Fixing issues with running installcheck-world with pg_tde

.github/workflows/psp-matrix.yml

@@ -0,0 +1,19 @@
+name: PSP
+on:
+  pull_request:
+  workflow_dispatch:
+
+jobs:
+  build:
+    name: PSP
+    strategy:
+      matrix:
+        os: ['ubuntu-22.04']
+        build_type: [debug,debugoptimized]
+        build_script: [make, meson]
+    uses: ./.github/workflows/psp-reusable.yml
+    with:
+        os: ${{ matrix.os }}
+        build_type: ${{ matrix.build_type }}
+        build_script: ${{ matrix.build_script }}
+    secrets: inherit

.github/workflows/psp-reusable.yml

@@ -0,0 +1,123 @@
+name: PSP-Reusable
+on:
+  workflow_call:
+    inputs:
+      os:
+        type: string
+        required: true
+      build_type:
+        type: string
+        required: true
+      build_script:
+        type: string
+        required: true
+
+env:
+  artifact_name: build-${{ inputs.os }}-${{ inputs.build_script }}-${{ inputs.build_type }}
+
+jobs:
+  build:
+    name: Build PSP
+    runs-on: ${{ inputs.os }}
+    steps:
+
+      - name: Clone repository
+        uses: actions/checkout@v4
+        with:
+          path: 'src'
+          submodules: recursive
+          ref: ${{ github.ref }}
+
+      - name: Install dependencies
+        run: src/ci_scripts/ubuntu-deps.sh
+
+      - name: Build postgres
+        run: src/ci_scripts/${{ inputs.build_script }}-build.sh ${{ inputs.build_type }}
+
+      - name: 'Tar files'
+        run: tar -czf artifacts.tar src pginst
+
+      - name: Upload build artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.artifact_name }}
+          overwrite: true
+          path: |
+            artifacts.tar
+          retention-days: 1
+
+  test:
+    name: Test PSP
+    runs-on: ${{ inputs.os }}
+    needs: build
+
+    steps: 
+      - name: Download build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.artifact_name }}
+          path: .
+
+      - name: 'Untar files'
+        run: tar -xzf artifacts.tar
+
+      - name: Install dependencies
+        run: src/ci_scripts/ubuntu-deps.sh
+
+      - name: Setup kmip and vault
+        run: src/ci_scripts/setup-keyring-servers.sh
+
+      - name: Test postgres
+        run: src/ci_scripts/${{ inputs.build_script }}-test.sh
+
+      - name: Report on test fail
+        uses: actions/upload-artifact@v4
+        if: ${{ failure() }}
+        with:
+          name: testlog-ubuntu-${{ inputs.ubuntu_version }}.04-meson-${{ inputs.build_type }}
+          path: |
+            src/build/testrun/
+            src/contrib/*/t/
+            src/contrib/*/results
+            src/contrib/*/regression.diffs
+            src/contrib/*/regression.out
+          retention-days: 3
+
+  test_tde:
+    name: Test PSP with TDE
+    runs-on: ${{ inputs.os }}
+    if: inputs.build_script == 'make'
+    needs: build
+
+    steps: 
+
+      - name: Download build artifacts
+        uses: actions/download-artifact@v4
+        with:
+          name: ${{ env.artifact_name }}
+          path: .
+
+      - name: 'Untar files'
+        run: tar -xzf artifacts.tar
+
+      - name: Install dependencies
+        run: src/ci_scripts/ubuntu-deps.sh 
+
+      - name: Setup kmip and vault
+        run: src/ci_scripts/setup-keyring-servers.sh
+
+      - name: Test postgres with TDE
+        run: src/ci_scripts/${{ inputs.build_script }}-test-tde.sh
+
+      - name: Report on test fail
+        uses: actions/upload-artifact@v4
+        if: ${{ failure() }}
+        with:
+          name: testlog-tde-${{ inputs.os }}-${{  inputs.build_script }}-${{ inputs.build_type }}
+          path: |
+            src/build/testrun/
+            src/contrib/*/t/
+            src/contrib/*/results
+            src/contrib/*/regression.diffs
+            src/contrib/*/regression.out
+          retention-days: 3

.gitignore

@@ -31,6 +31,7 @@ win32ver.rc
 *.exe
 lib*dll.def
 lib*.pc
+.vscode
 
 # Local excludes in root directory
 /GNUmakefile

.scripts/make-build.sh → ci_scripts/make-build.sh

@@ -1,6 +1,10 @@
 #!/bin/bash
 
+export TDE_MODE=1
+
 SCRIPT_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
+INSTALL_DIR="$SCRIPT_DIR/../../pginst"
+
 
 cd "$SCRIPT_DIR/../"
 
@@ -9,5 +13,5 @@ if [ "$1" = "debugoptimized" ]; then
     export CXXFLAGS="-O2"
 fi
 
-./configure --enable-debug --enable-cassert --enable-tap-tests 
-make
+./configure --enable-debug --enable-cassert --enable-tap-tests --prefix=$INSTALL_DIR
+make install-world -j

ci_scripts/make-test-tde.sh

@@ -0,0 +1,20 @@
+#!/bin/bash
+
+export TDE_MODE=1
+
+SCRIPT_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
+INSTALL_DIR="$SCRIPT_DIR/../../pginst"
+
+cd "$SCRIPT_DIR/../"
+
+export PATH=$INSTALL_DIR/bin:$PATH
+export PGDATA=$INSTALL_DIR/data
+
+initdb -D $PGDATA
+
+echo "shared_preload_libraries ='pg_tde'" >> $PGDATA/postgresql.conf
+echo "pg_tde.wal_encrypt = on" >> $PGDATA/postgresql.conf
+
+pg_ctl -D $PGDATA start
+
+EXTRA_REGRESS_OPTS="--extra-setup=$SCRIPT_DIR/tde_setup.sql --load-extension=pg_tde" make installcheck-world -k

.scripts/make-test.sh → ci_scripts/make-test.sh

@@ -1,6 +1,9 @@
 #!/bin/bash
 
+export TDE_MODE=1
+
 SCRIPT_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
+INSTALL_DIR="$SCRIPT_DIR/../../pginst"
 
 cd "$SCRIPT_DIR/../"
 

.scripts/meson-build.sh → ci_scripts/meson-build.sh

@@ -4,5 +4,5 @@ SCRIPT_DIR="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
 
 cd "$SCRIPT_DIR/../"
 
-meson setup build --prefix `pwd`/../inst --buildtype=$1 -Dcassert=true -Dtap_tests=enabled
+meson setup build --prefix `pwd`/../pginst --buildtype=$1 -Dcassert=true -Dtap_tests=enabled
 cd build && ninja && ninja install

ci_scripts/meson-test-tde.sh

@@ -0,0 +1 @@
+# Nop for now: meson doesn't have EXTRA_REGRESS_OPTS

ci_scripts/tde_setup.sql

@@ -0,0 +1,6 @@
+CREATE EXTENSION IF NOT EXISTS pg_tde;
+SELECT pg_tde_add_key_provider_file('reg_file-vault', '/tmp/pg_tde_test_keyring.per');
+SELECT pg_tde_set_principal_key('test-db-principal-key', 'reg_file-vault');
+ALTER SYSTEM SET default_table_access_method='tde_heap';
+SET default_table_access_method='tde_heap';
+SELECT pg_reload_conf();

.scripts/ubuntu-deps.sh → ci_scripts/ubuntu-deps.sh

@@ -2,7 +2,7 @@
 
 sudo apt update
 
-sudo apt install -y libreadline6-dev systemtap-sdt-dev zlib1g-dev libssl-dev libpam0g-dev bison flex libxml2 libxml2-utils libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev libsystemd-dev gettext tcl-dev libperl-dev pkg-config libselinux1-dev python3-dev uuid-dev liblz4-dev meson ninja-build gpg wget libcurl4-openssl-dev
+sudo apt install -y libreadline6-dev systemtap-sdt-dev zlib1g-dev libssl-dev libpam0g-dev bison flex libxml2 libxml2-utils libxml2-dev libxslt-dev xsltproc libkrb5-dev libldap2-dev libsystemd-dev gettext tcl-dev libperl-dev pkg-config libselinux1-dev python3-dev uuid-dev liblz4-dev meson ninja-build gpg wget libcurl4-openssl-dev libxml2-utils docbook-xsl xsltproc
 
 bash -c "$(wget -O - https://apt.llvm.org/llvm.sh)"
 

contrib/amcheck/verify_heapam.c

@@ -305,7 +305,7 @@ verify_heapam(PG_FUNCTION_ARGS)
 	 * Other relkinds might be using a different AM, so check.
 	 */
 	if (ctx.rel->rd_rel->relkind != RELKIND_SEQUENCE &&
-		ctx.rel->rd_rel->relam != HEAP_TABLE_AM_OID)
+		ctx.rel->rd_rel->relam != HEAP_TABLE_AM_OID && ctx.rel->rd_rel->relam != get_tde_table_am_oid())
 		ereport(ERROR,
 				(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
 				 errmsg("only heap AM is supported")));