From 6989c7a83dcc75f582e13d89372ae2c5f59ccbf1 Mon Sep 17 00:00:00 2001 From: zhanghongtong Date: Thu, 24 Dec 2020 13:53:08 +0800 Subject: [PATCH] test(CI): add cts --- .ci/apps_tests/.env | 10 +- .ci/apps_tests/docker-compose.yaml | 10 +- .ci/apps_tests/emqx_ldap/Dockerfile | 10 +- .../docker-compose-ldap.yaml | 40 +++ .../docker-compose-mongo-tls.yaml | 43 +++ .../docker-compose-mongo.yaml | 20 +- .../docker-compose-mysql-tls.yaml | 20 +- .../docker-compose-mysql.yaml | 14 +- .../docker-compose-pgsql-tls.yaml | 45 +++ .../docker-compose-pgsql.yaml | 20 +- .../docker-compose-redis-cluster-tls.yaml | 12 +- .../docker-compose-redis-cluster.yaml | 8 +- .../docker-compose-redis-sentinel.yaml | 8 +- .../docker-compose-redis-singer-tls.yaml | 18 +- .../docker-compose-redis-singer.yaml | 14 +- .ci/compatibility_tests/openldap/Dockerfile | 26 ++ .../openldap/certs/cacert.pem | 20 ++ .../openldap/certs/cert.pem | 19 ++ .../openldap/certs/client-cert.pem | 19 ++ .../openldap/certs/client-key.pem | 27 ++ .../openldap/certs/key.pem | 27 ++ .../openldap/schema/emqx.io.ldif | 135 ++++++++ .../openldap/schema/emqx.schema | 46 +++ .ci/compatibility_tests/openldap/slapd.conf | 16 + .../compatibility_tests}/redis/redis-tls.conf | 0 .../compatibility_tests}/redis/redis.conf | 0 .../compatibility_tests}/redis/redis.sh | 0 .../compatibility_tests}/redis/sentinel.conf | 0 .github/workflows/run_cts_tests.yaml | 300 ++++++++++++++++++ .github/workflows/run_test_cases.yaml | 24 +- apps/emqx_auth_mongo/docker-compose.yml | 27 -- apps/emqx_auth_pgsql/.ci/pgsql/Dockerfile | 8 - apps/emqx_auth_redis/etc/emqx_auth_redis.conf | 3 +- 33 files changed, 894 insertions(+), 95 deletions(-) create mode 100644 .ci/compatibility_tests/docker-compose-ldap.yaml create mode 100644 .ci/compatibility_tests/docker-compose-mongo-tls.yaml rename apps/emqx_auth_mongo/docker-compose-ssl.yml => .ci/compatibility_tests/docker-compose-mongo.yaml (51%) rename apps/emqx_auth_mysql/docker-compose-ssl.yml => .ci/compatibility_tests/docker-compose-mysql-tls.yaml (56%) rename apps/emqx_auth_mysql/docker-compose.yml => .ci/compatibility_tests/docker-compose-mysql.yaml (67%) create mode 100644 .ci/compatibility_tests/docker-compose-pgsql-tls.yaml rename apps/emqx_auth_pgsql/.ci/docker-compose.yml => .ci/compatibility_tests/docker-compose-pgsql.yaml (50%) rename apps/emqx_auth_redis/.ci/docker-compose-cluster-tls.yml => .ci/compatibility_tests/docker-compose-redis-cluster-tls.yaml (78%) rename apps/emqx_auth_redis/.ci/docker-compose-cluster.yml => .ci/compatibility_tests/docker-compose-redis-cluster.yaml (86%) rename apps/emqx_auth_redis/.ci/docker-compose-sentinel.yml => .ci/compatibility_tests/docker-compose-redis-sentinel.yaml (86%) rename apps/emqx_auth_redis/.ci/docker-compose-tls.yml => .ci/compatibility_tests/docker-compose-redis-singer-tls.yaml (52%) rename apps/emqx_auth_redis/.ci/docker-compose.yml => .ci/compatibility_tests/docker-compose-redis-singer.yaml (52%) create mode 100644 .ci/compatibility_tests/openldap/Dockerfile create mode 100644 .ci/compatibility_tests/openldap/certs/cacert.pem create mode 100644 .ci/compatibility_tests/openldap/certs/cert.pem create mode 100644 .ci/compatibility_tests/openldap/certs/client-cert.pem create mode 100644 .ci/compatibility_tests/openldap/certs/client-key.pem create mode 100644 .ci/compatibility_tests/openldap/certs/key.pem create mode 100644 .ci/compatibility_tests/openldap/schema/emqx.io.ldif create mode 100644 .ci/compatibility_tests/openldap/schema/emqx.schema create mode 100644 .ci/compatibility_tests/openldap/slapd.conf rename {apps/emqx_auth_redis/.ci => .ci/compatibility_tests}/redis/redis-tls.conf (100%) rename {apps/emqx_auth_redis/.ci => .ci/compatibility_tests}/redis/redis.conf (100%) rename {apps/emqx_auth_redis/.ci => .ci/compatibility_tests}/redis/redis.sh (100%) rename {apps/emqx_auth_redis/.ci => .ci/compatibility_tests}/redis/sentinel.conf (100%) create mode 100644 .github/workflows/run_cts_tests.yaml delete mode 100644 apps/emqx_auth_mongo/docker-compose.yml delete mode 100644 apps/emqx_auth_pgsql/.ci/pgsql/Dockerfile diff --git a/.ci/apps_tests/.env b/.ci/apps_tests/.env index b8de5b7e6..2ac286e98 100644 --- a/.ci/apps_tests/.env +++ b/.ci/apps_tests/.env @@ -1,5 +1,5 @@ -MYSQL_VSN=5.7 -REDIS_VSN=6 -MONGO_VSN=4.1 -PGSQL_VSN=11 -LDAP_VSN=2.4.50 +MYSQL_TAG=5.7 +REDIS_TAG=6 +MONGO_TAG=4.1 +PGSQL_TAG=11 +LDAP_TAG=2.4.50 diff --git a/.ci/apps_tests/docker-compose.yaml b/.ci/apps_tests/docker-compose.yaml index 9034dd7eb..cb28a88d8 100644 --- a/.ci/apps_tests/docker-compose.yaml +++ b/.ci/apps_tests/docker-compose.yaml @@ -19,7 +19,7 @@ services: mysql_server: container_name: mysql - image: mysql:${MYSQL_VSN} + image: mysql:${MYSQL_TAG} restart: always ports: - 3306:3306 @@ -47,7 +47,7 @@ services: redis_server: container_name: redis - image: redis:${REDIS_VSN} + image: redis:${REDIS_TAG} ports: - 6379:6379 command: @@ -65,7 +65,7 @@ services: mongo_server: container_name: mongo - image: mongo:${MONGO_VSN} + image: mongo:${MONGO_TAG} ports: - 27017:27017 restart: always @@ -83,7 +83,7 @@ services: pgsql_server: container_name: pgsql - image: postgres:${PGSQL_VSN} + image: postgres:${PGSQL_TAG} ports: - 5432:5432 restart: always @@ -99,7 +99,7 @@ services: build: context: ./emqx_ldap args: - LDAP_VSN: ${LDAP_VSN} + LDAP_TAG: ${LDAP_TAG} image: emqx-ldap:1.0 ports: - 389:389 diff --git a/.ci/apps_tests/emqx_ldap/Dockerfile b/.ci/apps_tests/emqx_ldap/Dockerfile index 79a32069e..a0cf7d25e 100644 --- a/.ci/apps_tests/emqx_ldap/Dockerfile +++ b/.ci/apps_tests/emqx_ldap/Dockerfile @@ -1,13 +1,13 @@ FROM buildpack-deps:stretch -ARG LDAP_VSN=2.4.50 +ARG LDAP_TAG=2.4.50 RUN apt-get update && apt-get install -y groff groff-base -RUN wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-${LDAP_VSN}.tgz \ - && gunzip -c openldap-${LDAP_VSN}.tgz | tar xvfB - \ - && cd openldap-${LDAP_VSN} \ +RUN wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-${LDAP_TAG}.tgz \ + && gunzip -c openldap-${LDAP_TAG}.tgz | tar xvfB - \ + && cd openldap-${LDAP_TAG} \ && ./configure && make depend && make && make install \ - && cd .. && rm -rf openldap-${LDAP_VSN} + && cd .. && rm -rf openldap-${LDAP_TAG} COPY ./slapd.conf /usr/local/etc/openldap/slapd.conf COPY ./schema/emqx.io.ldif /usr/local/etc/openldap/schema/emqx.io.ldif diff --git a/.ci/compatibility_tests/docker-compose-ldap.yaml b/.ci/compatibility_tests/docker-compose-ldap.yaml new file mode 100644 index 000000000..69a403569 --- /dev/null +++ b/.ci/compatibility_tests/docker-compose-ldap.yaml @@ -0,0 +1,40 @@ +version: '3' + +services: + erlang: + container_name: erlang + image: erlang:22.3 + depends_on: + - ldap_server + networks: + - emqx_bridge + volumes: + - ../../.:/emqx + working_dir: /emqx + tty: true + + ldap_server: + container_name: ldap + build: + context: ./openldap + args: + LDAP_TAG: ${LDAP_TAG} + image: openldap + ports: + - 389:389 + restart: always + networks: + - emqx_bridge + +networks: + emqx_bridge: + driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.239.0/24 + gateway: 172.100.239.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/.ci/compatibility_tests/docker-compose-mongo-tls.yaml b/.ci/compatibility_tests/docker-compose-mongo-tls.yaml new file mode 100644 index 000000000..fed0d60d8 --- /dev/null +++ b/.ci/compatibility_tests/docker-compose-mongo-tls.yaml @@ -0,0 +1,43 @@ +version: '3' + +services: + erlang: + container_name: erlang + image: erlang:22.3 + volumes: + - ../../:/emqx + working_dir: /emqx + networks: + - emqx_bridge + depends_on: + - mongo_server + tty: true + + mongo_server: + container_name: mongo + image: mongo:${MONGO_TAG} + restart: always + environment: + MONGO_INITDB_DATABASE: mqtt + volumes: + - ../../apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/mongodb.pem/:/etc/certs/mongodb.pem + networks: + - emqx_bridge + command: + --ipv6 + --bind_ip_all + --sslMode requireSSL + --sslPEMKeyFile /etc/certs/mongodb.pem + +networks: + emqx_bridge: + driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_mongo/docker-compose-ssl.yml b/.ci/compatibility_tests/docker-compose-mongo.yaml similarity index 51% rename from apps/emqx_auth_mongo/docker-compose-ssl.yml rename to .ci/compatibility_tests/docker-compose-mongo.yaml index 7af0981b1..ec6310eac 100644 --- a/apps/emqx_auth_mongo/docker-compose-ssl.yml +++ b/.ci/compatibility_tests/docker-compose-mongo.yaml @@ -2,9 +2,11 @@ version: '3' services: erlang: - image: erlang:22.1 + container_name: erlang + image: erlang:22.3 volumes: - - ./:/emqx_auth_mongo + - ../..:/emqx + working_dir: /emqx networks: - emqx_bridge depends_on: @@ -12,20 +14,26 @@ services: tty: true mongo_server: + container_name: mongo image: mongo:${MONGO_TAG} restart: always environment: MONGO_INITDB_DATABASE: mqtt - volumes: - - ./test/emqx_auth_mongo_SUITE_data/mongodb.pem/:/etc/certs/mongodb.pem networks: - emqx_bridge command: --ipv6 --bind_ip_all - --sslMode requireSSL - --sslPEMKeyFile /etc/certs/mongodb.pem networks: emqx_bridge: driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_mysql/docker-compose-ssl.yml b/.ci/compatibility_tests/docker-compose-mysql-tls.yaml similarity index 56% rename from apps/emqx_auth_mysql/docker-compose-ssl.yml rename to .ci/compatibility_tests/docker-compose-mysql-tls.yaml index fe7d442fe..566240787 100644 --- a/apps/emqx_auth_mysql/docker-compose-ssl.yml +++ b/.ci/compatibility_tests/docker-compose-mysql-tls.yaml @@ -2,9 +2,11 @@ version: '3' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ./:/emqx_auth_mysql + - ../../:/emqx + working_dir: /emqx networks: - emqx_bridge depends_on: @@ -12,15 +14,16 @@ services: tty: true mysql_server: + container_name: mysql image: mysql:${MYSQL_TAG} restart: always environment: MYSQL_ROOT_PASSWORD: public MYSQL_DATABASE: mqtt volumes: - - ./test/emqx_auth_mysql_SUITE_data/ca.pem:/etc/certs/ca-cert.pem - - ./test/emqx_auth_mysql_SUITE_data/server-cert.pem:/etc/certs/server-cert.pem - - ./test/emqx_auth_mysql_SUITE_data/server-key.pem:/etc/certs/server-key.pem + - ../../apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/ca.pem:/etc/certs/ca-cert.pem + - ../../apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/server-cert.pem:/etc/certs/server-cert.pem + - ../../apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/server-key.pem:/etc/certs/server-key.pem networks: - emqx_bridge command: @@ -39,3 +42,12 @@ services: networks: emqx_bridge: driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_mysql/docker-compose.yml b/.ci/compatibility_tests/docker-compose-mysql.yaml similarity index 67% rename from apps/emqx_auth_mysql/docker-compose.yml rename to .ci/compatibility_tests/docker-compose-mysql.yaml index c37bf983b..d49c51977 100644 --- a/apps/emqx_auth_mysql/docker-compose.yml +++ b/.ci/compatibility_tests/docker-compose-mysql.yaml @@ -2,9 +2,11 @@ version: '3' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ./:/emqx_auth_mysql + - ../../:/emqx + working_dir: /emqx networks: - emqx_bridge depends_on: @@ -12,6 +14,7 @@ services: tty: true mysql_server: + container_name: mysql image: mysql:${MYSQL_TAG} restart: always environment: @@ -32,3 +35,12 @@ services: networks: emqx_bridge: driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/.ci/compatibility_tests/docker-compose-pgsql-tls.yaml b/.ci/compatibility_tests/docker-compose-pgsql-tls.yaml new file mode 100644 index 000000000..35460e139 --- /dev/null +++ b/.ci/compatibility_tests/docker-compose-pgsql-tls.yaml @@ -0,0 +1,45 @@ +version: '3' + +services: + erlang: + container_name: erlang + image: erlang:22.3 + volumes: + - ../../:/emqx + working_dir: /emqx + networks: + - emqx_bridge + depends_on: + - pgsql_server + tty: true + + pgsql_server: + container_name: pgsql + image: postgres:${PGSQL_TAG} + restart: always + environment: + POSTGRES_PASSWORD: public + POSTGRES_USER: root + POSTGRES_DB: mqtt + volumes: + - ../../apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/pg.conf:/etc/postgresql/postgresql.conf + - ../../apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/server-cert.pem:/etc/postgresql/server-cert.pem + - ../../apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/server-key.pem:/etc/postgresql/server-key.pem + command: + - -c + - config_file=/etc/postgresql/postgresql.conf + networks: + - emqx_bridge + +networks: + emqx_bridge: + driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_pgsql/.ci/docker-compose.yml b/.ci/compatibility_tests/docker-compose-pgsql.yaml similarity index 50% rename from apps/emqx_auth_pgsql/.ci/docker-compose.yml rename to .ci/compatibility_tests/docker-compose-pgsql.yaml index 8782a841d..a1f578eaa 100644 --- a/apps/emqx_auth_pgsql/.ci/docker-compose.yml +++ b/.ci/compatibility_tests/docker-compose-pgsql.yaml @@ -2,9 +2,11 @@ version: '3' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ../:/emqx_auth_pgsql + - ../../:/emqx + working_dir: /emqx networks: - emqx_bridge depends_on: @@ -12,11 +14,8 @@ services: tty: true pgsql_server: - build: - context: ./pgsql - args: - BUILD_FROM: postgres:${PGSQL_TAG} - image: emqx-pgsql + container_name: pgsql + image: postgres:${PGSQL_TAG} restart: always environment: POSTGRES_PASSWORD: public @@ -28,3 +27,12 @@ services: networks: emqx_bridge: driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_redis/.ci/docker-compose-cluster-tls.yml b/.ci/compatibility_tests/docker-compose-redis-cluster-tls.yaml similarity index 78% rename from apps/emqx_auth_redis/.ci/docker-compose-cluster-tls.yml rename to .ci/compatibility_tests/docker-compose-redis-cluster-tls.yaml index 3b6656d8b..0048d94f5 100644 --- a/apps/emqx_auth_redis/.ci/docker-compose-cluster-tls.yml +++ b/.ci/compatibility_tests/docker-compose-redis-cluster-tls.yaml @@ -4,20 +4,22 @@ version: '2.4' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ../:/emqx_auth_redis + - ../..:/emqx networks: - app_net depends_on: - redis_cluster + working_dir: /emqx tty: true redis_cluster: - image: redis:6.0.9 - container_name: redis-cluster + container_name: redis + image: redis:${REDIS_TAG} volumes: - - ../test/emqx_auth_redis_SUITE_data/certs:/tls + - ../../apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs:/tls - ./redis/:/data/conf command: bash -c "/bin/bash /data/conf/redis.sh --node cluster --tls-enabled && while true; do echo 1; sleep 1; done" networks: @@ -36,4 +38,4 @@ networks: - subnet: 172.16.239.0/24 gateway: 172.16.239.1 - subnet: 2001:3200:3200::/64 - gateway: 2001:3200:3200::1 \ No newline at end of file + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_redis/.ci/docker-compose-cluster.yml b/.ci/compatibility_tests/docker-compose-redis-cluster.yaml similarity index 86% rename from apps/emqx_auth_redis/.ci/docker-compose-cluster.yml rename to .ci/compatibility_tests/docker-compose-redis-cluster.yaml index 1406e67b4..01d4b7cb7 100644 --- a/apps/emqx_auth_redis/.ci/docker-compose-cluster.yml +++ b/.ci/compatibility_tests/docker-compose-redis-cluster.yaml @@ -4,18 +4,20 @@ version: '2.4' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ../:/emqx_auth_redis + - ../..:/emqx networks: - app_net depends_on: - redis_cluster + working_dir: /emqx tty: true redis_cluster: image: redis:${REDIS_TAG} - container_name: redis-cluster + container_name: redis volumes: - ./redis/:/data/conf command: bash -c "/bin/bash /data/conf/redis.sh --node cluster && while true; do echo 1; sleep 1; done" @@ -35,4 +37,4 @@ networks: - subnet: 172.16.239.0/24 gateway: 172.16.239.1 - subnet: 2001:3200:3200::/64 - gateway: 2001:3200:3200::1 \ No newline at end of file + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_redis/.ci/docker-compose-sentinel.yml b/.ci/compatibility_tests/docker-compose-redis-sentinel.yaml similarity index 86% rename from apps/emqx_auth_redis/.ci/docker-compose-sentinel.yml rename to .ci/compatibility_tests/docker-compose-redis-sentinel.yaml index a1709c9b1..54c621130 100644 --- a/apps/emqx_auth_redis/.ci/docker-compose-sentinel.yml +++ b/.ci/compatibility_tests/docker-compose-redis-sentinel.yaml @@ -4,18 +4,20 @@ version: '2.4' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ../:/emqx_auth_redis + - ../..:/emqx networks: - app_net depends_on: - redis_cluster + working_dir: /emqx tty: true redis_cluster: + container_name: redis image: redis:${REDIS_TAG} - container_name: redis-cluster volumes: - ./redis/:/data/conf command: bash -c "/bin/bash /data/conf/redis.sh --node sentinel && while true; do echo 1; sleep 1; done" @@ -35,4 +37,4 @@ networks: - subnet: 172.16.239.0/24 gateway: 172.16.239.1 - subnet: 2001:3200:3200::/64 - gateway: 2001:3200:3200::1 \ No newline at end of file + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_redis/.ci/docker-compose-tls.yml b/.ci/compatibility_tests/docker-compose-redis-singer-tls.yaml similarity index 52% rename from apps/emqx_auth_redis/.ci/docker-compose-tls.yml rename to .ci/compatibility_tests/docker-compose-redis-singer-tls.yaml index 2247cd21b..643f18755 100644 --- a/apps/emqx_auth_redis/.ci/docker-compose-tls.yml +++ b/.ci/compatibility_tests/docker-compose-redis-singer-tls.yaml @@ -2,19 +2,22 @@ version: '3' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ../:/emqx_auth_redis + - ../..:/emqx networks: - emqx_bridge depends_on: - redis_server + working_dir: /emqx tty: true redis_server: - image: redis:6.0.9 + container_name: redis + image: redis:${REDIS_TAG} volumes: - - ../test/emqx_auth_redis_SUITE_data/certs:/tls + - ../../apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs:/tls command: - redis-server - "--bind 0.0.0.0 ::" @@ -29,3 +32,12 @@ services: networks: emqx_bridge: driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/apps/emqx_auth_redis/.ci/docker-compose.yml b/.ci/compatibility_tests/docker-compose-redis-singer.yaml similarity index 52% rename from apps/emqx_auth_redis/.ci/docker-compose.yml rename to .ci/compatibility_tests/docker-compose-redis-singer.yaml index 6716262ad..2f7c73d53 100644 --- a/apps/emqx_auth_redis/.ci/docker-compose.yml +++ b/.ci/compatibility_tests/docker-compose-redis-singer.yaml @@ -2,16 +2,19 @@ version: '3' services: erlang: + container_name: erlang image: erlang:22.3 volumes: - - ../:/emqx_auth_redis + - ../..:/emqx networks: - emqx_bridge depends_on: - redis_server + working_dir: /emqx tty: true redis_server: + container_name: redis image: redis:${REDIS_TAG} command: - redis-server @@ -23,3 +26,12 @@ services: networks: emqx_bridge: driver: bridge + name: emqx_bridge + enable_ipv6: true + ipam: + driver: default + config: + - subnet: 172.100.100.0/24 + gateway: 172.100.100.1 + - subnet: 2001:3200:3200::/64 + gateway: 2001:3200:3200::1 diff --git a/.ci/compatibility_tests/openldap/Dockerfile b/.ci/compatibility_tests/openldap/Dockerfile new file mode 100644 index 000000000..a0cf7d25e --- /dev/null +++ b/.ci/compatibility_tests/openldap/Dockerfile @@ -0,0 +1,26 @@ +FROM buildpack-deps:stretch + +ARG LDAP_TAG=2.4.50 + +RUN apt-get update && apt-get install -y groff groff-base +RUN wget ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-${LDAP_TAG}.tgz \ + && gunzip -c openldap-${LDAP_TAG}.tgz | tar xvfB - \ + && cd openldap-${LDAP_TAG} \ + && ./configure && make depend && make && make install \ + && cd .. && rm -rf openldap-${LDAP_TAG} + +COPY ./slapd.conf /usr/local/etc/openldap/slapd.conf +COPY ./schema/emqx.io.ldif /usr/local/etc/openldap/schema/emqx.io.ldif +COPY ./schema/emqx.schema /usr/local/etc/openldap/schema/emqx.schema +COPY ./certs/*.pem /usr/local/etc/openldap/ + +RUN mkdir -p /usr/local/etc/openldap/data \ + && slapadd -l /usr/local/etc/openldap/schema/emqx.io.ldif -f /usr/local/etc/openldap/slapd.conf + +WORKDIR /usr/local/etc/openldap + +EXPOSE 389 636 + +ENTRYPOINT ["/usr/local/libexec/slapd", "-h", "ldap:/// ldaps:///", "-d", "3", "-f", "/usr/local/etc/openldap/slapd.conf"] + +CMD [] diff --git a/.ci/compatibility_tests/openldap/certs/cacert.pem b/.ci/compatibility_tests/openldap/certs/cacert.pem new file mode 100644 index 000000000..604fd2362 --- /dev/null +++ b/.ci/compatibility_tests/openldap/certs/cacert.pem @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDUTCCAjmgAwIBAgIJAPPYCjTmxdt/MA0GCSqGSIb3DQEBCwUAMD8xCzAJBgNV +BAYTAkNOMREwDwYDVQQIDAhoYW5nemhvdTEMMAoGA1UECgwDRU1RMQ8wDQYDVQQD +DAZSb290Q0EwHhcNMjAwNTA4MDgwNjUyWhcNMzAwNTA2MDgwNjUyWjA/MQswCQYD +VQQGEwJDTjERMA8GA1UECAwIaGFuZ3pob3UxDDAKBgNVBAoMA0VNUTEPMA0GA1UE +AwwGUm9vdENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzcgVLex1 +EZ9ON64EX8v+wcSjzOZpiEOsAOuSXOEN3wb8FKUxCdsGrsJYB7a5VM/Jot25Mod2 +juS3OBMg6r85k2TWjdxUoUs+HiUB/pP/ARaaW6VntpAEokpij/przWMPgJnBF3Ur +MjtbLayH9hGmpQrI5c2vmHQ2reRZnSFbY+2b8SXZ+3lZZgz9+BaQYWdQWfaUWEHZ +uDaNiViVO0OT8DRjCuiDp3yYDj3iLWbTA/gDL6Tf5XuHuEwcOQUrd+h0hyIphO8D +tsrsHZ14j4AWYLk1CPA6pq1HIUvEl2rANx2lVUNv+nt64K/Mr3RnVQd9s8bK+TXQ +KGHd2Lv/PALYuwIDAQABo1AwTjAdBgNVHQ4EFgQUGBmW+iDzxctWAWxmhgdlE8Pj +EbQwHwYDVR0jBBgwFoAUGBmW+iDzxctWAWxmhgdlE8PjEbQwDAYDVR0TBAUwAwEB +/zANBgkqhkiG9w0BAQsFAAOCAQEAGbhRUjpIred4cFAFJ7bbYD9hKu/yzWPWkMRa +ErlCKHmuYsYk+5d16JQhJaFy6MGXfLgo3KV2itl0d+OWNH0U9ULXcglTxy6+njo5 +CFqdUBPwN1jxhzo9yteDMKF4+AHIxbvCAJa17qcwUKR5MKNvv09C6pvQDJLzid7y +E2dkgSuggik3oa0427KvctFf8uhOV94RvEDyqvT5+pgNYZ2Yfga9pD/jjpoHEUlo +88IGU8/wJCx3Ds2yc8+oBg/ynxG8f/HmCC1ET6EHHoe2jlo8FpU/SgGtghS1YL30 +IWxNsPrUP+XsZpBJy/mvOhE5QXo6Y35zDqqj8tI7AGmAWu22jg== +-----END CERTIFICATE----- diff --git a/.ci/compatibility_tests/openldap/certs/cert.pem b/.ci/compatibility_tests/openldap/certs/cert.pem new file mode 100644 index 000000000..092390b1d --- /dev/null +++ b/.ci/compatibility_tests/openldap/certs/cert.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDEzCCAfugAwIBAgIBAjANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJDTjER +MA8GA1UECAwIaGFuZ3pob3UxDDAKBgNVBAoMA0VNUTEPMA0GA1UEAwwGUm9vdENB +MB4XDTIwMDUwODA4MDcwNVoXDTMwMDUwNjA4MDcwNVowPzELMAkGA1UEBhMCQ04x +ETAPBgNVBAgMCGhhbmd6aG91MQwwCgYDVQQKDANFTVExDzANBgNVBAMMBlNlcnZl +cjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALNeWT3pE+QFfiRJzKmn +AMUrWo3K2j/Tm3+Xnl6WLz67/0rcYrJbbKvS3uyRP/stXyXEKw9CepyQ1ViBVFkW +Aoy8qQEOWFDsZc/5UzhXUnb6LXr3qTkFEjNmhj+7uzv/lbBxlUG1NlYzSeOB6/RT +8zH/lhOeKhLnWYPXdXKsa1FL6ij4X8DeDO1kY7fvAGmBn/THh1uTpDizM4YmeI+7 +4dmayA5xXvARte5h4Vu5SIze7iC057N+vymToMk2Jgk+ZZFpyXrnq+yo6RaD3ANc +lrc4FbeUQZ5a5s5Sxgs9a0Y3WMG+7c5VnVXcbjBRz/aq2NtOnQQjikKKQA8GF080 +BQkCAwEAAaMaMBgwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQEL +BQADggEBAJefnMZpaRDHQSNUIEL3iwGXE9c6PmIsQVE2ustr+CakBp3TZ4l0enLt +iGMfEVFju69cO4oyokWv+hl5eCMkHBf14Kv51vj448jowYnF1zmzn7SEzm5Uzlsa +sqjtAprnLyof69WtLU1j5rYWBuFX86yOTwRAFNjm9fvhAcrEONBsQtqipBWkMROp +iUYMkRqbKcQMdwxov+lHBYKq9zbWRoqLROAn54SRqgQk6c15JdEfgOOjShbsOkIH +UhqcwRkQic7n1zwHVGVDgNIZVgmJ2IdIWBlPEC7oLrRrBD/X1iEEXtKab6p5o22n +KB5mN+iQaE+Oe2cpGKZJiJRdM+IqDDQ= +-----END CERTIFICATE----- diff --git a/.ci/compatibility_tests/openldap/certs/client-cert.pem b/.ci/compatibility_tests/openldap/certs/client-cert.pem new file mode 100644 index 000000000..09d855221 --- /dev/null +++ b/.ci/compatibility_tests/openldap/certs/client-cert.pem @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDEzCCAfugAwIBAgIBATANBgkqhkiG9w0BAQsFADA/MQswCQYDVQQGEwJDTjER +MA8GA1UECAwIaGFuZ3pob3UxDDAKBgNVBAoMA0VNUTEPMA0GA1UEAwwGUm9vdENB +MB4XDTIwMDUwODA4MDY1N1oXDTMwMDUwNjA4MDY1N1owPzELMAkGA1UEBhMCQ04x +ETAPBgNVBAgMCGhhbmd6aG91MQwwCgYDVQQKDANFTVExDzANBgNVBAMMBkNsaWVu +dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMy4hoksKcZBDbY680u6 +TS25U51nuB1FBcGMlF9B/t057wPOlxF/OcmbxY5MwepS41JDGPgulE1V7fpsXkiW +1LUimYV/tsqBfymIe0mlY7oORahKji7zKQ2UBIVFhdlvQxunlIDnw6F9popUgyHt +dMhtlgZK8oqRwHxO5dbfoukYd6J/r+etS5q26sgVkf3C6dt0Td7B25H9qW+f7oLV +PbcHYCa+i73u9670nrpXsC+Qc7Mygwa2Kq/jwU+ftyLQnOeW07DuzOwsziC/fQZa +nbxR+8U9FNftgRcC3uP/JMKYUqsiRAuaDokARZxVTV5hUElfpO6z6/NItSDvvh3i +eikCAwEAAaMaMBgwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwDQYJKoZIhvcNAQEL +BQADggEBABchYxKo0YMma7g1qDswJXsR5s56Czx/I+B41YcpMBMTrRqpUC0nHtLk +M7/tZp592u/tT8gzEnQjZLKBAhFeZaR3aaKyknLqwiPqJIgg0pgsBGITrAK3Pv4z +5/YvAJJKgTe5UdeTz6U4lvNEux/4juZ4pmqH4qSFJTOzQS7LmgSmNIdd072rwXBd +UzcSHzsJgEMb88u/LDLjj1pQ7AtZ4Tta8JZTvcgBFmjB0QUi6fgkHY6oGat/W4kR +jSRUBlMUbM/drr2PVzRc2dwbFIl3X+ZE6n5Sl3ZwRAC/s92JU6CPMRW02muVu6xl +goraNgPISnrbpR6KjxLZkVembXzjNNc= +-----END CERTIFICATE----- diff --git a/.ci/compatibility_tests/openldap/certs/client-key.pem b/.ci/compatibility_tests/openldap/certs/client-key.pem new file mode 100644 index 000000000..2b3f30cf6 --- /dev/null +++ b/.ci/compatibility_tests/openldap/certs/client-key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAzLiGiSwpxkENtjrzS7pNLblTnWe4HUUFwYyUX0H+3TnvA86X +EX85yZvFjkzB6lLjUkMY+C6UTVXt+mxeSJbUtSKZhX+2yoF/KYh7SaVjug5FqEqO +LvMpDZQEhUWF2W9DG6eUgOfDoX2milSDIe10yG2WBkryipHAfE7l1t+i6Rh3on+v +561LmrbqyBWR/cLp23RN3sHbkf2pb5/ugtU9twdgJr6Lve73rvSeulewL5BzszKD +BrYqr+PBT5+3ItCc55bTsO7M7CzOIL99BlqdvFH7xT0U1+2BFwLe4/8kwphSqyJE +C5oOiQBFnFVNXmFQSV+k7rPr80i1IO++HeJ6KQIDAQABAoIBAGWgvPjfuaU3qizq +uti/FY07USz0zkuJdkANH6LiSjlchzDmn8wJ0pApCjuIE0PV/g9aS8z4opp5q/gD +UBLM/a8mC/xf2EhTXOMrY7i9p/I3H5FZ4ZehEqIw9sWKK9YzC6dw26HabB2BGOnW +5nozPSQ6cp2RGzJ7BIkxSZwPzPnVTgy3OAuPOiJytvK+hGLhsNaT+Y9bNDvplVT2 +ZwYTV8GlHZC+4b2wNROILm0O86v96O+Qd8nn3fXjGHbMsAnONBq10bZS16L4fvkH +5G+W/1PeSXmtZFppdRRDxIW+DWcXK0D48WRliuxcV4eOOxI+a9N2ZJZZiNLQZGwg +w3A8+mECgYEA8HuJFrlRvdoBe2U/EwUtG74dcyy30L4yEBnN5QscXmEEikhaQCfX +Wm6EieMcIB/5I5TQmSw0cmBMeZjSXYoFdoI16/X6yMMuATdxpvhOZGdUGXxhAH+x +xoTUavWZnEqW3fkUU71kT5E2f2i+0zoatFESXHeslJyz85aAYpP92H0CgYEA2e5A +Yozt5eaA1Gyhd8SeptkEU4xPirNUnVQHStpMWUb1kzTNXrPmNWccQ7JpfpG6DcYl +zUF6p6mlzY+zkMiyPQjwEJlhiHM2NlL1QS7td0R8ewgsFoyn8WsBI4RejWrEG9td +EDniuIw+pBFkcWthnTLHwECHdzgquToyTMjrBB0CgYEA28tdGbrZXhcyAZEhHAZA +Gzog+pKlkpEzeonLKIuGKzCrEKRecIK5jrqyQsCjhS0T7ZRnL4g6i0s+umiV5M5w +fcc292pEA1h45L3DD6OlKplSQVTv55/OYS4oY3YEJtf5mfm8vWi9lQeY8sxOlQpn +O+VZTdBHmTC8PGeTAgZXHZUCgYA6Tyv88lYowB7SN2qQgBQu8jvdGtqhcs/99GCr +H3N0I69LPsKAR0QeH8OJPXBKhDUywESXAaEOwS5yrLNP1tMRz5Vj65YUCzeDG3kx +gpvY4IMp7ArX0bSRvJ6mYSFnVxy3k174G3TVCfksrtagHioVBGQ7xUg5ltafjrms +n8l55QKBgQDVzU8tQvBVqY8/1lnw11Vj4fkE/drZHJ5UkdC1eenOfSWhlSLfUJ8j +ds7vEWpRPPoVuPZYeR1y78cyxKe1GBx6Wa2lF5c7xjmiu0xbRnrxYeLolce9/ntp +asClqpnHT8/VJYTD7Kqj0fouTTZf0zkig/y+2XERppd8k+pSKjUCPQ== +-----END RSA PRIVATE KEY----- diff --git a/.ci/compatibility_tests/openldap/certs/key.pem b/.ci/compatibility_tests/openldap/certs/key.pem new file mode 100644 index 000000000..6c338216e --- /dev/null +++ b/.ci/compatibility_tests/openldap/certs/key.pem @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEowIBAAKCAQEAs15ZPekT5AV+JEnMqacAxStajcraP9Obf5eeXpYvPrv/Stxi +sltsq9Le7JE/+y1fJcQrD0J6nJDVWIFUWRYCjLypAQ5YUOxlz/lTOFdSdvotevep +OQUSM2aGP7u7O/+VsHGVQbU2VjNJ44Hr9FPzMf+WE54qEudZg9d1cqxrUUvqKPhf +wN4M7WRjt+8AaYGf9MeHW5OkOLMzhiZ4j7vh2ZrIDnFe8BG17mHhW7lIjN7uILTn +s36/KZOgyTYmCT5lkWnJeuer7KjpFoPcA1yWtzgVt5RBnlrmzlLGCz1rRjdYwb7t +zlWdVdxuMFHP9qrY206dBCOKQopADwYXTzQFCQIDAQABAoIBAQCuvCbr7Pd3lvI/ +n7VFQG+7pHRe1VKwAxDkx2t8cYos7y/QWcm8Ptwqtw58HzPZGWYrgGMCRpzzkRSF +V9g3wP1S5Scu5C6dBu5YIGc157tqNGXB+SpdZddJQ4Nc6yGHXYERllT04ffBGc3N +WG/oYS/1cSteiSIrsDy/91FvGRCi7FPxH3wIgHssY/tw69s1Cfvaq5lr2NTFzxIG +xCvpJKEdSfVfS9I7LYiymVjst3IOR/w76/ZFY9cRa8ZtmQSWWsm0TUpRC1jdcbkm +ZoJptYWlP+gSwx/fpMYftrkJFGOJhHJHQhwxT5X/ajAISeqjjwkWSEJLwnHQd11C +Zy2+29lBAoGBANlEAIK4VxCqyPXNKfoOOi5dS64NfvyH4A1v2+KaHWc7lqaqPN49 +ezfN2n3X+KWx4cviDD914Yc2JQ1vVJjSaHci7yivocDo2OfZDmjBqzaMp/y+rX1R +/f3MmiTqMa468rjaxI9RRZu7vDgpTR+za1+OBCgMzjvAng8dJuN/5gjlAoGBANNY +uYPKtearBmkqdrSV7eTUe49Nhr0XotLaVBH37TCW0Xv9wjO2xmbm5Ga/DCtPIsBb +yPeYwX9FjoasuadUD7hRvbFu6dBa0HGLmkXRJZTcD7MEX2Lhu4BuC72yDLLFd0r+ +Ep9WP7F5iJyagYqIZtz+4uf7gBvUDdmvXz3sGr1VAoGAdXTD6eeKeiI6PlhKBztF +zOb3EQOO0SsLv3fnodu7ZaHbUgLaoTMPuB17r2jgrYM7FKQCBxTNdfGZmmfDjlLB +0xZ5wL8ibU30ZXL8zTlWPElST9sto4B+FYVVF/vcG9sWeUUb2ncPcJ/Po3UAktDG +jYQTTyuNGtSJHpad/YOZctkCgYBtWRaC7bq3of0rJGFOhdQT9SwItN/lrfj8hyHA +OjpqTV4NfPmhsAtu6j96OZaeQc+FHvgXwt06cE6Rt4RG4uNPRluTFgO7XYFDfitP +vCppnoIw6S5BBvHwPP+uIhUX2bsi/dm8vu8tb+gSvo4PkwtFhEr6I9HglBKmcmog +q6waEQKBgHyecFBeM6Ls11Cd64vborwJPAuxIW7HBAFj/BS99oeG4TjBx4Sz2dFd +rzUibJt4ndnHIvCN8JQkjNG14i9hJln+H3mRss8fbZ9vQdqG+2vOWADYSzzsNI55 +RFY7JjluKcVkp/zCDeUxTU3O6sS+v6/3VE11Cob6OYQx3lN5wrZ3 +-----END RSA PRIVATE KEY----- diff --git a/.ci/compatibility_tests/openldap/schema/emqx.io.ldif b/.ci/compatibility_tests/openldap/schema/emqx.io.ldif new file mode 100644 index 000000000..f9833cd88 --- /dev/null +++ b/.ci/compatibility_tests/openldap/schema/emqx.io.ldif @@ -0,0 +1,135 @@ +## create emqx.io + +dn:dc=emqx,dc=io +objectclass: top +objectclass: dcobject +objectclass: organization +dc:emqx +o:emqx,Inc. + +# create testdevice.emqx.io +dn:ou=testdevice,dc=emqx,dc=io +objectClass: top +objectclass:organizationalUnit +ou:testdevice + +# create user admin +dn:uid=admin,ou=testdevice,dc=emqx,dc=io +objectClass: top +objectClass: simpleSecurityObject +objectClass: account +userPassword:: e1NIQX1XNnBoNU1tNVB6OEdnaVVMYlBnekczN21qOWc9 +uid: admin + +## create user=mqttuser0001, +# password=mqttuser0001, +# passhash={SHA}mlb3fat40MKBTXUVZwCKmL73R/0= +# base64passhash=e1NIQX1tbGIzZmF0NDBNS0JUWFVWWndDS21MNzNSLzA9 +dn:uid=mqttuser0001,ou=testdevice,dc=emqx,dc=io +objectClass: top +objectClass: mqttUser +objectClass: mqttDevice +objectClass: mqttSecurity +uid: mqttuser0001 +isEnabled: TRUE +mqttAccountName: user1 +mqttPublishTopic: mqttuser0001/pub/1 +mqttPublishTopic: mqttuser0001/pub/+ +mqttPublishTopic: mqttuser0001/pub/# +mqttSubscriptionTopic: mqttuser0001/sub/1 +mqttSubscriptionTopic: mqttuser0001/sub/+ +mqttSubscriptionTopic: mqttuser0001/sub/# +mqttPubSubTopic: mqttuser0001/pubsub/1 +mqttPubSubTopic: mqttuser0001/pubsub/+ +mqttPubSubTopic: mqttuser0001/pubsub/# +userPassword:: e1NIQX1tbGIzZmF0NDBNS0JUWFVWWndDS21MNzNSLzA9 + +## create user=mqttuser0002 +# password=mqttuser0002, +# passhash={SSHA}n9XdtoG4Q/TQ3TQF4Y+khJbMBH4qXj4M +# base64passhash=e1NTSEF9bjlYZHRvRzRRL1RRM1RRRjRZK2toSmJNQkg0cVhqNE0= +dn:uid=mqttuser0002,ou=testdevice,dc=emqx,dc=io +objectClass: top +objectClass: mqttUser +objectClass: mqttDevice +objectClass: mqttSecurity +uid: mqttuser0002 +isEnabled: TRUE +mqttAccountName: user2 +mqttPublishTopic: mqttuser0002/pub/1 +mqttPublishTopic: mqttuser0002/pub/+ +mqttPublishTopic: mqttuser0002/pub/# +mqttSubscriptionTopic: mqttuser0002/sub/1 +mqttSubscriptionTopic: mqttuser0002/sub/+ +mqttSubscriptionTopic: mqttuser0002/sub/# +mqttPubSubTopic: mqttuser0002/pubsub/1 +mqttPubSubTopic: mqttuser0002/pubsub/+ +mqttPubSubTopic: mqttuser0002/pubsub/# +userPassword:: e1NTSEF9bjlYZHRvRzRRL1RRM1RRRjRZK2toSmJNQkg0cVhqNE0= + +## create user mqttuser0003 +# password=mqttuser0003, +# passhash={MD5}ybsPGoaK3nDyiQvveiCOIw== +# base64passhash=e01ENX15YnNQR29hSzNuRHlpUXZ2ZWlDT0l3PT0= +dn:uid=mqttuser0003,ou=testdevice,dc=emqx,dc=io +objectClass: top +objectClass: mqttUser +objectClass: mqttDevice +objectClass: mqttSecurity +uid: mqttuser0003 +isEnabled: TRUE +mqttPublishTopic: mqttuser0003/pub/1 +mqttPublishTopic: mqttuser0003/pub/+ +mqttPublishTopic: mqttuser0003/pub/# +mqttSubscriptionTopic: mqttuser0003/sub/1 +mqttSubscriptionTopic: mqttuser0003/sub/+ +mqttSubscriptionTopic: mqttuser0003/sub/# +mqttPubSubTopic: mqttuser0003/pubsub/1 +mqttPubSubTopic: mqttuser0003/pubsub/+ +mqttPubSubTopic: mqttuser0003/pubsub/# +userPassword:: e01ENX15YnNQR29hSzNuRHlpUXZ2ZWlDT0l3PT0= + +## create user mqttuser0004 +# password=mqttuser0004, +# passhash={MD5}2Br6pPDSEDIEvUlu9+s+MA== +# base64passhash=e01ENX0yQnI2cFBEU0VESUV2VWx1OStzK01BPT0= +dn:uid=mqttuser0004,ou=testdevice,dc=emqx,dc=io +objectClass: top +objectClass: mqttUser +objectClass: mqttDevice +objectClass: mqttSecurity +uid: mqttuser0004 +isEnabled: TRUE +mqttPublishTopic: mqttuser0004/pub/1 +mqttPublishTopic: mqttuser0004/pub/+ +mqttPublishTopic: mqttuser0004/pub/# +mqttSubscriptionTopic: mqttuser0004/sub/1 +mqttSubscriptionTopic: mqttuser0004/sub/+ +mqttSubscriptionTopic: mqttuser0004/sub/# +mqttPubSubTopic: mqttuser0004/pubsub/1 +mqttPubSubTopic: mqttuser0004/pubsub/+ +mqttPubSubTopic: mqttuser0004/pubsub/# +userPassword: {MD5}2Br6pPDSEDIEvUlu9+s+MA== + +## create user mqttuser0005 +# password=mqttuser0005, +# passhash={SHA}jKnxeEDGR14kE8AR7yuVFOelhz4= +# base64passhash=e1NIQX1qS254ZUVER1IxNGtFOEFSN3l1VkZPZWxoejQ9 +objectClass: top +dn:uid=mqttuser0005,ou=testdevice,dc=emqx,dc=io +objectClass: mqttUser +objectClass: mqttDevice +objectClass: mqttSecurity +uid: mqttuser0005 +isEnabled: TRUE +mqttPublishTopic: mqttuser0005/pub/1 +mqttPublishTopic: mqttuser0005/pub/+ +mqttPublishTopic: mqttuser0005/pub/# +mqttSubscriptionTopic: mqttuser0005/sub/1 +mqttSubscriptionTopic: mqttuser0005/sub/+ +mqttSubscriptionTopic: mqttuser0005/sub/# +mqttPubSubTopic: mqttuser0005/pubsub/1 +mqttPubSubTopic: mqttuser0005/pubsub/+ +mqttPubSubTopic: mqttuser0005/pubsub/# +userPassword: {SHA}jKnxeEDGR14kE8AR7yuVFOelhz4= + diff --git a/.ci/compatibility_tests/openldap/schema/emqx.schema b/.ci/compatibility_tests/openldap/schema/emqx.schema new file mode 100644 index 000000000..55f92269b --- /dev/null +++ b/.ci/compatibility_tests/openldap/schema/emqx.schema @@ -0,0 +1,46 @@ +# +# Preliminary Apple OS X Native LDAP Schema +# This file is subject to change. +# +attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.1.3 NAME 'isEnabled' + EQUALITY booleanMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 + SINGLE-VALUE + USAGE userApplications ) + +attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.1 NAME ( 'mqttPublishTopic' 'mpt' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + USAGE userApplications ) +attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.2 NAME ( 'mqttSubscriptionTopic' 'mst' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + USAGE userApplications ) +attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.3 NAME ( 'mqttPubSubTopic' 'mpst' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + USAGE userApplications ) +attributetype ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4.4 NAME ( 'mqttAccountName' 'man' ) + EQUALITY caseIgnoreMatch + SUBSTR caseIgnoreSubstringsMatch + SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 + USAGE userApplications ) + + +objectclass ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.4 NAME 'mqttUser' + AUXILIARY + MAY ( mqttPublishTopic $ mqttSubscriptionTopic $ mqttPubSubTopic $ mqttAccountName) ) + +objectclass ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.2 NAME 'mqttDevice' + SUP top + STRUCTURAL + MUST ( uid ) + MAY ( isEnabled ) ) + +objectclass ( 1.3.6.1.4.1.11.2.53.2.2.3.1.2.3.3 NAME 'mqttSecurity' + SUP top + AUXILIARY + MAY ( userPassword $ userPKCS12 $ pwdAttribute $ pwdLockout ) ) diff --git a/.ci/compatibility_tests/openldap/slapd.conf b/.ci/compatibility_tests/openldap/slapd.conf new file mode 100644 index 000000000..d6ba20caa --- /dev/null +++ b/.ci/compatibility_tests/openldap/slapd.conf @@ -0,0 +1,16 @@ +include /usr/local/etc/openldap/schema/core.schema +include /usr/local/etc/openldap/schema/cosine.schema +include /usr/local/etc/openldap/schema/inetorgperson.schema +include /usr/local/etc/openldap/schema/ppolicy.schema +include /usr/local/etc/openldap/schema/emqx.schema + +TLSCACertificateFile /usr/local/etc/openldap/cacert.pem +TLSCertificateFile /usr/local/etc/openldap/cert.pem +TLSCertificateKeyFile /usr/local/etc/openldap/key.pem + +database bdb +suffix "dc=emqx,dc=io" +rootdn "cn=root,dc=emqx,dc=io" +rootpw {SSHA}eoF7NhNrejVYYyGHqnt+MdKNBh4r1w3W + +directory /usr/local/etc/openldap/data diff --git a/apps/emqx_auth_redis/.ci/redis/redis-tls.conf b/.ci/compatibility_tests/redis/redis-tls.conf similarity index 100% rename from apps/emqx_auth_redis/.ci/redis/redis-tls.conf rename to .ci/compatibility_tests/redis/redis-tls.conf diff --git a/apps/emqx_auth_redis/.ci/redis/redis.conf b/.ci/compatibility_tests/redis/redis.conf similarity index 100% rename from apps/emqx_auth_redis/.ci/redis/redis.conf rename to .ci/compatibility_tests/redis/redis.conf diff --git a/apps/emqx_auth_redis/.ci/redis/redis.sh b/.ci/compatibility_tests/redis/redis.sh similarity index 100% rename from apps/emqx_auth_redis/.ci/redis/redis.sh rename to .ci/compatibility_tests/redis/redis.sh diff --git a/apps/emqx_auth_redis/.ci/redis/sentinel.conf b/.ci/compatibility_tests/redis/sentinel.conf similarity index 100% rename from apps/emqx_auth_redis/.ci/redis/sentinel.conf rename to .ci/compatibility_tests/redis/sentinel.conf diff --git a/.github/workflows/run_cts_tests.yaml b/.github/workflows/run_cts_tests.yaml new file mode 100644 index 000000000..3119be765 --- /dev/null +++ b/.github/workflows/run_cts_tests.yaml @@ -0,0 +1,300 @@ +name: Compatibility Test Suite + +on: + push: + release: + types: + - published + pull_request: + workflow_dispatch: + repository_dispatch: + types: [run_actions] + +jobs: + ldap: + runs-on: ubuntu-20.04 + + strategy: + matrix: + ldap_tag: + - 2.4.50 + network_type: + - ipv4 + - ipv6 + + steps: + - uses: actions/checkout@v1 + - name: setup + env: + LDAP_TAG: ${{ matrix.ldap_tag }} + run: | + cp -f apps/emqx_auth_ldap/emqx.io.ldif .ci/apps_tests/emqx_ldap/schema + cp -f apps/emqx_auth_ldap/emqx.schema .ci/apps_tests/emqx_ldap/schema + cp -f apps/emqx_auth_ldap/test/certs/* .ci/apps_tests/emqx_ldap/certs + docker-compose -f .ci/apps_tests/docker-compose.yaml build --no-cache + docker-compose -f .ci/compatibility_tests/docker-compose-ldap.yaml up -d + - name: setup + if: matrix.network_type == 'ipv4' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' ldap) + sed -i "/auth.ldap.servers/c auth.ldap.servers = $server_address" apps/emqx_auth_ldap/etc/emqx_auth_ldap.conf + - name: setup + if: matrix.network_type == 'ipv6' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' ldap) + sed -i "/auth.ldap.servers/c auth.ldap.servers = $server_address" apps/emqx_auth_ldap/etc/emqx_auth_ldap.conf + - name: run test cases + run: | + docker exec -i erlang sh -c "make ensure-rebar3" + docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_ldap" + docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_ldap" + - uses: actions/upload-artifact@v1 + if: failure() + with: + name: logs_ldap${{ matrix.ldap_tag }}_${{ matrix.network_type }} + path: _build/test/logs + + mongo: + runs-on: ubuntu-20.04 + + strategy: + matrix: + mongo_tag: + - 3 + - 4 + network_type: + - ipv4 + - ipv6 + connect_type: + - tls + - tcp + + steps: + - uses: actions/checkout@v1 + - name: setup + env: + MONGO_TAG: ${{ matrix.mongo_tag }} + if: matrix.connect_type == 'tls' + run: | + docker-compose -f .ci/compatibility_tests/docker-compose-mongo-tls.yaml up -d + echo 'auth.mongo.ssl = true' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf + echo 'auth.mongo.ssl_opts.cacertfile = /emqx/apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/ca.pem' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf + echo 'auth.mongo.ssl_opts.certfile = /emqx/apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/client-cert.pem' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf + echo 'auth.mongo.ssl_opts.keyfile = /emqx/apps/emqx_auth_mongo/test/emqx_auth_mongo_SUITE_data/client-key.pem' >> apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf + - name: setup + env: + MONGO_TAG: ${{ matrix.mongo_tag }} + if: matrix.connect_type == 'tcp' + run: docker-compose -f .ci/compatibility_tests/docker-compose-mongo.yaml up -d + - name: setup + if: matrix.network_type == 'ipv4' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mongo) + sed -i "/auth.mongo.server/c auth.mongo.server = $server_address:27017" apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf + - name: setup + if: matrix.network_type == 'ipv6' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' mongo) + sed -i "/auth.mongo.server/c auth.mongo.server = $server_address:27017" apps/emqx_auth_mongo/etc/emqx_auth_mongo.conf + - name: run test cases + run: | + docker exec -i erlang sh -c "make ensure-rebar3" + docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_mongo" + docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_mongo" + - uses: actions/upload-artifact@v1 + if: failure() + with: + name: logs_mongo${{ matrix.mongo_tag }}_${{ matrix.network_type }}_${{ matrix.connect_type }} + path: _build/test/logs + + mysql: + runs-on: ubuntu-20.04 + + strategy: + matrix: + mysql_tag: + - 5.7 + - 8 + network_type: + - ipv4 + - ipv6 + connect_type: + - tls + - tcp + + steps: + - uses: actions/checkout@v1 + - name: setup + env: + MYSQL_TAG: ${{ matrix.mysql_tag }} + if: matrix.connect_type == 'tls' + run: | + docker-compose -f .ci/compatibility_tests/docker-compose-mysql-tls.yaml up -d + echo '\n' >> apps/emqx_auth_mongo/etc/emqx_auth_mysql.conf + echo 'auth.mysql.ssl = on' >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf + echo "auth.mysql.ssl.cafile = /emqx/apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/ca.pem" >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf + echo "auth.mysql.ssl.certfile = /emqx/apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/client-cert.pem" >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf + echo "auth.mysql.ssl.keyfile = /emqx/apps/emqx_auth_mysql/test/emqx_auth_mysql_SUITE_data/client-key.pem" >> apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf + - name: setup + env: + MYSQL_TAG: ${{ matrix.mysql_tag }} + if: matrix.connect_type == 'tcp' + run: docker-compose -f .ci/compatibility_tests/docker-compose-mysql.yaml up -d + - name: setup + if: matrix.network_type == 'ipv4' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' mysql) + sed -i "/auth.mysql.server/c auth.mysql.server = $server_address:3306" apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf + - name: setup + if: matrix.network_type == 'ipv6' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' mysql) + sed -i "/auth.mysql.server/c auth.mysql.server = $server_address:3306" apps/emqx_auth_mysql/etc/emqx_auth_mysql.conf + - name: run test cases + run: | + docker exec -i erlang sh -c "make ensure-rebar3" + docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_mysql" + docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_mysql" + - uses: actions/upload-artifact@v1 + if: failure() + with: + name: logs_mysql${{ matrix.mysql_tag }}_${{ matrix.network_type }}_${{ matrix.connect_type }} + path: _build/test/logs + + pgsql: + runs-on: ubuntu-20.04 + + strategy: + matrix: + pgsql_tag: + - 9 + - 10 + - 11 + - 12 + - 13 + network_type: + - ipv4 + - ipv6 + connect_type: + # - tls + - tcp + + steps: + - uses: actions/checkout@v1 + - name: setup + env: + PGSQL_TAG: ${{ matrix.pgsql_tag }} + if: matrix.connect_type == 'tls' + run: | + docker-compose -f .ci/compatibility_tests/docker-compose-pgsql-tls.yaml up -d + echo '\n' >> apps/emqx_auth_mongo/etc/emqx_auth_pgsql.conf + echo 'auth.pgsql.ssl = true' >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf + echo "auth.pgsql.ssl_opts.cacertfile = /emqx/apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/ca.pem" >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf + echo "auth.pgsql.ssl_opts.certfile = /emqx/apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/client-cert.pem" >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf + echo "auth.pgsql.ssl_opts.keyfile = /emqx/apps/emqx_auth_pgsql/test/emqx_auth_pgsql_SUITE_data/client-key.pem" >> apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf + - name: setup + env: + PGSQL_TAG: ${{ matrix.pgsql_tag }} + if: matrix.connect_type == 'tcp' + run: docker-compose -f .ci/compatibility_tests/docker-compose-pgsql.yaml up -d + - name: setup + if: matrix.network_type == 'ipv4' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' pgsql) + sed -i "/auth.pgsql.server/c auth.pgsql.server = $server_address:5432" apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf + - name: setup + if: matrix.network_type == 'ipv6' + run: | + server_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' pgsql) + sed -i "/auth.pgsql.server/c auth.pgsql.server = $server_address:5432" apps/emqx_auth_pgsql/etc/emqx_auth_pgsql.conf + - name: run test cases + run: | + docker exec -i erlang sh -c "make ensure-rebar3" + docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_pgsql" + docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_pgsql" + - uses: actions/upload-artifact@v1 + if: failure() + with: + name: logs_pgsql${{ matrix.pgsql_tag }}_${{ matrix.network_type }}_${{ matrix.connect_type }} + path: _build/test/logs + + redis: + runs-on: ubuntu-20.04 + + strategy: + matrix: + redis_tag: + - 5 + - 6 + network_type: + - ipv4 + - ipv6 + connect_type: + - tls + - tcp + node_type: + - singer + - cluster + + steps: + - uses: actions/checkout@v1 + - name: setup + env: + REDIS_TAG: ${{ matrix.redis_tag }} + if: matrix.connect_type == 'tls' && matrix.redis_tag != '5' + run: | + set -exu + docker-compose -f .ci/compatibility_tests/docker-compose-redis-${{ matrix.node_type }}-tls.yaml up -d + echo '\n' >> apps/emqx_auth_mongo/etc/emqx_auth_redis.conf + echo 'auth.redis.ssl = on' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf + echo 'auth.redis.cafile = /emqx/apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/ca.crt' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf + echo 'auth.redis.certfile = /emqx/apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/redis.crt' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf + echo 'auth.redis.keyfile = /emqx/apps/emqx_auth_redis/test/emqx_auth_redis_SUITE_data/certs/redis.key' >> apps/emqx_auth_redis/etc/emqx_auth_redis.conf + - name: setup + env: + REDIS_TAG: ${{ matrix.redis_tag }} + if: matrix.connect_type == 'tcp' + run: docker-compose -f .ci/compatibility_tests/docker-compose-redis-${{ matrix.node_type }}.yaml up -d + - name: get server address + if: matrix.connect_type == 'tcp' || (matrix.connect_type == 'tls' && matrix.redis_tag != '5') + run: | + set -exu + ipv4_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' redis) + ipv6_address=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.GlobalIPv6Address}}{{end}}' redis) + echo "redis_ipv4_address=$ipv4_address" >> $GITHUB_ENV + echo "redis_ipv6_address=$ipv6_address" >> $GITHUB_ENV + - name: setup + if: matrix.node_type == 'singer' && matrix.connect_type == 'tcp' + run: | + set -exu + sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:6379" apps/emqx_auth_redis/etc/emqx_auth_redis.conf + - name: setup + if: matrix.node_type == 'singer' && matrix.connect_type == 'tls' && matrix.redis_tag != '5' + run: | + set -exu + sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:6380" apps/emqx_auth_redis/etc/emqx_auth_redis.conf + - name: setup + if: matrix.node_type == 'cluster' && matrix.connect_type == 'tcp' + run: | + set -exu + sed -i "/auth.redis.type/c auth.redis.type = cluster" apps/emqx_auth_redis/etc/emqx_auth_redis.conf + sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:7000, ${redis_${{ matrix.network_type }}_address}:7001, ${redis_${{ matrix.network_type }}_address}:7002" apps/emqx_auth_redis/etc/emqx_auth_redis.conf + - name: setup + if: matrix.node_type == 'cluster' && matrix.connect_type == 'tls' && matrix.redis_tag != '5' + run: | + set -exu + sed -i "/auth.redis.type/c auth.redis.type = cluster" apps/emqx_auth_redis/etc/emqx_auth_redis.conf + sed -i "/auth.redis.server/c auth.redis.server = ${redis_${{ matrix.network_type }}_address}:8000, ${redis_${{ matrix.network_type }}_address}:8001, ${redis_${{ matrix.network_type }}_address}:8002" apps/emqx_auth_redis/etc/emqx_auth_redis.conf + - name: run test cases + if: matrix.connect_type == 'tcp' || (matrix.connect_type == 'tls' && matrix.redis_tag != '5') + run: | + docker exec -i erlang sh -c "make ensure-rebar3" + docker exec -i erlang sh -c "./rebar3 eunit --dir apps/emqx_auth_redis" + docker exec -i erlang sh -c "./rebar3 ct --dir apps/emqx_auth_redis" + - uses: actions/upload-artifact@v1 + if: failure() + with: + name: logs_redis${{ matrix.redis_tag }}_${{ matrix.node_type }}_${{ matrix.network_type }}_${{ matrix.connect_type }} + path: _build/test/logs + + diff --git a/.github/workflows/run_test_cases.yaml b/.github/workflows/run_test_cases.yaml index 2fff19748..c1c119d26 100644 --- a/.github/workflows/run_test_cases.yaml +++ b/.github/workflows/run_test_cases.yaml @@ -18,21 +18,21 @@ jobs: strategy: matrix: - mysql_vsn: [5.7, 8] - redis_vsn: [6] - mongo_vsn: [3, 4] - pgsql_vsn: [11, 12, 13] - ldap_vsn: [2.4.50] + mysql_tag: [5.7] + redis_tag: [6] + mongo_tag: [3, 4] + pgsql_tag: [13] + ldap_tag: [2.4.50] steps: - uses: actions/checkout@v2 - name: set up env: - MYSQL_VSN: ${{ matrix.mysql_vsn }} - REDIS_VSN: ${{ matrix.redis_vsn }} - MONGO_VSN: ${{ matrix.mongo_vsn }} - PGSQL_VSN: ${{ matrix.pgsql_vsn }} - LDAP_VSN: ${{ matrix.ldap_vsn }} + MYSQL_TAG: ${{ matrix.mysql_tag }} + REDIS_TAG: ${{ matrix.redis_tag }} + MONGO_TAG: ${{ matrix.mongo_tag }} + PGSQL_TAG: ${{ matrix.pgsql_tag }} + LDAP_TAG: ${{ matrix.ldap_tag }} run: | cp -f apps/emqx_auth_ldap/emqx.io.ldif .ci/apps_tests/emqx_ldap/schema cp -f apps/emqx_auth_ldap/emqx.schema .ci/apps_tests/emqx_ldap/schema @@ -68,9 +68,9 @@ jobs: - uses: actions/upload-artifact@v1 if: failure() with: - name: logs_mysql${{ matrix.mysql_vsn }}_reids${{ matrix.redis_vsn }}_mongo${{ matrix.mongo_vsn }}_pgsql${{ matrix.pgsql_vsn }}_ldap${{ matrix.ldap_vsn }} + name: logs_mysql${{ matrix.mysql_tag }}_reids${{ matrix.redis_tag }}_mongo${{ matrix.mongo_tag }}_pgsql${{ matrix.pgsql_tag }}_ldap${{ matrix.ldap_tag }} path: _build/test/logs - uses: actions/upload-artifact@v1 with: - name: cover_mysql${{ matrix.mysql_vsn }}_reids${{ matrix.redis_vsn }}_mongo${{ matrix.mongo_vsn }}_pgsql${{ matrix.pgsql_vsn }}_ldap${{ matrix.ldap_vsn }} + name: cover_mysql${{ matrix.mysql_tag }}_reids${{ matrix.redis_tag }}_mongo${{ matrix.mongo_tag }}_pgsql${{ matrix.pgsql_tag }}_ldap${{ matrix.ldap_tag }} path: _build/test/cover diff --git a/apps/emqx_auth_mongo/docker-compose.yml b/apps/emqx_auth_mongo/docker-compose.yml deleted file mode 100644 index 9ff9cce23..000000000 --- a/apps/emqx_auth_mongo/docker-compose.yml +++ /dev/null @@ -1,27 +0,0 @@ -version: '3' - -services: - erlang: - image: erlang:22.1 - volumes: - - ./:/emqx_auth_mongo - networks: - - emqx_bridge - depends_on: - - mongo_server - tty: true - - mongo_server: - image: mongo:${MONGO_TAG} - restart: always - environment: - MONGO_INITDB_DATABASE: mqtt - networks: - - emqx_bridge - command: - --ipv6 - --bind_ip_all - -networks: - emqx_bridge: - driver: bridge diff --git a/apps/emqx_auth_pgsql/.ci/pgsql/Dockerfile b/apps/emqx_auth_pgsql/.ci/pgsql/Dockerfile deleted file mode 100644 index 785bb875f..000000000 --- a/apps/emqx_auth_pgsql/.ci/pgsql/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -ARG BUILD_FROM=postgres:11 -FROM ${BUILD_FROM} -COPY pg.conf /etc/postgresql/postgresql.conf -COPY server-cert.pem /etc/postgresql/server-cert.pem -COPY server-key.pem /etc/postgresql/server-key.pem -RUN chown -R postgres:postgres /etc/postgresql \ - && chmod 600 /etc/postgresql/*.pem -CMD ["-c", "config_file=/etc/postgresql/postgresql.conf"] diff --git a/apps/emqx_auth_redis/etc/emqx_auth_redis.conf b/apps/emqx_auth_redis/etc/emqx_auth_redis.conf index 4d6b19b15..f61399242 100644 --- a/apps/emqx_auth_redis/etc/emqx_auth_redis.conf +++ b/apps/emqx_auth_redis/etc/emqx_auth_redis.conf @@ -113,4 +113,5 @@ auth.redis.acl_cmd = HGETALL mqtt_acl:%u ## Client ssl keyfile. ## ## Value: File -#auth.redis.keyfile = path/to/your/keyfile \ No newline at end of file +#auth.redis.keyfile = path/to/your/keyfile +