diff --git a/contrib/pg_tde/t/001_basic.pl b/contrib/pg_tde/t/001_basic.pl index c9619b104e9f2..6cd741ca4c216 100644 --- a/contrib/pg_tde/t/001_basic.pl +++ b/contrib/pg_tde/t/001_basic.pl @@ -1,79 +1,72 @@ #!/usr/bin/perl use strict; -use warnings; -use File::Basename; +use warnings FATAL => 'all'; +use PostgreSQL::Test::Cluster; +use PostgreSQL::Test::Utils; use Test::More; -use lib 't'; -use pgtde; -PGTDE::setup_files_dir(basename($0)); +use FindBin; +use lib $FindBin::RealBin; + +use pgtde; my $node = PostgreSQL::Test::Cluster->new('main'); $node->init; $node->append_conf('postgresql.conf', "shared_preload_libraries = 'pg_tde'"); $node->start; -PGTDE::psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;'); - -PGTDE::psql($node, 'postgres', - 'SELECT extname, extversion FROM pg_extension WHERE extname = \'pg_tde\';' +PGTDE::do_psql($node, 'postgres', q{CREATE EXTENSION IF NOT EXISTS pg_tde}); +PGTDE::do_psql( + $node, 'postgres', q{ + SELECT pg_tde_add_database_key_provider_file( + provider_name => 'file-vault', + file_path => '/tmp/pg_tde_test_keyring.per' + ) + } ); - -PGTDE::psql($node, 'postgres', - 'CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap;' +PGTDE::do_psql( + $node, 'postgres', q{ + SELECT pg_tde_set_key_using_database_key_provider( + key_name => 'test-db-key', + provider_name => 'file-vault' + ) + } ); - -PGTDE::append_to_result_file("-- server restart"); -$node->restart; - -PGTDE::psql($node, 'postgres', - "SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per');" +PGTDE::do_psql( + $node, 'postgres', q{ + CREATE TABLE test_enc( + id SERIAL, + k VARCHAR(32), + PRIMARY KEY (id) + ) USING tde_heap + } ); - -PGTDE::psql($node, 'postgres', - "SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault');" +PGTDE::do_psql( + $node, 'postgres', q{ + INSERT INTO test_enc (k) VALUES ('foobar'), ('barfoo') + } ); -PGTDE::psql($node, 'postgres', - 'CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap;' -); - -PGTDE::psql($node, 'postgres', - 'INSERT INTO test_enc (k) VALUES (\'foobar\'),(\'barfoo\');'); - -PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;'); - -PGTDE::append_to_result_file("-- server restart"); $node->restart; -PGTDE::psql($node, 'postgres', 'SELECT * FROM test_enc ORDER BY id ASC;'); - -# Verify that we can't see the data in the file -my $tablefile = $node->safe_psql('postgres', 'SHOW data_directory;'); -$tablefile .= '/'; -$tablefile .= - $node->safe_psql('postgres', 'SELECT pg_relation_filepath(\'test_enc\');'); - -my $strings = 'TABLEFILE FOUND: '; -$strings .= `(ls $tablefile >/dev/null && echo yes) || echo no`; -PGTDE::append_to_result_file($strings); +is( PGTDE::do_psql( + $node, 'postgres', q{ + SELECT * FROM test_enc ORDER BY id ASC + } + ), + "1|foobar\n2|barfoo", + 'tde_heap table can be read after server restart'); -$strings = 'CONTAINS FOO (should be empty): '; -$strings .= `strings $tablefile | grep foo`; -PGTDE::append_to_result_file($strings); +my $tablefile = + $node->data_dir . '/' + . PGTDE::do_psql($node, 'postgres', + q{SELECT pg_relation_filepath('test_enc')}); +my $tablefilecontents = slurp_file($tablefile); -PGTDE::psql($node, 'postgres', 'DROP TABLE test_enc;'); - -PGTDE::psql($node, 'postgres', 'DROP EXTENSION pg_tde;'); +unlike($tablefilecontents, qr/foo/, + 'table file does not contain plaintext data'); $node->stop; -# Compare the expected and out file -my $compare = PGTDE->compare_results(); - -is($compare, 0, - "Compare Files: $PGTDE::expected_filename_with_path and $PGTDE::out_filename_with_path files." -); - done_testing(); diff --git a/contrib/pg_tde/t/expected/001_basic.out b/contrib/pg_tde/t/expected/001_basic.out deleted file mode 100644 index c1e385741b99f..0000000000000 --- a/contrib/pg_tde/t/expected/001_basic.out +++ /dev/null @@ -1,45 +0,0 @@ -CREATE EXTENSION IF NOT EXISTS pg_tde; -SELECT extname, extversion FROM pg_extension WHERE extname = 'pg_tde'; - extname | extversion ----------+------------ - pg_tde | 1.0-rc -(1 row) - -CREATE TABLE test_enc(id SERIAL,k INTEGER,PRIMARY KEY (id)) USING tde_heap; -psql::1: ERROR: principal key not configured -HINT: create one using pg_tde_set_key before using encrypted tables --- server restart -SELECT pg_tde_add_database_key_provider_file('file-vault','/tmp/pg_tde_test_keyring.per'); - pg_tde_add_database_key_provider_file ---------------------------------------- - 1 -(1 row) - -SELECT pg_tde_set_key_using_database_key_provider('test-db-key','file-vault'); - pg_tde_set_key_using_database_key_provider --------------------------------------------- - -(1 row) - -CREATE TABLE test_enc(id SERIAL,k VARCHAR(32),PRIMARY KEY (id)) USING tde_heap; -INSERT INTO test_enc (k) VALUES ('foobar'),('barfoo'); -SELECT * FROM test_enc ORDER BY id ASC; - id | k -----+-------- - 1 | foobar - 2 | barfoo -(2 rows) - --- server restart -SELECT * FROM test_enc ORDER BY id ASC; - id | k -----+-------- - 1 | foobar - 2 | barfoo -(2 rows) - -TABLEFILE FOUND: yes - -CONTAINS FOO (should be empty): -DROP TABLE test_enc; -DROP EXTENSION pg_tde; diff --git a/contrib/pg_tde/t/pgtde.pm b/contrib/pg_tde/t/pgtde.pm index 16b98c392a5b4..a2a3a8af79557 100644 --- a/contrib/pg_tde/t/pgtde.pm +++ b/contrib/pg_tde/t/pgtde.pm @@ -81,4 +81,31 @@ sub compare_results return compare($expected_filename_with_path, $out_filename_with_path); } +sub do_psql +{ + my ($node, $dbname, $sql, %params) = @_; + + local %ENV = $node->_get_env(); + + my ($stdout, $stderr); + my $ret = $node->psql( + $dbname, $sql, + %params, + stdout => \$stdout, + stderr => \$stderr, + on_error_die => 0, + on_error_stop => 1); + + # psql can emit stderr from NOTICEs etc + if ($stderr ne "") + { + diag("#### Begin standard error\n"); + diag($stderr); + diag("\n#### End standard error\n"); + } + + die() if $ret; + + return $stdout; +} 1;