#138: Add extension (#139)

* Fix typo in user guide

* Trim trailing spaces in user guide

* Increment version

* Upgrade Exasol DB versions

* Add extension project

* Generate extension info incl. file content

* #138 Create instance

* Fix formatting of user guide

* Upgrade test dependencies

* Add parameters for debug_address & log_level

* Code cleanup

* Upgrade to latest exasol version

* Exclude vulnerabilities

* Run pk fix

* Implement extension

* Implement delete instance & upgrade

* Skip extension integration tests for Exasol 8

* Update release date

* Free up disk space during build

* Apply suggestions from code review

Co-authored-by: Christoph Kuhnke <github@kuhnke.net>

* Implement review findings by @ckunki

---------

Co-authored-by: Christoph Kuhnke <github@kuhnke.net>

.gitattributes

@@ -1,8 +1,11 @@
 *.sh text eol=lf
 *.bat text eol=crlf
 
-pk_generated_parent.pom linguist-generated=true
-dependencies.md linguist-generated=true
-doc/changes/changelog.md linguist-generated=true
-.github/workflows/broken_links_checker.yml linguist-generated=true
-.github/workflows/dependencies_check.yml linguist-generated=true
+pk_generated_parent.pom linguist-generated=true
+dependencies.md linguist-generated=true
+doc/changes/changelog.md linguist-generated=true
+.github/workflows/broken_links_checker.yml linguist-generated=true
+.github/workflows/dependencies_check.yml linguist-generated=true
+extension/package-lock.json linguist-generated=true
+.settings/org.eclipse.jdt.core.prefs linguist-generated=true
+.settings/org.eclipse.jdt.ui.prefs linguist-generated=true

.github/workflows/ci-build.yml

@@ -13,12 +13,16 @@ jobs:
  fail-fast: true
  matrix:
  lua_version: [5.4]
- docker_db_version: ["7.1.21", "8.20.0"]
+ docker_db_version: ["7.1.22", "8.22.0"]
  runs-on: ubuntu-22.04
  concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.lua_version }}-${{ matrix.docker_db_version }}
  cancel-in-progress: true
  steps:
+ - name: Free Disk Space
+ run: |
+ sudo rm -rf /usr/local/lib/android
+ sudo rm -rf /usr/share/dotnet
  - name: Checkout the repository
  uses: actions/checkout@v3
  with:

.github/workflows/release_droid_prepare_original_checksum.yml

@@ -7,6 +7,10 @@ jobs:
  build:
  runs-on: ubuntu-latest
  steps:
+ - name: Free Disk Space
+ run: |
+ sudo rm -rf /usr/local/lib/android
+ sudo rm -rf /usr/share/dotnet
  - name: Checkout the repository
  uses: actions/checkout@v3
  with:

.github/workflows/release_droid_upload_github_release_assets.yml

@@ -38,6 +38,13 @@ jobs:
  run: |
  cd target
  find . -maxdepth 1 \( -name '*.lua' -o -name '*.sql' \) -exec bash -c 'sha256sum {} > {}.sha256' \;
+ - name: Generate sha256sum files for extension
+ run: cd extension/dist/ && sha256sum row-level-security-extension.js > row-level-security-extension.js.sha256
+ - name: Upload extension
+ uses: shogo82148/actions-upload-release-asset@v1
+ with:
+ upload_url: ${{ github.event.inputs.upload_url }}
+ asset_path: extension/dist/row-level-security-extension.js*
  - name: Upload SQL scripts to the GitHub release draft
  uses: shogo82148/actions-upload-release-asset@v1
  with:

.gitignore

@@ -27,3 +27,10 @@ pom.xml.versionsBackup
 *.orig
 *.old
 *.flattened-pom.xml
+
+# Extension
+/extension/node_modules/
+/extension/dist/
+/extension/src/extension-description.ts
+/extension/coverage/
+/extension-test.properties

doc/changes/changes_1.5.0.md

@@ -0,0 +1,27 @@
+# Exasol Row Level Security (Lua) 1.5.0, released 2023-09-07
+
+Code name: Add Extension
+
+## Summary
+
+This release adds support for the [Extension Manager](https://github.com/exasol/extension-manager/).
+
+## Feature
+
+* #138: Added support for Extension Manager
+
+## Dependency Updates
+
+### Test Dependency Updates
+
+* Added `com.exasol:extension-manager-integration-test-java:0.5.0`
+* Updated `com.exasol:test-db-builder-java:3.4.2` to `3.5.0`
+* Updated `org.junit.jupiter:junit-jupiter-engine:5.9.3` to `5.10.0`
+* Updated `org.junit.jupiter:junit-jupiter-params:5.9.3` to `5.10.0`
+* Updated `org.slf4j:slf4j-jdk14:2.0.7` to `2.0.9`
+* Updated `org.testcontainers:junit-jupiter:1.18.3` to `1.19.0`
+
+### Plugin Dependency Updates
+
+* Updated `com.exasol:project-keeper-maven-plugin:2.9.9` to `2.9.11`
+* Updated `org.apache.maven.plugins:maven-enforcer-plugin:3.3.0` to `3.4.0`

doc/user_guide/user_guide.md

@@ -155,13 +155,13 @@ In case you want to use role-based security, add a column called `EXA_ROW_ROLES
 For our example we will create very simple order item list as shown below.
 
 ```sql
-CREATE OR REPLACE TABLE MY_SCHEMA.ORDER_ITEM 
-( 
- ORDER_ID DECIMAL(18,0), 
- CUSTOMER VARCHAR(50), 
- PRODUCT VARCHAR(100), 
+CREATE OR REPLACE TABLE MY_SCHEMA.ORDER_ITEM
+(
+ ORDER_ID DECIMAL(18,0),
+ CUSTOMER VARCHAR(50),
+ PRODUCT VARCHAR(100),
  QUANTITY DECIMAL(18,0),
- EXA_ROW_ROLES DECIMAL(20,0) 
+ EXA_ROW_ROLES DECIMAL(20,0)
 );
 ```
 
@@ -188,7 +188,7 @@ INSERT INTO MY_SCHEMA.ORDER_ITEM VALUES
 
 An example of updating the table using `ROLES_MASK` function:
 
-```sql 
+```sql
 UPDATE ORDER_ITEM
 SET EXA_ROW_ROLES = (SELECT MY_SCHEMA.ROLES_MASK(ROLE_ID) FROM MY_SCHEMA.EXA_ROLES_MAPPING WHERE ROLE_NAME IN ('Sales', 'Development'))
 WHERE customer IN ('John Smith', 'Jane Doe');
@@ -240,7 +240,7 @@ Delete roles using `DELETE_RLS_ROLE(role_name)` script. The script removes the r
 
 Example:
 
-```sql 
+```sql
 EXECUTE SCRIPT DELETE_RLS_ROLE('Sales');
 ```
 
@@ -253,7 +253,7 @@ If you want to use tenant security, you must add an additional column `EXA_ROW_T
 Example:
 
 ```sql
-CREATE OR REPLACE TABLE MY_SCHEMA.ORDER_ITEM_WITH_TENANT 
+CREATE OR REPLACE TABLE MY_SCHEMA.ORDER_ITEM_WITH_TENANT
 (
  ORDER_ID DECIMAL(18,0),
  CUSTOMER VARCHAR(50),
@@ -318,13 +318,13 @@ In case you want to use group-based security, add a column called `EXA_ROW_GROUP
 For our example we will create very simple order item list as shown below.
 
 ```sql
-CREATE OR REPLACE TABLE MY_SCHEMA.ORDER_ITEM_GROUP 
-( 
- ORDER_ID DECIMAL(18,0), 
- CUSTOMER VARCHAR(50), 
- PRODUCT VARCHAR(100), 
+CREATE OR REPLACE TABLE MY_SCHEMA.ORDER_ITEM_GROUP
+(
+ ORDER_ID DECIMAL(18,0),
+ CUSTOMER VARCHAR(50),
+ PRODUCT VARCHAR(100),
  QUANTITY DECIMAL(18,0),
- EXA_ROW_GROUP VARCHAR(128) 
+ EXA_ROW_GROUP VARCHAR(128)
 );
 ```
 
@@ -374,12 +374,13 @@ CREATE OR REPLACE LUA ADAPTER SCRIPT RLS_SCHEMA.RLS_ADAPTER AS
  end
  end
  )
- 
+
  <copy the whole content of row-level-security-dist-<version>.lua here>
 /
 ;
 ```
 The first fixed part is a module loading preamble that is required with 7.1.0. Later versions will make this unnecessary, the user guide will be updated accordingly if an Exasol release is available that incorporates that module loading feature by default.
+
 ### Creating Virtual Schema
 
 ```sql
@@ -393,7 +394,7 @@ CREATE VIRTUAL SCHEMA RLS_VIRTUAL_SCHEMA
 
 Remember that RLS is an additional layer of access control _on top_ of the measures built into the core database. So in order to read columns in an RLS Virtual Schema, users first need to be allowed to access that schema.
 
-A word or warning before you start granting permissions. Make sure you grant only access to the RLS Virtual Schema to regular users and _not to the orignial_ schema. Otherwise, those users can simply bypass RLS protection by going to the source.
+A word of warning before you start granting permissions. Make sure you grant only access to the RLS Virtual Schema to regular users and _not to the orignial_ schema. Otherwise, those users can simply bypass RLS protection by going to the source.
 
 Here is an example for allowing `SELECT` statements to a user.
 

extension/.eslintrc.cjs

@@ -0,0 +1,14 @@
+module.exports = {
+ root: true,
+ parser: '@typescript-eslint/parser',
+ parserOptions: {
+ tsconfigRootDir: __dirname,
+ project: ['./tsconfig.json'],
+ },
+ plugins: ['@typescript-eslint'],
+ extends: ['eslint:recommended', 'plugin:@typescript-eslint/recommended', 'plugin:@typescript-eslint/recommended-requiring-type-checking'],
+ ignorePatterns: ["src/**/*.test.ts"],
+ rules: {
+ "@typescript-eslint/no-unused-vars": ["error", { argsIgnorePattern: "^_" }]
+ }
+};