa468rjaxI9RRZu7vDgpTR+za1+OBCgMzjvAng8dJuN/5gjlAoGBANNY
uYPKtearBmkqdrSV7eTUe49Nhr0XotLaVBH37TCW0Xv9wjO2xmbm5Ga/DCtPIsBb
yPeYwX9FjoasuadUD7hRvbFu6dBa0HGLmkXRJZTcD7MEX2Lhu4BuC72yDLLFd0r+
Ep9WP7F5iJyagYqIZtz+4uf7gBvUDdmvXz3sGr1VAoGAdXTD6eeKeiI6PlhKBztF
zOb3EQOO0SsLv3fnodu7ZaHbUgLaoTMPuB17r2jgrYM7FKQCBxTNdfGZmmfDjlLB
0xZ5wL8ibU30ZXL8zTlWPElST9sto4B+FYVVF/vcG9sWeUUb2ncPcJ/Po3UAktDG
jYQTTyuNGtSJHpad/YOZctkCgYBtWRaC7bq3of0rJGFOhdQT9SwItN/lrfj8hyHA
OjpqTV4NfPmhsAtu6j96OZaeQc+FHvgXwt06cE6Rt4RG4uNPRluTFgO7XYFDfitP
vCppnoIw6S5BBvHwPP+uIhUX2bsi/dm8vu8tb+gSvo4PkwtFhEr6I9HglBKmcmog
q6waEQKBgHyecFBeM6Ls11Cd64vborwJPAuxIW7HBAFj/BS99oeG4TjBx4Sz2dFd
rzUibJt4ndnHIvCN8JQkjNG14i9hJln+H3mRss8fbZ9vQdqG+2vOWADYSzzsNI55
RFY7JjluKcVkp/zCDeUxTU3O6sS+v6/3VE11Cob6OYQx3lN5wrZ3
-----END RSA PRIVATE KEY-----

135
.ci/compatibility_tests/openldap/schema/emqx.io.ldif Normal file
View File

@ -0,0 +1,135 @@
## create emqx.io
dn:dc=emqx,dc=io
objectclass: top
objectclass: dcobject
objectclass: organization
dc:emqx
o:emqx,Inc.
# create testdevice.emqx.io
dn:ou=testdevice,dc=emqx,dc=io
objectClass: top
objectclass:organizationalUnit
ou:testdevice
# create user admin
dn:uid=admin,ou=testdevice,dc=emqx,dc=io
objectClass: top
objectClass: simpleSecurityObject
objectClass: account
userPassword:: e1NIQX1XNnBoNU1tNVB6OEdnaVVMYlBnekczN21qOWc9
uid: admin
## create user=mqttuser0001,
# password=mqttuser0001,
# passhash={SHA}mlb3fat40MKBTXUVZwCKmL73R/0=
# base64passhash=e1NIQX1tbGIzZmF0NDBNS0JUWFVWWndDS21MNzNSLzA9
dn:uid=mqttuser0001,ou=testdevice,dc=emqx,dc=io
objectClass: top
objectClass: mqttUser
objectClass: mqttDevice
objectClass: mqttSecurity
uid: mqttuser0001
isEnabled: TRUE
mqttAccountName: user1
mqttPublishTopic: mqttuser0001/pub/1
mqttPublishTopic: mqttuser0001/pub/+
mqttPublishTopic: mqttuser0001/pub/#
mqttSubscriptionTopic: mqttuser0001/sub/1
mqttSubscriptionTopic: mqttuser0001/sub/+
mqttSubscriptionTopic: mqttuser0001/sub/#
mqttPubSubTopic: mqttuser0001/pubsub/1
mqttPubSubTopic: mqttuser0001/pubsub/+
mqttPubSubTopic: mqttuser0001/pubsub/#
userPassword:: e1NIQX1tbGIzZmF0NDBNS0JUWFVWWndDS21MNzNSLzA9
## create user=mqttuser0002
# password=mqttuser0002,
# passhash={SSHA}n9XdtoG4Q/TQ3TQF4Y+khJbMBH4qXj4M
# base64passhash=e1NTSEF9bjlYZHRvRzRRL1RRM1RRRjRZK2toSmJNQkg0cVhqNE0=
dn:uid=mqttuser0002,ou=testdevice,dc=emqx,dc=io
objectClass: top
objectClass: mqttUser
objectClass: mqttDevice
objectClass: mqttSecurity
uid: mqttuser0002
isEnabled: TRUE
mqttAccountName: user2
mqttPublishTopic: mqttuser0002/pub/1
mqttPublishTopic: mqttuser0002/pub/+
mqttPublishTopic: mqttuser0002/pub/#
mqttSubscriptionTopic: mqttuser0002/sub/1
mqttSubscriptionTopic: mqttuser0002/sub/+
mqttSubscriptionTopic: mqttuser0002/sub/#
mqttPubSubTopic: mqttuser0002/pubsub/1
mqttPubSubTopic: mqttuser0002/pubsub/+
mqttPubSubTopic: mqttuser0002/pubsub/#
userPassword:: e1NTSEF9bjlYZHRvRzRRL1RRM1RRRjRZK2toSmJNQkg0cVhqNE0=
## create user mqttuser0003
# password=mqttuser0003,
# passhash={MD5}ybsPGoaK3nDyiQvveiCOIw==
# base64passhash=e01ENX15YnNQR29hSzNuRHlpUXZ2ZWlDT0l3PT0=
dn:uid=mqttuser0003,ou=testdevice,dc=emqx,dc=io
objectClass: top
objectClass: mqttUser
objectClass: mqttDevice
objectClass: mqttSecurity
uid: mqttuser0003
isEnabled: TRUE
mqttPublishTopic: mqttuser0003/pub/1
mqttPublishTopic: mqttuser0003/pub/+
mqttPublishTopic: mqttuser0003/pub/#
mqttSubscriptionTopic: mqttuser0003/sub/1
mqttSubscriptionTopic: mqttuser0003/sub/+
mqttSubscriptionTopic: mqttuser0003/sub/#
mqttPubSubTopic: mqttuser0003/pubsub/1
mqttPubSubTopic: mqttuser0003/pubsub/+
mqttPubSubTopic: mqttuser0003/pubsub/#
userPassword:: e01ENX15YnNQR29hSzNuRHlpUXZ2ZWlDT0l3PT0=
## create user mqttuser0004
# password=mqttuser0004,
# passhash={MD5}2Br6pPDSEDIEvUlu9+s+MA==
# base64passhash=e01ENX0yQnI2cFBEU0VESUV2VWx1OStzK01BPT0=
dn:uid=mqttuser0004,ou=testdevice,dc=emqx,dc=io
objectClass: top
objectClass: mqttUser
objectClass: mqttDevice
objectClass: mqttSecurity
uid: mqttuser0004
isEnabled: TRUE
mqttPublishTopic: mqttuser0004/pub/1
mqttPublishTopic: mqttuser0004/pub/+
mqttPublishTopic: mqttuser0004/pub/#
mqttSubscriptionTopic: mqttuser0004/sub/1
mqttSubscriptionTopic: mqttuser0004/sub/+
mqttSubscriptionTopic: mqttuser0004/sub/#
mqttPubSubTopic: mqttuser0004/pubsub/1
mqttPubSubTopic: mqttuser0004/pubsub/+
mqttPubSubTopic: mqttuser0004/pubsub/#
userPassword: {MD5}2Br6pPDSEDIEvUlu9+s+MA==
## create user mqttuser0005
# password=mqttuser0005,
# passhash={SHA}jKnxeEDGR14kE8AR7yuVFOelhz4=
# base64passhash=e1NIQX1qS254ZUVER1IxNGtFOEFSN3l1VkZPZWxoejQ9
objectClass: top
dn:uid=mqttuser0005,ou=testdevice,dc=emqx,dc=io
objectClass: mqttUser
objectClass: mqttDevice
objectClass: mqttSecurity
uid: mqttuser0005
isEnabled: TRUE
mqttPublishTopic: mqttuser0005/pub/1
mqttPublishTopic: mqttuser0005/pub/+
mqttPublishTopic: mqttuser0005/pub/#
mqttSubscriptionTopic: mqttuser0005/sub/1
mqttSubscriptionTopic: mqttuser0005/sub/+
mqttSubscriptionTopic: mqttuser0005/sub/#
mqttPubSubTopic: mqttuser0005/pubsub/1
mqttPubSubTopic: mqttuser0005/pubsub/+
mqttPubSubTopic: mqttuser0005/pubsub/#
userPassword: {SHA}jKnxeEDGR14kE8AR7yuVFOelhz4=

46
.ci/compatibility_tests/openldap/schema/emqx.schema Normal file
View File

@ -0,0 +1,46 @@
#
# Preliminary Apple OS X Native LDAP Schema
# This file is subject to change.
#
attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.1.3 NAME 'isEnabled'
EQUALITY booleanMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
SINGLE-VALUE
USAGE userApplications )
attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.1 NAME ( 'mqttPublishTopic' 'mpt' )
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE userApplications )
attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.2 NAME ( 'mqttSubscriptionTopic' 'mst' )
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE userApplications )
attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.3 NAME ( 'mqttPubSubTopic' 'mpst' )
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE userApplications )
attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.4 NAME ( 'mqttAccountName' 'man' )
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
USAGE userApplications )
objectclass ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4 NAME 'mqttUser'
AUXILIARY
MAY ( mqttPublishTopic $ mqttSubscriptionTopic $ mqttPubSubTopic $ mqttAccountName) )
objectclass ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.2 NAME 'mqttDevice'
SUP top
STRUCTURAL
MUST ( uid )
MAY ( isEnabled ) )
objectclass ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.3 NAME 'mqttSecurity'
SUP top
AUXILIARY
MAY ( userPassword $ userPKCS12 $ pwdAttribute $ pwdLockout ) )

16
.ci/compatibility_tests/openldap/slapd.conf Normal file
View File

@ -0,0 +1,16 @@
include /usr/local/etc/openldap/schema/core.schema
include /usr/local/etc/openldap/schema/cosine.schema
include /usr/local/etc/openldap/schema/inetorgperson.schema
include /usr/local/etc/openldap/schema/ppolicy.schema
include /usr/local/etc/openldap/schema/emqx.schema
TLSCACertificateFile /usr/local/etc/openldap/cacert.pem
TLSCertificateFile /usr/local/etc/openldap/cert.pem
TLSCertificateKeyFile /usr/local/etc/openldap/key.pem
database bdb
suffix "dc=emqx,dc=io"
rootdn "cn=root,dc=emqx,dc=io"
rootpw {SSHA}eoF7NhNrejVYYyGHqnt+MdKNBh4r1w3W
directory /usr/local/etc/openldap/data

0
apps/emqx_auth_redis/.ci/redis/redis-tls.conf → .ci/compatibility_tests/redis/redis-tls.conf
View File

0
apps/emqx_auth_redis/.ci/redis/redis.conf → .ci/compatibility_tests/redis/redis.conf
View File

0
apps/emqx_auth_redis/.ci/redis/redis.sh → .ci/compatibility_tests/redis/redis.sh
View File

0
apps/emqx_auth_redis/.ci/redis/sentinel.conf → .ci/compatibility_tests/redis/sentinel.conf
View File

300
.github/workflows/run_cts_tests.yaml vendored Normal file
View File

@ -0,0 +1,300 @@
name: Compatibility Test Suite
on:
push:
release:
types:
- published
pull_request:
workflow_dispatch:
repository_dispatch:
types: [run_actions]
jobs:
ldap:
runs-on: ubuntu-20.04
strategy:
matrix:
ldap_tag:
- 2.4.50
network_type:
- ipv4
- ipv6
steps:
- uses: actions/checkout@v1
- name: setup
env:
LDAP_TAG: ${{ matrix.ldap_tag }}
run: |
cp -f apps/emqx_auth_ldap/emqx.io.ldif .ci/apps_tests/emqx_ldap/schema
cp -f apps/emqx_auth_ldap/emqx.schema .ci/apps_tests/emqx_ldap/schema
cp -f apps/emqx_auth_ldap/test/certs/* .ci/apps_tests/emqx_ldap/certs
docker-compose -f .ci/apps_tests/docker-compose.yaml build --no-cache
docker-compose -f .ci/compatibility_tests/docker-compose-ldap.yaml up -d
- name: setup
if: matrix.network_type == 'ipv4'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' ldap)
sed -i "/auth.ldap.servers/c auth.ldap.servers = $server_address" apps/emqx_auth_ldap/etc/emqx_auth_ldap.conf
- name: setup
if: matrix.network_type == 'ipv6'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' ldap)
sed -i "/auth.ldap.servers/c auth.ldap.servers = $server_address" apps/emqx_auth_ldap/etc/emqx_auth_ldap.conf
- name: run test cases
run: |
docker exec -i erlang sh -c "make ensure-rebar3"
docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_ldap"
docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_ldap"
- uses: actions/upload-artifact@v1
if: failure()
with:
name: logs_ldap${{ matrix.ldap_tag }}_${{ matrix.network_type }}
path: _build/test/logs
mongo:
runs-on: ubuntu-20.04
strategy:
matrix:
mongo_tag:
- 3
- 4
network_type:
- ipv4
- ipv6
connect_type:
- tls
- tcp
steps:
- uses: actions/checkout@v1
- name: setup
env:
MONGO_TAG: ${{ matrix.mongo_tag }}
if: matrix.connect_type == 'tls'
run: |
docker-compose -f .ci/compatibility_tests/docker-compose-mongo-tls.yaml up -d
echo 'auth.mongo.ssl = true' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf
echo 'auth.mongo.ssl_opts.cacertfile = /emqx/apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/ca.pem' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf
echo 'auth.mongo.ssl_opts.certfile = /emqx/apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/client-cert.pem' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf
echo 'auth.mongo.ssl_opts.keyfile = /emqx/apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/client-key.pem' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf
- name: setup
env:
MONGO_TAG: ${{ matrix.mongo_tag }}
if: matrix.connect_type == 'tcp'
run: docker-compose -f .ci/compatibility_tests/docker-compose-mongo.yaml up -d
- name: setup
if: matrix.network_type == 'ipv4'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mongo)
sed -i "/auth.mongo.server/c auth.mongo.server = $server_address:27017" apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf
- name: setup
if: matrix.network_type == 'ipv6'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' mongo)
sed -i "/auth.mongo.server/c auth.mongo.server = $server_address:27017" apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf
- name: run test cases
run: |
docker exec -i erlang sh -c "make ensure-rebar3"
docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_mongo"
docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_mongo"
- uses: actions/upload-artifact@v1
if: failure()
with:
name: logs_mongo${{ matrix.mongo_tag }}_${{ matrix.network_type }}_${{ matrix.connect_type }}
path: _build/test/logs
mysql:
runs-on: ubuntu-20.04
strategy:
matrix:
mysql_tag:
- 5.7
- 8
network_type:
- ipv4
- ipv6
connect_type:
- tls
- tcp
steps:
- uses: actions/checkout@v1
- name: setup
env:
MYSQL_TAG: ${{ matrix.mysql_tag }}
if: matrix.connect_type == 'tls'
run: |
docker-compose -f .ci/compatibility_tests/docker-compose-mysql-tls.yaml up -d
echo '\n' >> apps/emqx_auth_mongo/etc/emqx_auth_mysql.conf
echo 'auth.mysql.ssl = on' >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf
echo "auth.mysql.ssl.cafile = /emqx/apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/ca.pem" >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf
echo "auth.mysql.ssl.certfile = /emqx/apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/client-cert.pem" >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf
echo "auth.mysql.ssl.keyfile = /emqx/apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/client-key.pem" >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf
- name: setup
env:
MYSQL_TAG: ${{ matrix.mysql_tag }}
if: matrix.connect_type == 'tcp'
run: docker-compose -f .ci/compatibility_tests/docker-compose-mysql.yaml up -d
- name: setup
if: matrix.network_type == 'ipv4'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mysql)
sed -i "/auth.mysql.server/c auth.mysql.server = $server_address:3306" apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf
- name: setup
if: matrix.network_type == 'ipv6'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' mysql)
sed -i "/auth.mysql.server/c auth.mysql.server = $server_address:3306" apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf
- name: run test cases
run: |
docker exec -i erlang sh -c "make ensure-rebar3"
docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_mysql"
docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_mysql"
- uses: actions/upload-artifact@v1
if: failure()
with:
name: logs_mysql${{ matrix.mysql_tag }}_${{ matrix.network_type }}_${{ matrix.connect_type }}
path: _build/test/logs
pgsql:
runs-on: ubuntu-20.04
strategy:
matrix:
pgsql_tag:
- 9
- 10
- 11
- 12
- 13
network_type:
- ipv4
- ipv6
connect_type:
# - tls
- tcp
steps:
- uses: actions/checkout@v1
- name: setup
env:
PGSQL_TAG: ${{ matrix.pgsql_tag }}
if: matrix.connect_type == 'tls'
run: |
docker-compose -f .ci/compatibility_tests/docker-compose-pgsql-tls.yaml up -d
echo '\n' >> apps/emqx_auth_mongo/etc/emqx_auth_pgsql.conf
echo 'auth.pgsql.ssl = true' >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf
echo "auth.pgsql.ssl_opts.cacertfile = /emqx/apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/ca.pem" >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf
echo "auth.pgsql.ssl_opts.certfile = /emqx/apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/client-cert.pem" >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf
echo "auth.pgsql.ssl_opts.keyfile = /emqx/apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/client-key.pem" >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf
- name: setup
env:
PGSQL_TAG: ${{ matrix.pgsql_tag }}
if: matrix.connect_type == 'tcp'
run: docker-compose -f .ci/compatibility_tests/docker-compose-pgsql.yaml up -d
- name: setup
if: matrix.network_type == 'ipv4'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' pgsql)
sed -i "/auth.pgsql.server/c auth.pgsql.server = $server_address:5432" apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf
- name: setup
if: matrix.network_type == 'ipv6'
run: |
server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' pgsql)
sed -i "/auth.pgsql.server/c auth.pgsql.server = $server_address:5432" apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf
- name: run test cases
run: |
docker exec -i erlang sh -c "make ensure-rebar3"
docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_pgsql"
docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_pgsql"
- uses: actions/upload-artifact@v1
if: failure()
with:
name: logs_pgsql${{ matrix.pgsql_tag }}_${{ matrix.network_type }}_${{ matrix.connect_type }}
path: _build/test/logs
redis:
runs-on: ubuntu-20.04
strategy:
matrix:
redis_tag:
- 5
- 6
network_type:
- ipv4
- ipv6
connect_type:
- tls
- tcp
node_type:
- singer
- cluster
steps:
- uses: actions/checkout@v1
- name: setup
env:
REDIS_TAG: ${{ matrix.redis_tag }}
if: matrix.connect_type == 'tls' && matrix.redis_tag != '5'
run: |
set -exu
docker-compose -f .ci/compatibility_tests/docker-compose-redis-${{ matrix.node_type }}-tls.yaml up -d
echo '\n' >> apps/emqx_auth_mongo/etc/emqx_auth_redis.conf
echo 'auth.redis.ssl = on' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf
echo 'auth.redis.cafile = /emqx/apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/ca.crt' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf
echo 'auth.redis.certfile = /emqx/apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/redis.crt' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf
echo 'auth.redis.keyfile = /emqx/apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/redis.key' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf
- name: setup
env:
REDIS_TAG: ${{ matrix.redis_tag }}
if: matrix.connect_type == 'tcp'
run: docker-compose -f .ci/compatibility_tests/docker-compose-redis-${{ matrix.node_type }}.yaml up -d
- name: get server address
if: matrix.connect_type == 'tcp' || (matrix.connect_type == 'tls' && matrix.redis_tag != '5')
run: |
set -exu
ipv4_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' redis)
ipv6_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' redis)
echo "redis_ipv4_address=$ipv4_address" >> $GITHUB_ENV
echo "redis_ipv6_address=$ipv6_address" >> $GITHUB_ENV
- name: setup
if: matrix.node_type == 'singer' && matrix.connect_type == 'tcp'
run: |
set -exu
sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:6379" apps/emqx_auth_redis/etc/emqx_auth_redis.conf
- name: setup
if: matrix.node_type == 'singer' && matrix.connect_type == 'tls' && matrix.redis_tag != '5'
run: |
set -exu
sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:6380" apps/emqx_auth_redis/etc/emqx_auth_redis.conf
- name: setup
if: matrix.node_type == 'cluster' && matrix.connect_type == 'tcp'
run: |
set -exu
sed -i "/auth.redis.type/c auth.redis.type = cluster" apps/emqx_auth_redis/etc/emqx_auth_redis.conf
sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:7000, ${redis_${{ matrix.network_type }}_address}:7001, ${redis_${{ matrix.network_type }}_address}:7002" apps/emqx_auth_redis/etc/emqx_auth_redis.conf
- name: setup
if: matrix.node_type == 'cluster' && matrix.connect_type == 'tls' && matrix.redis_tag != '5'
run: |
set -exu
sed -i "/auth.redis.type/c auth.redis.type = cluster" apps/emqx_auth_redis/etc/emqx_auth_redis.conf
sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:8000, ${redis_${{ matrix.network_type }}_address}:8001, ${redis_${{ matrix.network_type }}_address}:8002" apps/emqx_auth_redis/etc/emqx_auth_redis.conf
- name: run test cases
if: matrix.connect_type == 'tcp' || (matrix.connect_type == 'tls' && matrix.redis_tag != '5')
run: |
docker exec -i erlang sh -c "make ensure-rebar3"
docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_redis"
docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_redis"
- uses: actions/upload-artifact@v1
if: failure()
with:
name: logs_redis${{ matrix.redis_tag }}_${{ matrix.node_type }}_${{ matrix.network_type }}_${{ matrix.connect_type }}
path: _build/test/logs

24
.github/workflows/run_test_cases.yaml vendored
View File

@ -18,21 +18,21 @@ jobs:
strategy:
matrix:
mysql_vsn: [5.7, 8]
redis_vsn: [6]
mongo_vsn: [3, 4]
pgsql_vsn: [11, 12, 13]
ldap_vsn: [2.4.50]
mysql_tag: [5.7]
redis_tag: [6]
mongo_tag: [3, 4]
pgsql_tag: [13]
ldap_tag: [2.4.50]
steps:
- uses: actions/checkout@v2
- name: set up
env:
MYSQL_VSN: ${{ matrix.mysql_vsn }}
REDIS_VSN: ${{ matrix.redis_vsn }}
MONGO_VSN: ${{ matrix.mongo_vsn }}
PGSQL_VSN: ${{ matrix.pgsql_vsn }}
LDAP_VSN: ${{ matrix.ldap_vsn }}
MYSQL_TAG: ${{ matrix.mysql_tag }}
REDIS_TAG: ${{ matrix.redis_tag }}
MONGO_TAG: ${{ matrix.mongo_tag }}
PGSQL_TAG: ${{ matrix.pgsql_tag }}
LDAP_TAG: ${{ matrix.ldap_tag }}
run: |
cp -f apps/emqx_auth_ldap/emqx.io.ldif .ci/apps_tests/emqx_ldap/schema
cp -f apps/emqx_auth_ldap/emqx.schema .ci/apps_tests/emqx_ldap/schema
@ -68,9 +68,9 @@ jobs:
- uses: actions/upload-artifact@v1
if: failure()
with:
name: logs_mysql${{ matrix.mysql_vsn }}_reids${{ matrix.redis_vsn }}_mongo${{ matrix.mongo_vsn }}_pgsql${{ matrix.pgsql_vsn }}_ldap${{ matrix.ldap_vsn }}
name: logs_mysql${{ matrix.mysql_tag }}_reids${{ matrix.redis_tag }}_mongo${{ matrix.mongo_tag }}_pgsql${{ matrix.pgsql_tag }}_ldap${{ matrix.ldap_tag }}
path: _build/test/logs
- uses: actions/upload-artifact@v1
with:
name: cover_mysql${{ matrix.mysql_vsn }}_reids${{ matrix.redis_vsn }}_mongo${{ matrix.mongo_vsn }}_pgsql${{ matrix.pgsql_vsn }}_ldap${{ matrix.ldap_vsn }}
name: cover_mysql${{ matrix.mysql_tag }}_reids${{ matrix.redis_tag }}_mongo${{ matrix.mongo_tag }}_pgsql${{ matrix.pgsql_tag }}_ldap${{ matrix.ldap_tag }}
path: _build/test/cover

27
apps/emqx_auth_mongo/docker-compose.yml
View File

@ -1,27 +0,0 @@
version: '3'
services:
erlang:
image: erlang:22.1
volumes:
- ./:/emqx_auth_mongo
networks:
- emqx_bridge
depends_on:
- mongo_server
tty: true
mongo_server:
image: mongo:${MONGO_TAG}
restart: always
environment:
MONGO_INITDB_DATABASE: mqtt
networks:
- emqx_bridge
command:
--ipv6
--bind_ip_all
networks:
emqx_bridge:
driver: bridge

8
apps/emqx_auth_pgsql/.ci/pgsql/Dockerfile
View File

@ -1,8 +0,0 @@
ARG BUILD_FROM=postgres:11
FROM ${BUILD_FROM}
COPY pg.conf /etc/postgresql/postgresql.conf
COPY server-cert.pem /etc/postgresql/server-cert.pem
COPY server-key.pem /etc/postgresql/server-key.pem
RUN chown -R postgres:postgres /etc/postgresql \
&& chmod 600 /etc/postgresql/*.pem
CMD ["-c", "config_file=/etc/postgresql/postgresql.conf"]

3
apps/emqx_auth_redis/etc/emqx_auth_redis.conf
View File

@ -113,4 +113,5 @@ auth.redis.acl_cmd = HGETALL mqtt_acl:%u
## Client ssl keyfile.
##
## Value: File
#auth.redis.keyfile = path/to/your/keyfile
#auth.redis.keyfile = path/to/your/keyfile