From 923c354f70e9994732543098f5c62311f6e99a21 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Mon, 8 Jul 2024 12:01:13 -0700 Subject: [PATCH 01/30] test using admin user --- .github/actions/run-ee-server/action.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 0e5ae5e3a..3f4569538 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -32,8 +32,8 @@ runs: run: | crudini --existing=param --set config.conf enterprise-edition hosts '' crudini --existing=param --set config.conf enterprise-edition hosts 127.0.0.1:3000 - crudini --existing=param --set config.conf enterprise-edition user superuser - crudini --existing=param --set config.conf enterprise-edition password superuser + crudini --existing=param --set config.conf enterprise-edition user admin + crudini --existing=param --set config.conf enterprise-edition password admin working-directory: test shell: bash @@ -75,7 +75,7 @@ runs: run: docker run -tid -v $(pwd)/configs:/opt/aerospike/etc -p 3000:3000 --name aerospike $SERVER_IMAGE:${{ inputs.server-tag }} asd --config-file /opt/aerospike/etc/aerospike.conf shell: bash - - name: Create user in database for tests - # Use default admin user to create another user for testing - run: docker exec aerospike asadm --user admin --password admin --enable -e "manage acl create user superuser password superuser roles read-write-udf sys-admin user-admin data-admin" - shell: bash + # - name: Create user in database for tests + # # Use default admin user to create another user for testing + # run: docker exec aerospike asadm --user admin --password admin --enable -e "manage acl create user superuser password superuser roles read-write-udf sys-admin user-admin data-admin" + # shell: bash From d4470ccd14f64149fdeaca3c520e778b7c19bfd9 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 9 Jul 2024 07:33:05 -0700 Subject: [PATCH 02/30] Use Dockerfile --- .github/actions/run-ee-server/action.yml | 42 ++++-------------------- .github/workflows/Dockerfile | 4 +++ 2 files changed, 11 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/Dockerfile diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 47ef6c1f8..0c617fc4b 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -41,56 +41,28 @@ runs: run: mkdir configs shell: bash - - name: Use release server - if: ${{ inputs.use-server-rc == 'false' }} - run: echo "SERVER_IMAGE=aerospike/aerospike-server-enterprise" >> $GITHUB_ENV - shell: bash - - - name: Use release candidate server - if: ${{ inputs.use-server-rc == 'true' }} - run: echo "SERVER_IMAGE=aerospike/aerospike-server-enterprise-rc" >> $GITHUB_ENV - shell: bash - - name: Log into Docker Hub to get server RC if: ${{ inputs.use-server-rc == 'true' }} run: docker login --username ${{ inputs.docker-hub-username }} --password ${{ inputs.docker-hub-password }} shell: bash - - run: docker run -d --name aerospike -p 3000:3000 $SERVER_IMAGE:${{ inputs.server-tag }} - shell: bash + - run: echo SECURITY_IMAGE_TAG=server-ee-${{ inputs.use-server-rc }}:${{ inputs.server-tag }} >> $GITHUB_ENV - - uses: ./.github/actions/wait-for-as-server-to-start - id: wait-for-server1 - with: - container-name: aerospike - is-security-enabled: false - - - name: Get default aerospike.conf from Docker server EE container - run: | - docker cp aerospike:/etc/aerospike/aerospike.conf ./configs/aerospike.conf - docker container stop aerospike - docker container rm aerospike - shell: bash - - - name: Enable security features using aerospike.conf - # Security stanza - run: echo -e "security {\n\tenable-quotas true\n}\n" >> ./aerospike.conf - working-directory: ./configs - shell: bash + - run: docker build . --build-arg rc=${{ inputs.use-server-rc == 'true' && '-rc' || '' }} --build-arg tag=${{ inputs.server-tag }} --tag ${{ env.SECURITY_IMAGE_TAG }} + working-directory: .github/workflows - - name: Run enterprise edition server - run: docker run -tid -v $(pwd)/configs:/opt/aerospike/etc -p 3000:3000 --name aerospike $SERVER_IMAGE:${{ inputs.server-tag }} asd --config-file /opt/aerospike/etc/aerospike.conf + - run: docker run -d --name aerospike -p 3000:3000 ${{ env.SECURITY_IMAGE_TAG }} shell: bash - uses: ./.github/actions/wait-for-as-server-to-start - id: wait-for-server2 + id: wait-for-server1 with: container-name: aerospike - is-security-enabled: true + is-security-enabled: false # Enabling debug logging for workflow runs doesn't show container logs # So we need this step for now - - if: ${{ !cancelled() && (steps.wait-for-server1.outcome == 'failure' || steps.wait-for-server2.outcome == 'failure') }} + - if: ${{ !cancelled() && steps.wait-for-server1.outcome == 'failure' }} name: Print logs to help debug why the server failed to start up run: docker container logs aerospike shell: bash diff --git a/.github/workflows/Dockerfile b/.github/workflows/Dockerfile new file mode 100644 index 000000000..506b53eb9 --- /dev/null +++ b/.github/workflows/Dockerfile @@ -0,0 +1,4 @@ +ARG rc="" +ARG tag=latest +FROM aerospike/aerospike-server-enterprise$rc:$tag +RUN echo -e "security {\n\tenable-quotas true\n}\n" >> /etc/aerospike/aerospike.template.conf From 52c309ac784c8f7290229200de00938a25b936b2 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 9 Jul 2024 09:43:54 -0700 Subject: [PATCH 03/30] wip--broken --- .github/actions/run-ee-server/action.yml | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 0c617fc4b..4be19dd30 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -41,15 +41,26 @@ runs: run: mkdir configs shell: bash + # - run: docker build . --build-arg rc=${{ inputs.use-server-rc == 'true' && '-rc' || '' }} --build-arg tag=${{ inputs.server-tag }} --tag ${{ env.SECURITY_IMAGE_TAG }} + # working-directory: .github/workflows + + - name: Cache Docker layers + uses: actions/cache@v4 + with: + path: /tmp/.buildx-cache + key: buildx-${{ inputs.use-server-rc }}-${{ inputs.server-tag }} + - name: Log into Docker Hub to get server RC if: ${{ inputs.use-server-rc == 'true' }} run: docker login --username ${{ inputs.docker-hub-username }} --password ${{ inputs.docker-hub-password }} shell: bash - - run: echo SECURITY_IMAGE_TAG=server-ee-${{ inputs.use-server-rc }}:${{ inputs.server-tag }} >> $GITHUB_ENV - - - run: docker build . --build-arg rc=${{ inputs.use-server-rc == 'true' && '-rc' || '' }} --build-arg tag=${{ inputs.server-tag }} --tag ${{ env.SECURITY_IMAGE_TAG }} - working-directory: .github/workflows + - name: Build and push + uses: docker/build-push-action@v6 + with: + push: true + tags: server-ee-${{ inputs.use-server-rc }}:${{ inputs.server-tag }} + cache-to: type=inline - run: docker run -d --name aerospike -p 3000:3000 ${{ env.SECURITY_IMAGE_TAG }} shell: bash From 30caee1d7185260d3ff6638ec9cef17d2f000b81 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:05:33 -0700 Subject: [PATCH 04/30] build w/out cache --- .github/actions/run-ee-server/action.yml | 28 ++++++++++-------------- .github/workflows/Dockerfile | 4 +--- 2 files changed, 12 insertions(+), 20 deletions(-) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 4be19dd30..5516139c1 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -41,28 +41,22 @@ runs: run: mkdir configs shell: bash - # - run: docker build . --build-arg rc=${{ inputs.use-server-rc == 'true' && '-rc' || '' }} --build-arg tag=${{ inputs.server-tag }} --tag ${{ env.SECURITY_IMAGE_TAG }} - # working-directory: .github/workflows - - - name: Cache Docker layers - uses: actions/cache@v4 - with: - path: /tmp/.buildx-cache - key: buildx-${{ inputs.use-server-rc }}-${{ inputs.server-tag }} - - name: Log into Docker Hub to get server RC if: ${{ inputs.use-server-rc == 'true' }} run: docker login --username ${{ inputs.docker-hub-username }} --password ${{ inputs.docker-hub-password }} shell: bash + - run: echo IMAGE_NAME=aerospike/aerospike-server-enterprise${{ inputs.use-server-rc == 'true' && '-rc' || '' }}:${{ inputs.server-tag }} >> $GITHUB_ENV + - run: echo SECURITY_IMAGE_NAME=${{ env.IMAGE_NAME }}-security >> $GITHUB_ENV + - name: Build and push uses: docker/build-push-action@v6 with: - push: true - tags: server-ee-${{ inputs.use-server-rc }}:${{ inputs.server-tag }} - cache-to: type=inline + build-args: | + image=${{ env.IMAGE_NAME }} + tags: ${{ env.SECURITY_IMAGE_NAME }} - - run: docker run -d --name aerospike -p 3000:3000 ${{ env.SECURITY_IMAGE_TAG }} + - run: docker run -d --name aerospike -p 3000:3000 ${{ env.SECURITY_IMAGE_NAME }} shell: bash - uses: ./.github/actions/wait-for-as-server-to-start @@ -73,10 +67,10 @@ runs: # Enabling debug logging for workflow runs doesn't show container logs # So we need this step for now - - if: ${{ !cancelled() && steps.wait-for-server1.outcome == 'failure' }} - name: Print logs to help debug why the server failed to start up - run: docker container logs aerospike - shell: bash + # - if: ${{ !cancelled() && steps.wait-for-server1.outcome == 'failure' }} + # name: Print logs to help debug why the server failed to start up + # run: docker container logs aerospike + # shell: bash # - name: Create user in database for tests # # Use default admin user to create another user for testing diff --git a/.github/workflows/Dockerfile b/.github/workflows/Dockerfile index 506b53eb9..b16d0e94f 100644 --- a/.github/workflows/Dockerfile +++ b/.github/workflows/Dockerfile @@ -1,4 +1,2 @@ -ARG rc="" -ARG tag=latest -FROM aerospike/aerospike-server-enterprise$rc:$tag +FROM $image RUN echo -e "security {\n\tenable-quotas true\n}\n" >> /etc/aerospike/aerospike.template.conf From 60bc9c47256d9f40803e8e119317c21d61641487 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:38:51 -0700 Subject: [PATCH 05/30] add shell --- .github/actions/run-ee-server/action.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 5516139c1..89f8f61fb 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -47,7 +47,10 @@ runs: shell: bash - run: echo IMAGE_NAME=aerospike/aerospike-server-enterprise${{ inputs.use-server-rc == 'true' && '-rc' || '' }}:${{ inputs.server-tag }} >> $GITHUB_ENV + shell: bash + - run: echo SECURITY_IMAGE_NAME=${{ env.IMAGE_NAME }}-security >> $GITHUB_ENV + shell: bash - name: Build and push uses: docker/build-push-action@v6 From cfe84e52e852a82100fa5be9638d223883bafcd0 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:50:54 -0700 Subject: [PATCH 06/30] Right path to Dockerfile --- .github/actions/run-ee-server/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 89f8f61fb..b37099056 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -57,6 +57,7 @@ runs: with: build-args: | image=${{ env.IMAGE_NAME }} + file: .github/workflows/Dockerfile tags: ${{ env.SECURITY_IMAGE_NAME }} - run: docker run -d --name aerospike -p 3000:3000 ${{ env.SECURITY_IMAGE_NAME }} From b78bddb454c8ba8ae1f745e01215d0d4a2905ede Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:53:32 -0700 Subject: [PATCH 07/30] Fix --- .github/workflows/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/Dockerfile b/.github/workflows/Dockerfile index b16d0e94f..6b6d6385c 100644 --- a/.github/workflows/Dockerfile +++ b/.github/workflows/Dockerfile @@ -1,2 +1,3 @@ +ARG image FROM $image RUN echo -e "security {\n\tenable-quotas true\n}\n" >> /etc/aerospike/aerospike.template.conf From 7271895b8c2954b65bf4cbc9d2e43092dbe60562 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 9 Jul 2024 16:58:23 -0700 Subject: [PATCH 08/30] Repo already cloned --- .github/actions/run-ee-server/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index b37099056..e676ab229 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -55,6 +55,7 @@ runs: - name: Build and push uses: docker/build-push-action@v6 with: + context: . build-args: | image=${{ env.IMAGE_NAME }} file: .github/workflows/Dockerfile From fd1a5d45156f6ea62b2482ab40beb8c5ee7a40e7 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Wed, 10 Jul 2024 08:10:26 -0700 Subject: [PATCH 09/30] Add print stmt --- .github/workflows/wait-for-as-server-to-start.bash | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 4f20ba4f7..97dc7a19b 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -26,4 +26,5 @@ while true; do # Server is ready when asinfo returns ok break fi + echo "Server didn't return ok. Polling again..." done From 11c02451e1b36b4e3592fff989eb6f2e2e5bc3e2 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Wed, 10 Jul 2024 08:14:28 -0700 Subject: [PATCH 10/30] add --- .github/workflows/wait-for-as-server-to-start.bash | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 97dc7a19b..2d07b5c19 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -24,6 +24,7 @@ while true; do # shellcheck disable=SC2086 # The flags in user credentials should be separate anyways. Not one string if docker exec "$container_name" asinfo $user_credentials -v status | tee >(cat) | grep -qE "^ok"; then # Server is ready when asinfo returns ok + echo "Server is ready now." break fi echo "Server didn't return ok. Polling again..." From 432be27d7f688ffaaaefd1727fdf386bd71359ae Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Wed, 10 Jul 2024 12:09:37 -0700 Subject: [PATCH 11/30] check --- .github/actions/run-ee-server/action.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index e676ab229..c8b3f2ead 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -55,6 +55,7 @@ runs: - name: Build and push uses: docker/build-push-action@v6 with: + # Don't want to use default Git context or else it will clone the whole Python client repo again context: . build-args: | image=${{ env.IMAGE_NAME }} @@ -73,9 +74,9 @@ runs: # Enabling debug logging for workflow runs doesn't show container logs # So we need this step for now # - if: ${{ !cancelled() && steps.wait-for-server1.outcome == 'failure' }} - # name: Print logs to help debug why the server failed to start up - # run: docker container logs aerospike - # shell: bash + - name: Print logs to help debug why the server failed to start up + run: docker container logs aerospike + shell: bash # - name: Create user in database for tests # # Use default admin user to create another user for testing From 1c681cb53712148119ffacf5f7885b595896b50f Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Wed, 10 Jul 2024 12:51:53 -0700 Subject: [PATCH 12/30] whoops --- .github/actions/run-ee-server/action.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index c8b3f2ead..f220fe397 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -49,6 +49,7 @@ runs: - run: echo IMAGE_NAME=aerospike/aerospike-server-enterprise${{ inputs.use-server-rc == 'true' && '-rc' || '' }}:${{ inputs.server-tag }} >> $GITHUB_ENV shell: bash + # TODO: needs to be the exact tag, not "latest" - run: echo SECURITY_IMAGE_NAME=${{ env.IMAGE_NAME }}-security >> $GITHUB_ENV shell: bash @@ -69,7 +70,7 @@ runs: id: wait-for-server1 with: container-name: aerospike - is-security-enabled: false + is-security-enabled: true # Enabling debug logging for workflow runs doesn't show container logs # So we need this step for now From 5a345c9bd97e663578835d188751cc2c7fa114b1 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Thu, 11 Jul 2024 11:50:03 -0700 Subject: [PATCH 13/30] Inspect docker container --- .github/workflows/wait-for-as-server-to-start.bash | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 2d07b5c19..6b3031102 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -25,6 +25,7 @@ while true; do if docker exec "$container_name" asinfo $user_credentials -v status | tee >(cat) | grep -qE "^ok"; then # Server is ready when asinfo returns ok echo "Server is ready now." + docker container inspect "$container_name" break fi echo "Server didn't return ok. Polling again..." From bc7be56f325a1adf373e165c6e5ba1f94a9fee7b Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 06:41:08 -0700 Subject: [PATCH 14/30] Check cluster-stable state --- .github/workflows/wait-for-as-server-to-start.bash | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 6b3031102..edf68ff10 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -25,6 +25,7 @@ while true; do if docker exec "$container_name" asinfo $user_credentials -v status | tee >(cat) | grep -qE "^ok"; then # Server is ready when asinfo returns ok echo "Server is ready now." + docker exec "$container_name" asinfo $user_credentials -v "cluster-stable" docker container inspect "$container_name" break fi From 7218d7aa0637dd8ac4a72fd3a63383da4ddfd369 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 08:05:41 -0700 Subject: [PATCH 15/30] Show state of cluster using asadm --- .github/workflows/wait-for-as-server-to-start.bash | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index edf68ff10..91f9fc6f1 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -26,7 +26,8 @@ while true; do # Server is ready when asinfo returns ok echo "Server is ready now." docker exec "$container_name" asinfo $user_credentials -v "cluster-stable" - docker container inspect "$container_name" + docker run --rm aerospike/aerospike-tools asadm -U admin -P admin -e "info network" -h $(docker inspect -f "{{ .NetworkSettings.IPAddress }}" "$container_name") + # docker container inspect "$container_name" break fi echo "Server didn't return ok. Polling again..." From 30527b3afd00cb752626589ff4ec6e7547e4257f Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 08:50:01 -0700 Subject: [PATCH 16/30] Also check cluster-stable --- .../wait-for-as-server-to-start.bash | 29 +++++++++++++------ 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 91f9fc6f1..7e17334f6 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -7,13 +7,13 @@ set -o pipefail container_name=$1 is_security_enabled=$2 -while true; do - if [[ $is_security_enabled == true ]]; then - # We need to pass credentials to asinfo if server requires it - # TODO: passing in hardcoded credentials since I can't figure out how to use --instance with global astools.conf - user_credentials="--user=admin --password=admin" - fi +if [[ $is_security_enabled == true ]]; then + # We need to pass credentials to asinfo if server requires it + # TODO: passing in hardcoded credentials since I can't figure out how to use --instance with global astools.conf + user_credentials="--user=admin --password=admin" +fi +while true; do # An unset variable will have a default empty value # Intermediate step is to print docker exec command's output in case it fails # Sometimes, errors only appear in stdout and not stderr, like if asinfo throws an error because of no credentials @@ -22,13 +22,24 @@ while true; do # grep doesn't have a way to print all lines passed as input. # ack does have an option but it doesn't come installed by default # shellcheck disable=SC2086 # The flags in user credentials should be separate anyways. Not one string + echo "Waiting for server to accept requests..." if docker exec "$container_name" asinfo $user_credentials -v status | tee >(cat) | grep -qE "^ok"; then # Server is ready when asinfo returns ok - echo "Server is ready now." - docker exec "$container_name" asinfo $user_credentials -v "cluster-stable" - docker run --rm aerospike/aerospike-tools asadm -U admin -P admin -e "info network" -h $(docker inspect -f "{{ .NetworkSettings.IPAddress }}" "$container_name") + echo "Can reach server now." # docker container inspect "$container_name" break fi + echo "Server didn't return ok. Polling again..." done + +while true; do + echo "Waiting for server to stabilize (i.e return a cluster key)..." + # We assume that when an ERROR is returned, the cluster is not stable yet + if docker exec "$container_name" asinfo $user_credentials -v cluster-stable 2>&1 | (! grep -qE "^ERROR"); then + echo "Server is in a stable state." + break + fi + + echo "Server did not return a cluster key. Polling again..." +done From d3ca02077d082c2d347f254d58b459633cc1d2e2 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 08:56:00 -0700 Subject: [PATCH 17/30] Change log msgs to make more sense --- .github/workflows/wait-for-as-server-to-start.bash | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 7e17334f6..d2f9911fd 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -22,7 +22,7 @@ while true; do # grep doesn't have a way to print all lines passed as input. # ack does have an option but it doesn't come installed by default # shellcheck disable=SC2086 # The flags in user credentials should be separate anyways. Not one string - echo "Waiting for server to accept requests..." + echo "Checking if we can reach the server via the service port..." if docker exec "$container_name" asinfo $user_credentials -v status | tee >(cat) | grep -qE "^ok"; then # Server is ready when asinfo returns ok echo "Can reach server now." @@ -30,7 +30,7 @@ while true; do break fi - echo "Server didn't return ok. Polling again..." + echo "Server didn't return ok via the service port. Polling again..." done while true; do From 458a199b13601cfa8374166c5736edeb0ed1b555 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 13:46:06 -0700 Subject: [PATCH 18/30] See if race condition happens with CE tests --- .github/workflows/tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 5aa87602d..d44de4826 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -344,7 +344,7 @@ jobs: container-name: aerospike - name: Run tests - run: python -m pytest ./new_tests -vv + run: python -m pytest ./new_tests -vv -k "not test_admin" working-directory: test test-lowest-supported-server: From 22e1fdf2105f96e88beca4131c294a8a3f9f8572 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 13:49:30 -0700 Subject: [PATCH 19/30] Assume we didn't wait for server to stabilize --- .../workflows/wait-for-as-server-to-start.bash | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index d2f9911fd..1905fb1a7 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -33,13 +33,13 @@ while true; do echo "Server didn't return ok via the service port. Polling again..." done -while true; do - echo "Waiting for server to stabilize (i.e return a cluster key)..." - # We assume that when an ERROR is returned, the cluster is not stable yet - if docker exec "$container_name" asinfo $user_credentials -v cluster-stable 2>&1 | (! grep -qE "^ERROR"); then - echo "Server is in a stable state." - break - fi +# while true; do +# echo "Waiting for server to stabilize (i.e return a cluster key)..." +# # We assume that when an ERROR is returned, the cluster is not stable yet +# if docker exec "$container_name" asinfo $user_credentials -v cluster-stable 2>&1 | (! grep -qE "^ERROR"); then +# echo "Server is in a stable state." +# break +# fi - echo "Server did not return a cluster key. Polling again..." -done +# echo "Server did not return a cluster key. Polling again..." +# done From ba2c99531bb318ab614dbce5cf41c0582c9b43ab Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 13:52:41 -0700 Subject: [PATCH 20/30] Minimize time to prepare tests --- .github/workflows/tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index d44de4826..5379e3996 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -344,7 +344,7 @@ jobs: container-name: aerospike - name: Run tests - run: python -m pytest ./new_tests -vv -k "not test_admin" + run: python -m pytest ./new_tests/test_get_put.py -vv -k "test_pos_get_initkey_with_client_policy_send" working-directory: test test-lowest-supported-server: From b4a80615c415ed9af4f8368a27b30052d2c63d01 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Fri, 12 Jul 2024 13:55:45 -0700 Subject: [PATCH 21/30] Does the issue go away if we check for stability --- .../workflows/wait-for-as-server-to-start.bash | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 1905fb1a7..d2f9911fd 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -33,13 +33,13 @@ while true; do echo "Server didn't return ok via the service port. Polling again..." done -# while true; do -# echo "Waiting for server to stabilize (i.e return a cluster key)..." -# # We assume that when an ERROR is returned, the cluster is not stable yet -# if docker exec "$container_name" asinfo $user_credentials -v cluster-stable 2>&1 | (! grep -qE "^ERROR"); then -# echo "Server is in a stable state." -# break -# fi +while true; do + echo "Waiting for server to stabilize (i.e return a cluster key)..." + # We assume that when an ERROR is returned, the cluster is not stable yet + if docker exec "$container_name" asinfo $user_credentials -v cluster-stable 2>&1 | (! grep -qE "^ERROR"); then + echo "Server is in a stable state." + break + fi -# echo "Server did not return a cluster key. Polling again..." -# done + echo "Server did not return a cluster key. Polling again..." +done From 142ddd9ed917e9df58dcddb24c6608ee656ad6de Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Mon, 15 Jul 2024 14:41:23 -0700 Subject: [PATCH 22/30] Create user using security.smd --- .github/actions/run-ee-server/action.yml | 4 +- .github/workflows/Dockerfile | 1 + .github/workflows/security.smd | 48 ++++++++++++++++++++++++ 3 files changed, 51 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/security.smd diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index f220fe397..31cebc536 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -32,8 +32,8 @@ runs: run: | crudini --existing=param --set config.conf enterprise-edition hosts '' crudini --existing=param --set config.conf enterprise-edition hosts 127.0.0.1:3000 - crudini --existing=param --set config.conf enterprise-edition user admin - crudini --existing=param --set config.conf enterprise-edition password admin + crudini --existing=param --set config.conf enterprise-edition user superuser + crudini --existing=param --set config.conf enterprise-edition password superuser working-directory: test shell: bash diff --git a/.github/workflows/Dockerfile b/.github/workflows/Dockerfile index 6b6d6385c..31a802a26 100644 --- a/.github/workflows/Dockerfile +++ b/.github/workflows/Dockerfile @@ -1,3 +1,4 @@ ARG image FROM $image RUN echo -e "security {\n\tenable-quotas true\n}\n" >> /etc/aerospike/aerospike.template.conf +COPY security.smd /opt/aerospike/smd/ diff --git a/.github/workflows/security.smd b/.github/workflows/security.smd new file mode 100644 index 000000000..9c530d514 --- /dev/null +++ b/.github/workflows/security.smd @@ -0,0 +1,48 @@ +[ + [ + 162276881999406, + 14 + ], + { + "key": "admin|P", + "value": "$2a$10$7EqJtq98hPqEX7fNZaFWoO1mVO/4MLpGzsqojz6E9Gef6iXDjXdDa", + "generation": 1, + "timestamp": 0 + }, + { + "key": "admin|R|user-admin", + "value": "", + "generation": 1, + "timestamp": 0 + }, + { + "key": "superuser|P", + "value": "$2a$10$7EqJtq98hPqEX7fNZaFWoOZX0o4mZCBUwvzt/iecIcG4JaDOC41zK", + "generation": 3, + "timestamp": 458774922440 + }, + { + "key": "superuser|R|read-write-udf", + "value": "", + "generation": 3, + "timestamp": 458774922441 + }, + { + "key": "superuser|R|sys-admin", + "value": "", + "generation": 3, + "timestamp": 458774922442 + }, + { + "key": "superuser|R|user-admin", + "value": "", + "generation": 3, + "timestamp": 458774922442 + }, + { + "key": "superuser|R|data-admin", + "value": null, + "generation": 2, + "timestamp": 458774718056 + } +] From 8eeb359f3d6e86afdb52a519666007cc89e9a1e8 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Mon, 15 Jul 2024 14:44:29 -0700 Subject: [PATCH 23/30] Fix --- .github/actions/run-ee-server/action.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 31cebc536..6f5c94f80 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -57,10 +57,9 @@ runs: uses: docker/build-push-action@v6 with: # Don't want to use default Git context or else it will clone the whole Python client repo again - context: . + context: .github/workflows build-args: | image=${{ env.IMAGE_NAME }} - file: .github/workflows/Dockerfile tags: ${{ env.SECURITY_IMAGE_NAME }} - run: docker run -d --name aerospike -p 3000:3000 ${{ env.SECURITY_IMAGE_NAME }} From 99e69500f0cc12a9b8f69a5e5c06f2300ff81f48 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Mon, 15 Jul 2024 16:30:48 -0700 Subject: [PATCH 24/30] Clarify why second check is needed --- .github/workflows/wait-for-as-server-to-start.bash | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index d2f9911fd..231b437bd 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -33,9 +33,11 @@ while true; do echo "Server didn't return ok via the service port. Polling again..." done +# Although the server may be reachable via the service port, the cluster may not be fully initialized yet. +# If we try to connect too soon (e.g right after "status" returns ok), the client may throw error code -1 while true; do echo "Waiting for server to stabilize (i.e return a cluster key)..." - # We assume that when an ERROR is returned, the cluster is not stable yet + # We assume that when an ERROR is returned, the cluster is not stable yet (i.e not fully initialized) if docker exec "$container_name" asinfo $user_credentials -v cluster-stable 2>&1 | (! grep -qE "^ERROR"); then echo "Server is in a stable state." break From 78f455c9c0a9dc9743c9d59ccb74f212fc0b0397 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 16 Jul 2024 07:14:37 -0700 Subject: [PATCH 25/30] cleanup --- .github/actions/run-ee-server/action.yml | 14 -------------- .../actions/wait-for-as-server-to-start/action.yml | 2 +- .github/workflows/tests.yml | 2 +- 3 files changed, 2 insertions(+), 16 deletions(-) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 6f5c94f80..7730f6e16 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -49,7 +49,6 @@ runs: - run: echo IMAGE_NAME=aerospike/aerospike-server-enterprise${{ inputs.use-server-rc == 'true' && '-rc' || '' }}:${{ inputs.server-tag }} >> $GITHUB_ENV shell: bash - # TODO: needs to be the exact tag, not "latest" - run: echo SECURITY_IMAGE_NAME=${{ env.IMAGE_NAME }}-security >> $GITHUB_ENV shell: bash @@ -66,19 +65,6 @@ runs: shell: bash - uses: ./.github/actions/wait-for-as-server-to-start - id: wait-for-server1 with: container-name: aerospike is-security-enabled: true - - # Enabling debug logging for workflow runs doesn't show container logs - # So we need this step for now - # - if: ${{ !cancelled() && steps.wait-for-server1.outcome == 'failure' }} - - name: Print logs to help debug why the server failed to start up - run: docker container logs aerospike - shell: bash - - # - name: Create user in database for tests - # # Use default admin user to create another user for testing - # run: docker exec aerospike asadm --user admin --password admin --enable -e "manage acl create user superuser password superuser roles read-write-udf sys-admin user-admin data-admin" - # shell: bash diff --git a/.github/actions/wait-for-as-server-to-start/action.yml b/.github/actions/wait-for-as-server-to-start/action.yml index 119fbcc3a..26841102b 100644 --- a/.github/actions/wait-for-as-server-to-start/action.yml +++ b/.github/actions/wait-for-as-server-to-start/action.yml @@ -21,5 +21,5 @@ runs: # Also, we don't want to fail if we timeout in case the server *did* finish starting up but the script couldn't detect it due to a bug # Effectively, this composite action is like calling "sleep" that is optimized to exit early when it detects an ok from the server - name: Wait for EE server to start - run: timeout 5 bash ./.github/workflows/wait-for-as-server-to-start.bash ${{ inputs.container-name }} ${{ inputs.is-security-enabled }} || true + run: timeout 30 bash ./.github/workflows/wait-for-as-server-to-start.bash ${{ inputs.container-name }} ${{ inputs.is-security-enabled }} || true shell: bash diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 5379e3996..5aa87602d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -344,7 +344,7 @@ jobs: container-name: aerospike - name: Run tests - run: python -m pytest ./new_tests/test_get_put.py -vv -k "test_pos_get_initkey_with_client_policy_send" + run: python -m pytest ./new_tests -vv working-directory: test test-lowest-supported-server: From b15d4c47767924195fcbfe02243556d6a57326e6 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 16 Jul 2024 08:26:07 -0700 Subject: [PATCH 26/30] install buildx on macos --- .github/actions/run-ee-server/action.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index a9388d8c7..ba3dec211 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -54,6 +54,10 @@ runs: - run: echo SECURITY_IMAGE_NAME=${{ env.IMAGE_NAME }}-security >> $GITHUB_ENV shell: bash + # macOS Github runners don't have Docker by default + - if: ${{ runner.os == 'macOS' }} + run: brew install docker-buildx + - name: Build and push uses: docker/build-push-action@v6 with: From 1bf8ff17b8a16e1160be47fc4151d8884f48c62f Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 16 Jul 2024 08:28:54 -0700 Subject: [PATCH 27/30] Fix syntax --- .github/actions/run-ee-server/action.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index ba3dec211..2e80f54e1 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -57,6 +57,7 @@ runs: # macOS Github runners don't have Docker by default - if: ${{ runner.os == 'macOS' }} run: brew install docker-buildx + shell: bash - name: Build and push uses: docker/build-push-action@v6 From f8f5a61b59d4ea15cc8cec27b816ae47d48e6470 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 16 Jul 2024 11:25:30 -0700 Subject: [PATCH 28/30] Add comments --- .github/workflows/Dockerfile | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/Dockerfile b/.github/workflows/Dockerfile index 31a802a26..e15848240 100644 --- a/.github/workflows/Dockerfile +++ b/.github/workflows/Dockerfile @@ -1,4 +1,10 @@ ARG image FROM $image RUN echo -e "security {\n\tenable-quotas true\n}\n" >> /etc/aerospike/aerospike.template.conf +# security.smd was generated manually by +# 1. Starting a new Aerospike EE server using Docker +# 2. Creating the superuser user +# 3. Copying /opt/aerospike/smd/security.smd from the container and committing it to this repo +# This file should always work +# TODO: generate this automatically, somehow COPY security.smd /opt/aerospike/smd/ From 5da791ce5b70e2bc7921500f293c2b7c9fa1da17 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 16 Jul 2024 11:41:25 -0700 Subject: [PATCH 29/30] Fix comment --- .github/workflows/wait-for-as-server-to-start.bash | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/wait-for-as-server-to-start.bash b/.github/workflows/wait-for-as-server-to-start.bash index 231b437bd..c43e17da5 100755 --- a/.github/workflows/wait-for-as-server-to-start.bash +++ b/.github/workflows/wait-for-as-server-to-start.bash @@ -9,7 +9,7 @@ is_security_enabled=$2 if [[ $is_security_enabled == true ]]; then # We need to pass credentials to asinfo if server requires it - # TODO: passing in hardcoded credentials since I can't figure out how to use --instance with global astools.conf + # TODO: passing in credentials via command line flags since I can't figure out how to use --instance with global astools.conf user_credentials="--user=admin --password=admin" fi From e2e6d39727c966810c84d23299caa0daf3af5553 Mon Sep 17 00:00:00 2001 From: Julian Nguyen <109386615+juliannguyen4@users.noreply.github.com> Date: Tue, 16 Jul 2024 11:56:22 -0700 Subject: [PATCH 30/30] Add warning --- .github/actions/run-ee-server/action.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/actions/run-ee-server/action.yml b/.github/actions/run-ee-server/action.yml index 2e80f54e1..14417df97 100644 --- a/.github/actions/run-ee-server/action.yml +++ b/.github/actions/run-ee-server/action.yml @@ -1,5 +1,7 @@ name: 'Run EE Server' description: 'Run EE server. Returns once server is ready. Only tested on Linux and macOS' +# NOTE: do not share this server container with others +# since it's using the default admin / admin credentials inputs: # All inputs in composite actions are strings use-server-rc: