From 714d6a64fd5955fec1230edc6da597be05843100 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Tue, 10 Jan 2023 11:00:43 +0800 Subject: [PATCH 01/12] Add self-signed SSL test. --- .github/workflows/pull_request.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 31838115..b831c02f 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -290,6 +290,27 @@ jobs: make install popd timeout-minutes: 10 + - name: Nebula Server self-signed SSL + run: | + echo '--cert_path=share/resources/test.ca.pem' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + echo '--key_path=share/resources/test.ca.key' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + echo '--ca_path=' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + /usr/local/nebula/scripts/nebula.service restart all + /usr/local/nebula/scripts/nebula.service status all + # The connection maybe unstable, so we wait a while + sleep 10 + - name: CTest self-signed SSL + env: + ASAN_OPTIONS: fast_unwind_on_malloc=1 + run: | + pushd build + # register storage to meta and wait heartbeat + ./bin/regist_host --enable_ssl=true --host=127.0.0.1:9779 && sleep 20 + ctest -j $(nproc) -R '\w*_ssl_test' --timeout 10000 --output-on-failure + make install + popd + timeout-minutes: 10 - name: Upload logs uses: actions/upload-artifact@v2 if: ${{ failure() }} From fe29bcc894d4339e3b1a1a8bd3fa0a6983423a36 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Tue, 10 Jan 2023 14:43:37 +0800 Subject: [PATCH 02/12] Tune test. --- .github/workflows/pull_request.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index b831c02f..395e7098 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -296,7 +296,9 @@ jobs: echo '--key_path=share/resources/test.ca.key' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf echo '--ca_path=' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf - /usr/local/nebula/scripts/nebula.service restart all + /usr/local/nebula/scripts/nebula.service stop all + sleep 10 + /usr/local/nebula/scripts/nebula.service stop all /usr/local/nebula/scripts/nebula.service status all # The connection maybe unstable, so we wait a while sleep 10 From cb8a12a7c15375094a1bba6004b94f479039c436 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Wed, 11 Jan 2023 10:48:59 +0800 Subject: [PATCH 03/12] Fix. --- .github/workflows/pull_request.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 395e7098..aa3ab9bf 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -298,7 +298,7 @@ jobs: echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf /usr/local/nebula/scripts/nebula.service stop all sleep 10 - /usr/local/nebula/scripts/nebula.service stop all + /usr/local/nebula/scripts/nebula.service start all /usr/local/nebula/scripts/nebula.service status all # The connection maybe unstable, so we wait a while sleep 10 From 39458a34950cb7f1bd0debaa8519a09098a71a7f Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Wed, 11 Jan 2023 11:18:52 +0800 Subject: [PATCH 04/12] Tune test. --- .github/workflows/pull_request.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index aa3ab9bf..11c85e5c 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -296,6 +296,7 @@ jobs: echo '--key_path=share/resources/test.ca.key' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf echo '--ca_path=' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + /usr/local/nebula/scripts/nebula.service status all /usr/local/nebula/scripts/nebula.service stop all sleep 10 /usr/local/nebula/scripts/nebula.service start all From 6f6cb151eec94ba1d1403d0eeac32e74a9323a9f Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Wed, 11 Jan 2023 11:40:11 +0800 Subject: [PATCH 05/12] Tune test. --- .github/workflows/pull_request.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 11c85e5c..a65a5429 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -297,7 +297,9 @@ jobs: echo '--ca_path=' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf /usr/local/nebula/scripts/nebula.service status all - /usr/local/nebula/scripts/nebula.service stop all + pkill -9 nebula-graphd + pkill -9 nebula-storaged + pkill -9 nebula-metad sleep 10 /usr/local/nebula/scripts/nebula.service start all /usr/local/nebula/scripts/nebula.service status all From 922a19f69cebe8d8a67c3861539323b849c09fc3 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Wed, 11 Jan 2023 15:08:05 +0800 Subject: [PATCH 06/12] Tune test. --- .github/workflows/pull_request.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index a65a5429..53646202 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -297,10 +297,10 @@ jobs: echo '--ca_path=' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf /usr/local/nebula/scripts/nebula.service status all - pkill -9 nebula-graphd - pkill -9 nebula-storaged - pkill -9 nebula-metad - sleep 10 + pkill nebula-graphd + pkill nebula-storaged + pkill nebula-metad + sleep 30 /usr/local/nebula/scripts/nebula.service start all /usr/local/nebula/scripts/nebula.service status all # The connection maybe unstable, so we wait a while From 89b3c417c1baefa5f05e15a84c55c2b6177e2db3 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Wed, 11 Jan 2023 16:18:40 +0800 Subject: [PATCH 07/12] Add new runner. --- .github/workflows/pull_request.yml | 122 +++++++++++++++++++++++++++++ 1 file changed, 122 insertions(+) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 53646202..eb204750 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -325,3 +325,125 @@ jobs: - name: Cleanup if: ${{ always() }} run: rm -rf build modules + + build_ssl_ca: + name: build ssl self signed + needs: lint + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + os: + - centos7 + - ubuntu2004 + compiler: + - gcc-9.2 + - clang-9 + exclude: + - os: centos7 + compiler: clang-9 + container: + image: vesoft/nebula-dev:${{ matrix.os }} + volumes: + - /tmp/nebula-graph-client/${{ matrix.os }}-${{ matrix.compiler }}:/tmp/nebula-graph-client/nebula-graph/${{ matrix.os }}-${{ matrix.compiler }} + options: --mount type=tmpfs,destination=/tmp/ccache/nebula-graph,tmpfs-size=1073741824 --cap-add=SYS_PTRACE + steps: + - uses: actions/checkout@v2 + - name: CMake + run: | + case ${{ matrix.compiler }} in + gcc-*) + case ${{ matrix.os }} in + centos7) + # build with Release type + cmake \ + -DCMAKE_CXX_COMPILER=$TOOLSET_GCC_DIR/bin/g++ \ + -DCMAKE_C_COMPILER=$TOOLSET_GCC_DIR/bin/gcc \ + -DCMAKE_BUILD_TYPE=Release \ + -DENABLE_TESTING=on \ + -DCMAKE_INSTALL_PREFIX=/usr/local/nebula \ + -DDISABLE_CXX11_ABI=ON \ + -B build + ;; + ubuntu2004) + # build with Debug type + cmake \ + -DCMAKE_CXX_COMPILER=$TOOLSET_GCC_DIR/bin/g++ \ + -DCMAKE_C_COMPILER=$TOOLSET_GCC_DIR/bin/gcc \ + -DCMAKE_BUILD_TYPE=Debug \ + -DENABLE_TESTING=on \ + -DCMAKE_INSTALL_PREFIX=/usr/local/nebula \ + -B build + ;; + esac + ;; + clang-*) + # build with Sanitizer + cmake \ + -DCMAKE_CXX_COMPILER=$TOOLSET_CLANG_DIR/bin/clang++ \ + -DCMAKE_C_COMPILER=$TOOLSET_CLANG_DIR/bin/clang \ + -DCMAKE_BUILD_TYPE=Debug \ + -DENABLE_ASAN=on \ + -DENABLE_TESTING=on \ + -DCMAKE_INSTALL_PREFIX=/usr/local/nebula \ + -B build + ;; + esac + - name: Make + run: cmake --build build/ -j $(nproc) + - name: Nebula Server self-signed SSL + run: | + case ${{ matrix.os }} in + centos7) + set +e + for i in {0..10}; do + wget https://oss-cdn.nebula-graph.com.cn/package/nightly/$(./date.py --day_diff=$i)/nebula-graph-$(./date.py --day_diff=$i)-nightly.el7.x86_64.rpm + rpm -ivh nebula-graph-$(./date.py --day_diff=$i)-nightly.el7.x86_64.rpm + if [ $? -eq 0 ]; then + break; + fi + done + set -e + ;; + ubuntu2004) + set +e + for i in {0..10}; do + wget https://oss-cdn.nebula-graph.com.cn/package/nightly/$(./date.py --day_diff=$i)/nebula-graph-$(./date.py --day_diff=$i)-nightly.ubuntu2004.amd64.deb + dpkg -i nebula-graph-$(./date.py --day_diff=$i)-nightly.ubuntu2004.amd64.deb + if [ $? -eq 0 ]; then + break; + fi + done + set -e + ;; + esac + chmod u+w /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + echo '--cert_path=share/resources/test.ca.pem' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + echo '--key_path=share/resources/test.ca.key' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + echo '--enable_ssl=true' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf + cp certs/* /usr/local/nebula/share/resources + /usr/local/nebula/scripts/nebula.service start all + /usr/local/nebula/scripts/nebula.service status all + # The connection maybe unstable, so we wait a while + sleep 10 + - name: CTest self-signed SSL + env: + ASAN_OPTIONS: fast_unwind_on_malloc=1 + run: | + pushd build + # register storage to meta and wait heartbeat + ./bin/regist_host --enable_ssl=true --host=127.0.0.1:9779 && sleep 20 + ctest -j $(nproc) -R '\w*_ssl_test' --timeout 10000 --output-on-failure + make install + popd + timeout-minutes: 10 + - name: Upload logs + uses: actions/upload-artifact@v2 + if: ${{ failure() }} + with: + name: ${{ matrix.os }}-${{ matrix.compiler }}-ssl-test-logs + path: /usr/local/nebula/logs/ + - name: Cleanup + if: ${{ always() }} + run: rm -rf build modules From 8afd1ff45a5e81db8aca25401321666b261ee903 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Wed, 11 Jan 2023 16:37:38 +0800 Subject: [PATCH 08/12] Tune test. --- .github/workflows/pull_request.yml | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index eb204750..9f35a967 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -290,32 +290,6 @@ jobs: make install popd timeout-minutes: 10 - - name: Nebula Server self-signed SSL - run: | - echo '--cert_path=share/resources/test.ca.pem' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf - echo '--key_path=share/resources/test.ca.key' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf - echo '--ca_path=' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf - echo '--password_path=share/resources/test.ca.password' | tee -a /usr/local/nebula/etc/nebula-graphd.conf /usr/local/nebula/etc/nebula-storaged.conf /usr/local/nebula/etc/nebula-metad.conf - /usr/local/nebula/scripts/nebula.service status all - pkill nebula-graphd - pkill nebula-storaged - pkill nebula-metad - sleep 30 - /usr/local/nebula/scripts/nebula.service start all - /usr/local/nebula/scripts/nebula.service status all - # The connection maybe unstable, so we wait a while - sleep 10 - - name: CTest self-signed SSL - env: - ASAN_OPTIONS: fast_unwind_on_malloc=1 - run: | - pushd build - # register storage to meta and wait heartbeat - ./bin/regist_host --enable_ssl=true --host=127.0.0.1:9779 && sleep 20 - ctest -j $(nproc) -R '\w*_ssl_test' --timeout 10000 --output-on-failure - make install - popd - timeout-minutes: 10 - name: Upload logs uses: actions/upload-artifact@v2 if: ${{ failure() }} From 5e23192e15e6a90fb91f4f617c1b66f3ef9dcb7c Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Thu, 12 Jan 2023 14:27:27 +0800 Subject: [PATCH 09/12] Tune test. --- src/client/Connection.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/client/Connection.cpp b/src/client/Connection.cpp index 85c6711e..98a029a5 100644 --- a/src/client/Connection.cpp +++ b/src/client/Connection.cpp @@ -111,6 +111,7 @@ bool Connection::open(const std::string &address, return false; } if (!socket->good()) { + DLOG(ERROR) << "Connection is not good."; return false; } // TODO workaround for issue #72 From 79bee7ed95d609fd7541a6c1a36ef5d506182b0b Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Thu, 12 Jan 2023 14:45:33 +0800 Subject: [PATCH 10/12] Tune test. --- src/client/Connection.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/src/client/Connection.cpp b/src/client/Connection.cpp index 98a029a5..fcb83e4e 100644 --- a/src/client/Connection.cpp +++ b/src/client/Connection.cpp @@ -108,6 +108,7 @@ bool Connection::open(const std::string &address, } }); if (!complete) { + DLOG(ERROR) << "Connect failed."; return false; } if (!socket->good()) { From 4a5d9bb2da10152892b1d48969725886ea6f1060 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Thu, 12 Jan 2023 15:14:47 +0800 Subject: [PATCH 11/12] Add host setting. --- .github/workflows/pull_request.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 9f35a967..1fe7c8db 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -399,6 +399,9 @@ jobs: cp certs/* /usr/local/nebula/share/resources /usr/local/nebula/scripts/nebula.service start all /usr/local/nebula/scripts/nebula.service status all + echo '127.0.0.1 graphd' >> /etc/hosts + echo '127.0.0.1 graphd1' >> /etc/hosts + echo '127.0.0.1 graphd2' >> /etc/hosts # The connection maybe unstable, so we wait a while sleep 10 - name: CTest self-signed SSL From 93e79c5c76bb12ee97e032910b938958c309d3f3 Mon Sep 17 00:00:00 2001 From: Shylock Hg <33566796+Shylock-Hg@users.noreply.github.com> Date: Thu, 12 Jan 2023 15:34:23 +0800 Subject: [PATCH 12/12] Remove unused code. --- src/client/Connection.cpp | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/client/Connection.cpp b/src/client/Connection.cpp index fcb83e4e..85c6711e 100644 --- a/src/client/Connection.cpp +++ b/src/client/Connection.cpp @@ -108,11 +108,9 @@ bool Connection::open(const std::string &address, } }); if (!complete) { - DLOG(ERROR) << "Connect failed."; return false; } if (!socket->good()) { - DLOG(ERROR) << "Connection is not good."; return false; } // TODO workaround for issue #72