go-tlsdialer: initial repository setup

To disable SSL by default we want to transfer OpenSslDialer and any other ssl logic to the new go-tlsdialer repository. go-tlsdialer serves as an interlayer between go-tarantool and go-openssl. All ssl logic from go-tarantool is moved to the go-tlsdialer. go-tlsdialer still uses tarantool connection, but also types and methods from go-openssl. This way we are removing the direct go-openssl dependency from go-tarantool, without creating a tarantool dependency in go-openssl. Moved all ssl code from go-tarantool, some test helpers. Added `README.md`, ci workflow. Part of tarantool/go-tarantool#301
tarantool · Jan 31, 2024 · 8fdbf20 · 8fdbf20
1 parent 02359d7
commit 8fdbf20
Show file tree

Hide file tree

Showing 25 changed files with 2,029 additions and 0 deletions.
diff --git a/.codespellrc b/.codespellrc
@@ -0,0 +1,5 @@
+[codespell]
+skip = */testdata,./LICENSE
+ignore-words-list = gost
+count =
+quiet-level = 3
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -0,0 +1,72 @@
+name: Run checks
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  luacheck:
+    runs-on: ubuntu-latest
+    if: |
+      github.event_name == 'push' ||
+      github.event_name == 'pull_request' &&
+      github.event.pull_request.head.repo.full_name != github.repository
+    steps:
+      - uses: actions/checkout@master
+
+      - name: Setup Tarantool
+        uses: tarantool/setup-tarantool@v2
+        with:
+          tarantool-version: '2.8'
+
+      - name: Setup tt
+        run: |
+          curl -L https://tarantool.io/release/2/installer.sh | sudo bash
+          sudo apt install -y tt
+          tt version
+
+      - name: Setup luacheck
+        run: tt rocks install luacheck 0.25.0
+
+      - name: Run luacheck
+        run: ./.rocks/bin/luacheck .
+
+  golangci-lint:
+    runs-on: ubuntu-latest
+    if: |
+      github.event_name == 'push' ||
+      github.event_name == 'pull_request' &&
+      github.event.pull_request.head.repo.full_name != github.repository
+    steps:
+      - uses: actions/setup-go@v2
+
+      - uses: actions/checkout@v2
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        continue-on-error: true
+        with:
+          # The first run is for GitHub Actions error format.
+          args: --config=.golangci.yaml
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v3
+        with:
+          # The second run is for human-readable error format with a file name
+          # and a line number.
+          args: --out-${NO_FUTURE}format colored-line-number --config=.golangci.yaml
+
+  codespell:
+    runs-on: ubuntu-latest
+    if: |
+      github.event_name == 'push' ||
+      github.event_name == 'pull_request' &&
+      github.event.pull_request.head.repo.full_name != github.repository
+    steps:
+      - uses: actions/checkout@master
+
+      - name: Install codespell
+        run: pip3 install codespell
+
+      - name: Run codespell
+        run: codespell
diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml
@@ -0,0 +1,233 @@
+name: testing
+
+on:
+  push:
+  pull_request:
+  pull_request_target:
+    types: [labeled]
+  workflow_dispatch:
+
+jobs:
+  run-tests-ee:
+    # Does not run on pull requests from forks and on forks by default.
+    # Tests from forks will run only when the pull request is labeled with
+    # `full-ci`. To avoid security problems, the label must be reset manually
+    # for every run.
+    #
+    # We need to use `pull_request_target` because it has access to base
+    # repository secrets unlike `pull_request`.
+    if: |
+      github.repository == 'tarantool/go-tlsdialer' &&
+      (github.event_name == 'push' ||
+        (github.event_name == 'pull_request_target' &&
+          github.event.pull_request.head.repo.full_name != github.repository &&
+          github.event.label.name == 'full-ci')) ||
+      github.event_name == 'workflow_dispatch'
+
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        sdk-path:
+          - 'release/linux/x86_64/1.10/'
+        sdk-version:
+          - 'sdk-1.10.15-0-r598'
+        coveralls: [ false ]
+        fuzzing: [ false ]
+        ssl: [ false ]
+        include:
+          - sdk-path: 'release/linux/x86_64/2.10/'
+            sdk-version: 'sdk-gc64-2.10.8-0-r598.linux.x86_64'
+            coveralls: false
+            ssl: true
+          - sdk-path: 'release/linux/x86_64/2.11/'
+            sdk-version: 'sdk-gc64-2.11.1-0-r598.linux.x86_64'
+            coveralls: true
+            ssl: true
+
+    steps:
+      - name: Clone the connector
+        # `ref` as merge request is needed for pull_request_target because this
+        # target runs in the context of the base commit of the pull request.
+        uses: actions/checkout@v3
+        if: github.event_name == 'pull_request_target'
+        with:
+          ref: refs/pull/${{ github.event.pull_request.number }}/merge
+
+      - name: Clone the connector
+        if: github.event_name != 'pull_request_target'
+        uses: actions/checkout@v3
+
+      - name: Setup Tarantool ${{ matrix.sdk-version }}
+        run: |
+          ARCHIVE_NAME=tarantool-enterprise-${{ matrix.sdk-version }}.tar.gz
+          curl -O -L https://${{ secrets.SDK_DOWNLOAD_TOKEN }}@download.tarantool.io/enterprise/${{ matrix.sdk-path }}${ARCHIVE_NAME}
+          tar -xzf ${ARCHIVE_NAME}
+          rm -f ${ARCHIVE_NAME}
+
+      - name: Setup golang for the connector and tests
+        uses: actions/setup-go@v3
+        with:
+          go-version: 1.20
+
+      - name: Run regression tests
+        run: |
+          source tarantool-enterprise/env.sh
+          go test -v -shuffle=on -coverprofile=module-coverage.txt -coverpkg=./... ./...
+        env:
+          TEST_TNT_SSL: ${{matrix.ssl}}
+
+      - name: Collect coverage files
+        shell: bash
+        run: echo "COVERAGES=$(find . -type f -name 'module-coverage.txt' | tr -s '\n' ',' | sed 's/,$//')" >> $GITHUB_ENV
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@81cd2dc8148241f03f5839d295e000b8f761e378 # v3.1.0
+        with:
+          files: '${{ env.COVERAGES }}'
+          env_vars: OS=${{ matrix.os }}, GO=${{ matrix.go }}
+
+  testing_mac_os:
+    # We want to run on external PRs, but not on our own internal
+    # PRs as they'll be run by the push to the branch.
+    #
+    # The main trick is described here:
+    # https://github.com/Dart-Code/Dart-Code/pull/2375
+    if: (github.event_name == 'push') ||
+      (github.event_name == 'pull_request' &&
+      github.event.pull_request.head.repo.full_name != github.repository) ||
+      (github.event_name == 'workflow_dispatch')
+
+    strategy:
+      fail-fast: false
+      matrix:
+        golang:
+          - 1.20
+        runs-on:
+          - macos-11
+          - macos-12
+        tarantool:
+          - brew
+          - 1.10.15
+
+    env:
+      # Make sense only for non-brew jobs.
+      #
+      # Set as absolute paths to avoid any possible confusion
+      # after changing a current directory.
+      T_VERSION: ${{ matrix.tarantool }}
+      T_SRCDIR: ${{ format('{0}/tarantool-{1}', github.workspace, matrix.tarantool) }}
+      T_TARDIR: ${{ format('{0}/tarantool-{1}-build', github.workspace, matrix.tarantool) }}
+      SRCDIR: ${{ format('{0}/{1}', github.workspace, github.repository) }}
+
+    runs-on: ${{ matrix.runs-on }}
+    steps:
+      - name: Clone the connector
+        uses: actions/checkout@v3
+        with:
+          path: ${{ env.SRCDIR }}
+
+      - name: Restore cache of tarantool ${{ env.T_VERSION }}
+        uses: actions/cache@v3
+        id: cache
+        with:
+          path: ${{ env.T_TARDIR }}
+          key: ${{ matrix.runs-on }}-${{ matrix.tarantool }}
+        if: matrix.tarantool != 'brew'
+
+      - name: Install latest tarantool from brew
+        run: brew install tarantool
+        if: matrix.tarantool == 'brew'
+
+      - name: Clone tarantool ${{ env.T_VERSION }}
+        uses: actions/checkout@v3
+        with:
+          repository: tarantool/tarantool
+          ref: ${{ env.T_VERSION }}
+          path: ${{ env.T_TARDIR }}
+          submodules: true
+          # fetch-depth is 1 by default and it is okay for
+          # building from a tag. However we have master in
+          # the version list.
+          fetch-depth: 0
+        if: matrix.tarantool != 'brew' && steps.cache.outputs.cache-hit != 'true'
+
+      - name: Build tarantool ${{ env.T_VERSION }} from sources
+        run: |
+          cd "${T_TARDIR}"
+          # Set RelWithDebInfo just to disable -Werror.
+          #
+          # There are tarantool releases on which AppleClang
+          # complains about the problem that was fixed later in
+          # https://github.com/tarantool/tarantool/commit/7e8688ff8885cc7813d12225e03694eb8886de29
+          #
+          # Set OpenSSL root directory for linking tarantool with OpenSSL of version 1.1
+          # This is related to #49. There are too much deprecations which affect the build and tests.
+          # Must be revisited after fixing https://github.com/tarantool/tarantool/issues/6477
+          cmake . -DCMAKE_BUILD_TYPE=RelWithDebInfo -DENABLE_DIST=ON -DOPENSSL_ROOT_DIR=/usr/local/opt/openssl@1.1 -DOPENSSL_LIBRARIES=/usr/local/opt/openssl@1.1/lib
+          # {{{ Workaround Mac OS build failure (gh-6076)
+          #
+          # https://github.com/tarantool/tarantool/issues/6076
+          #
+          # In brief: when "src/lib/small" is in include paths,
+          # `#include <version>` from inside Mac OS SDK headers
+          # attempts to include "src/lib/small/VERSION" as a
+          # header file that leads to a syntax error.
+          #
+          # It was fixed in the following commits:
+          #
+          # * 1.10.10-24-g7bce4abd1
+          # * 2.7.2-44-gbb1d32903
+          # * 2.8.1-56-ga6c29c5af
+          # * 2.9.0-84-gc5ae543f3
+          #
+          # However applying the workaround for all versions looks
+          # harmless.
+          #
+          # Added -f just in case: I guess we'll drop this useless
+          # obsoleted VERSION file from the git repository sooner
+          # or later.
+          rm -f src/lib/small/VERSION
+          # The same as above, but for the VERSION file generated
+          # by tarantool's CMake script.
+          rm VERSION
+          # }}} Workaround Mac OS build failure (gh-6076)
+          # Continue the build.
+          make -j$(sysctl -n hw.logicalcpu)
+          make install
+        if: matrix.tarantool != 'brew' && steps.cache.outputs.cache-hit != 'true'
+
+      - name: Install tarantool
+        run: |
+          cd "${T_TARDIR}"
+          make install
+        if: matrix.tarantool != 'brew' && steps.cache.outputs.cache-hit == 'true'
+
+      - name: Verify tarantool version
+        run: |
+          # Workaround https://github.com/tarantool/tarantool/issues/4983
+          # Workaround https://github.com/tarantool/tarantool/issues/5040
+          tarantool -e "require('fiber').sleep(0) assert(_TARANTOOL:startswith('${T_VERSION}'), _TARANTOOL) os.exit()"
+        if: matrix.tarantool != 'brew' && matrix.tarantool != 'master'
+
+      - name: Setup golang for the connector and tests
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ matrix.golang }}
+
+      # Workaround for Mac OS 12 testrace failure
+      # https://github.com/golang/go/issues/49138
+      - name: disable MallocNanoZone for macos-12
+        run: echo "MallocNanoZone=0" >> $GITHUB_ENV
+        if: matrix.runs-on  == 'macos-12'
+
+      # Workaround issue https://github.com/tarantool/tt/issues/640
+      - name: Fix tt rocks
+        if: matrix.tarantool == 'brew'
+        run: |
+          brew ls --verbose tarantool | grep macosx.lua | xargs rm -f
+
+      - name: Run regression tests
+        run: |
+          cd "${SRCDIR}"
+          go test -v -coverprofile=module-coverage.txt -coverpkg=./... ./...
diff --git a/.golangci.yaml b/.golangci.yaml
@@ -0,0 +1,30 @@
+run:
+  timeout: 3m
+
+linters:
+  disable:
+    - errcheck
+  enable:
+    - forbidigo
+    - gocritic
+    - goimports
+    - lll
+    - reassign
+    - stylecheck
+    - unconvert
+
+linters-settings:
+  gocritic:
+    disabled-checks:
+      - ifElseChain
+  lll:
+    line-length: 100
+    tab-width: 4
+  stylecheck:
+    checks: ["all", "-ST1003"]
+
+issues:
+  exclude-rules:
+    - linters:
+      - lll
+      source: "\t?// *(see )?https://"
diff --git a/.luacheckrc b/.luacheckrc
@@ -0,0 +1,28 @@
+redefined = false
+
+globals = {
+    'box',
+    'utf8',
+    'checkers',
+    '_TARANTOOL'
+}
+
+include_files = {
+    '**/*.lua',
+    '*.luacheckrc',
+    '*.rockspec'
+}
+
+exclude_files = {
+    '**/*.rocks/'
+}
+
+max_line_length = 120
+
+ignore = {
+    "212/self",   -- Unused argument <self>.
+    "411",        -- Redefining a local variable.
+    "421",        -- Shadowing a local variable.
+    "431",        -- Shadowing an upvalue.
+    "432",        -- Shadowing an upvalue argument.
+}
diff --git a/README.md b/README.md