From 03099590de050841cd20e4169313aac17e80cceb Mon Sep 17 00:00:00 2001 From: eaydingol Date: Thu, 22 Feb 2024 13:12:07 +0000 Subject: [PATCH] Metadata sync tests, parallelize tests --- .../metadata_sync_from_non_maindb.out | 19 +++++++++++++++++++ .../regress/expected/seclabel_non_maindb.out | 3 +-- src/test/regress/multi_schedule | 3 +-- .../sql/metadata_sync_from_non_maindb.sql | 9 +++++++++ src/test/regress/sql/seclabel_non_maindb.sql | 3 +-- 5 files changed, 31 insertions(+), 6 deletions(-) diff --git a/src/test/regress/expected/metadata_sync_from_non_maindb.out b/src/test/regress/expected/metadata_sync_from_non_maindb.out index 695b7a4b3..8916e5e6c 100644 --- a/src/test/regress/expected/metadata_sync_from_non_maindb.out +++ b/src/test/regress/expected/metadata_sync_from_non_maindb.out @@ -63,7 +63,18 @@ select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db', (TEMPORARY,t) (8 rows) +-- test for security label on role +\c metadata_sync_2pc_db - - :master_port +SECURITY LABEL FOR "citus '!tests_label_provider" ON ROLE grant_role2pc_user4 IS 'citus_unclassified'; +SECURITY LABEL FOR "citus '!tests_label_provider" ON ROLE "grant_role2pc'_user1" IS 'citus_classified'; \c regression +SELECT node_type, result FROM get_citus_tests_label_provider_labels('grant_role2pc_user4') ORDER BY node_type; + node_type | result +--------------------------------------------------------------------- + coordinator | {"label": "citus_unclassified", "objtype": "role", "provider": "citus '!tests_label_provider"} + worker_1 | {"label": "citus_unclassified", "objtype": "role", "provider": "citus '!tests_label_provider"} +(2 rows) + set citus.enable_create_database_propagation to on; select 1 from citus_add_node('localhost', :worker_2_port); ?column? @@ -121,6 +132,14 @@ select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db', (TEMPORARY,t) (12 rows) +SELECT node_type, result FROM get_citus_tests_label_provider_labels('grant_role2pc_user4') ORDER BY node_type; + node_type | result +--------------------------------------------------------------------- + coordinator | {"label": "citus_unclassified", "objtype": "role", "provider": "citus '!tests_label_provider"} + worker_1 | {"label": "citus_unclassified", "objtype": "role", "provider": "citus '!tests_label_provider"} + worker_2 | {"label": "citus_unclassified", "objtype": "role", "provider": "citus '!tests_label_provider"} +(3 rows) + \c metadata_sync_2pc_db revoke "grant_role2pc'_user1","grant_role2pc'_user2" from grant_role2pc_user4,grant_role2pc_user5 ; revoke admin option for "grant_role2pc'_user1","grant_role2pc'_user2" from "grant_role2pc'_user3"; diff --git a/src/test/regress/expected/seclabel_non_maindb.out b/src/test/regress/expected/seclabel_non_maindb.out index 8baed7731..48c89fb31 100644 --- a/src/test/regress/expected/seclabel_non_maindb.out +++ b/src/test/regress/expected/seclabel_non_maindb.out @@ -60,8 +60,7 @@ SELECT node_type, result FROM get_citus_tests_label_provider_labels('database1') (3 rows) -- Check that only the SECURITY LABEL for ROLES is propagated to the non-main databases on other nodes -\c - - - :worker_1_port -\c database_w1 +\c database_w1 - - :worker_1_port SELECT provider, objtype, label, objname FROM pg_seclabels ORDER BY objname; provider | objtype | label | objname --------------------------------------------------------------------- diff --git a/src/test/regress/multi_schedule b/src/test/regress/multi_schedule index e57f66d1a..85de7b8b8 100644 --- a/src/test/regress/multi_schedule +++ b/src/test/regress/multi_schedule @@ -108,8 +108,7 @@ test: object_propagation_debug test: undistribute_table test: run_command_on_all_nodes test: background_task_queue_monitor -test: other_databases grant_role_from_non_maindb -test: seclabel_non_maindb +test: other_databases grant_role_from_non_maindb seclabel_non_maindb test: citus_internal_access # Causal clock test diff --git a/src/test/regress/sql/metadata_sync_from_non_maindb.sql b/src/test/regress/sql/metadata_sync_from_non_maindb.sql index a90d6915a..2265a4d24 100644 --- a/src/test/regress/sql/metadata_sync_from_non_maindb.sql +++ b/src/test/regress/sql/metadata_sync_from_non_maindb.sql @@ -37,7 +37,14 @@ select check_database_privileges('grant_role2pc''_user1','metadata_sync_2pc_db', select check_database_privileges('grant_role2pc''_user2','metadata_sync_2pc_db',ARRAY['CONNECT']); select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']); +-- test for security label on role +\c metadata_sync_2pc_db - - :master_port +SECURITY LABEL FOR "citus '!tests_label_provider" ON ROLE grant_role2pc_user4 IS 'citus_unclassified'; +SECURITY LABEL FOR "citus '!tests_label_provider" ON ROLE "grant_role2pc'_user1" IS 'citus_classified'; + \c regression +SELECT node_type, result FROM get_citus_tests_label_provider_labels('grant_role2pc_user4') ORDER BY node_type; + set citus.enable_create_database_propagation to on; select 1 from citus_add_node('localhost', :worker_2_port); @@ -56,6 +63,8 @@ select check_database_privileges('grant_role2pc''_user1','metadata_sync_2pc_db', select check_database_privileges('grant_role2pc''_user2','metadata_sync_2pc_db',ARRAY['CONNECT']); select check_database_privileges('grant_role2pc''_user3','metadata_sync_2pc_db',ARRAY['CREATE','CONNECT','TEMP','TEMPORARY']); +SELECT node_type, result FROM get_citus_tests_label_provider_labels('grant_role2pc_user4') ORDER BY node_type; + \c metadata_sync_2pc_db revoke "grant_role2pc'_user1","grant_role2pc'_user2" from grant_role2pc_user4,grant_role2pc_user5 ; diff --git a/src/test/regress/sql/seclabel_non_maindb.sql b/src/test/regress/sql/seclabel_non_maindb.sql index 2f80644b5..1833d4193 100644 --- a/src/test/regress/sql/seclabel_non_maindb.sql +++ b/src/test/regress/sql/seclabel_non_maindb.sql @@ -41,8 +41,7 @@ SECURITY LABEL ON TABLE a IS 'citus_classified'; SELECT node_type, result FROM get_citus_tests_label_provider_labels('database1') ORDER BY node_type; -- Check that only the SECURITY LABEL for ROLES is propagated to the non-main databases on other nodes -\c - - - :worker_1_port -\c database_w1 +\c database_w1 - - :worker_1_port SELECT provider, objtype, label, objname FROM pg_seclabels ORDER BY objname;