From 14f8ff4ab877d449ce7651daa600a922a35dd6ad Mon Sep 17 00:00:00 2001 From: Shahid Ullah Date: Fri, 25 Apr 2025 17:59:57 +0500 Subject: [PATCH 1/3] Adding some helper functions that reduce code duplications in multiple TAP test cases --- contrib/pg_tde/t/pgtde.pm | 54 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) diff --git a/contrib/pg_tde/t/pgtde.pm b/contrib/pg_tde/t/pgtde.pm index 16b98c392a5b4..dc791b3e7194c 100644 --- a/contrib/pg_tde/t/pgtde.pm +++ b/contrib/pg_tde/t/pgtde.pm @@ -81,4 +81,58 @@ sub compare_results return compare($expected_filename_with_path, $out_filename_with_path); } +# Common TDE helpers + +# Check if the encryption status of a table is as expected and return 't' or 'f' +sub check_encryption_status { + my ($node, $table_name, $expected) = @_; + my $result = safe_psql('postgres', "SELECT pg_tde_is_encrypted('$table_name')"); + append_to_result_file($node->name . ": encryption check result for $table_name = $result"); + is($result, $expected, "Check encryption status for '$table_name' on " . $node->name); +} + +# Set up pg_tde extension and add a global key provider and set the server key +sub setup_pg_tde_global_environment { + my ($node, $key_name, $provider_name, $provider_path) = @_; + psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;'); + psql($node, 'postgres', + "SELECT pg_tde_add_global_key_provider_file('$provider_name', '$provider_path');"); + psql($node, 'postgres', + "SELECT pg_tde_set_server_key_using_global_key_provider('$key_name', '$provider_name');"); +} + +# Set up pg_tde extension and add a database key provider and set the database key +sub setup_pg_tde_db_environment { + my ($node, $key_name, $provider_name, $provider_path) = @_; + psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;'); + psql($node, 'postgres', + "SELECT pg_tde_add_database_key_provider_file('$provider_name', '$provider_path');"); + psql($node, 'postgres', + "SELECT pg_tde_set_key_using_database_key_provider('$key_name', '$provider_name');"); +} + +# Set up pg_tde in postgresql.conf +sub enable_pg_tde_in_conf { + my ($node) = @_; + $node->append_conf('postgresql.conf', "shared_preload_libraries = 'pg_tde'"); +} + +# Set default table access method to tde_heap +sub set_default_table_am_tde_heap { + my ($node) = @_; + $node->append_conf('postgresql.conf', "default_table_access_method = 'tde_heap'"); +} + +# Set pg_tde.wal_encrypt and restart the server +sub set_wal_encryption_and_restart { + my ($node, $value) = @_; + + die "Invalid value for wal_encrypt: must be 'on' or 'off'\n" + unless $value eq 'on' || $value eq 'off'; + + psql($node, 'postgres', "ALTER SYSTEM SET pg_tde.wal_encrypt = $value;"); + append_to_result_file("-- server restart with wal encryption = $value"); + $node->restart; +} + 1; From 9b1494075705ca2a8e86fb4cfe0ef0ae878ec433 Mon Sep 17 00:00:00 2001 From: Shahid Ullah Date: Fri, 25 Apr 2025 18:23:04 +0500 Subject: [PATCH 2/3] Fixing indentation issue --- contrib/pg_tde/t/pgtde.pm | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/contrib/pg_tde/t/pgtde.pm b/contrib/pg_tde/t/pgtde.pm index dc791b3e7194c..7f9128aeb604c 100644 --- a/contrib/pg_tde/t/pgtde.pm +++ b/contrib/pg_tde/t/pgtde.pm @@ -84,7 +84,8 @@ sub compare_results # Common TDE helpers # Check if the encryption status of a table is as expected and return 't' or 'f' -sub check_encryption_status { +sub check_encryption_status +{ my ($node, $table_name, $expected) = @_; my $result = safe_psql('postgres', "SELECT pg_tde_is_encrypted('$table_name')"); append_to_result_file($node->name . ": encryption check result for $table_name = $result"); @@ -92,7 +93,8 @@ sub check_encryption_status { } # Set up pg_tde extension and add a global key provider and set the server key -sub setup_pg_tde_global_environment { +sub setup_pg_tde_global_environment +{ my ($node, $key_name, $provider_name, $provider_path) = @_; psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;'); psql($node, 'postgres', @@ -102,7 +104,8 @@ sub setup_pg_tde_global_environment { } # Set up pg_tde extension and add a database key provider and set the database key -sub setup_pg_tde_db_environment { +sub setup_pg_tde_db_environment +{ my ($node, $key_name, $provider_name, $provider_path) = @_; psql($node, 'postgres', 'CREATE EXTENSION IF NOT EXISTS pg_tde;'); psql($node, 'postgres', @@ -112,19 +115,22 @@ sub setup_pg_tde_db_environment { } # Set up pg_tde in postgresql.conf -sub enable_pg_tde_in_conf { +sub enable_pg_tde_in_conf +{ my ($node) = @_; $node->append_conf('postgresql.conf', "shared_preload_libraries = 'pg_tde'"); } # Set default table access method to tde_heap -sub set_default_table_am_tde_heap { +sub set_default_table_am_tde_heap +{ my ($node) = @_; $node->append_conf('postgresql.conf', "default_table_access_method = 'tde_heap'"); } # Set pg_tde.wal_encrypt and restart the server -sub set_wal_encryption_and_restart { +sub set_wal_encryption_and_restart +{ my ($node, $value) = @_; die "Invalid value for wal_encrypt: must be 'on' or 'off'\n" From a6936491afe7136ed39fb86ae1c16ba2390c4c9b Mon Sep 17 00:00:00 2001 From: Shahid Ullah Date: Fri, 25 Apr 2025 18:55:32 +0500 Subject: [PATCH 3/3] Fixing perltidy issue --- contrib/pg_tde/t/pgtde.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/contrib/pg_tde/t/pgtde.pm b/contrib/pg_tde/t/pgtde.pm index 7f9128aeb604c..64fe9fed169a6 100644 --- a/contrib/pg_tde/t/pgtde.pm +++ b/contrib/pg_tde/t/pgtde.pm @@ -87,7 +87,8 @@ sub compare_results sub check_encryption_status { my ($node, $table_name, $expected) = @_; - my $result = safe_psql('postgres', "SELECT pg_tde_is_encrypted('$table_name')"); + my $result = + safe_psql('postgres', "SELECT pg_tde_is_encrypted('$table_name')"); append_to_result_file($node->name . ": encryption check result for $table_name = $result"); is($result, $expected, "Check encryption status for '$table_name' on " . $node->name); }