Fixed Package testing and Tarball PG tests

Author: Mohit Joshi

postgresql/package_testing/debian11/provision.sh

@@ -19,15 +19,18 @@ sudo sed -i -E "s|^\s*shared_preload_libraries\s*=\s*'[^']*'|shared_preload_libr
 sudo systemctl restart postgresql
 
 # Test pg_tde
+rm -rf /tmp/keyring.per
 sudo -u postgres psql <<EOF
 SELECT version();
 CREATE EXTENSION pg_tde;
 SELECT pg_tde_add_global_key_provider_file('global_file_provider','/tmp/keyring.per');
 SELECT pg_tde_add_database_key_provider_file('local_file_provider','/tmp/keyring.per');
+
 SELECT pg_tde_create_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('server_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('default_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_database_key_provider('database_key', 'local_file_provider');
+
 SELECT pg_tde_set_key_using_database_key_provider('database_key', 'local_file_provider');
 SELECT pg_tde_set_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('server_key', 'global_file_provider');
@@ -36,7 +39,7 @@ SELECT pg_tde_set_default_key_using_global_key_provider('default_key', 'global_f
 CREATE TABLE t1(id INT, data TEXT) USING tde_heap;
 INSERT INTO t1 VALUES (1, 'secret');
 SELECT * FROM t1;
-ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON'
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON';
 EOF
 
 # Enable WAL encryption
@@ -50,9 +53,23 @@ SELECT pg_tde_key_info();
 SELECT pg_tde_server_key_info();
 SELECT pg_tde_default_key_info();
 SELECT * FROM t1;
+
 SELECT pg_tde_is_encrypted('t1');
 SHOW pg_tde.wal_encrypt;
-DROP EXTENSION pg_tde CASCADE;
+
+SELECT pg_tde_delete_key();
+DROP TABLE t1;
+SELECT pg_tde_delete_default_key();
+
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'OFF';
+EOF
+
+# Disable WAL encryption
+sudo systemctl restart postgresql
+
+sudo -u postgres psql <<EOF
+SHOW pg_tde.wal_encrypt;
+DROP EXTENSION pg_tde;
 EOF
 
 # Stop server

postgresql/package_testing/debian12/provision.sh

@@ -19,15 +19,18 @@ sudo sed -i -E "s|^\s*shared_preload_libraries\s*=\s*'[^']*'|shared_preload_libr
 sudo systemctl restart postgresql
 
 # Test pg_tde
+rm -rf /tmp/keyring.per
 sudo -u postgres psql <<EOF
 SELECT version();
 CREATE EXTENSION pg_tde;
 SELECT pg_tde_add_global_key_provider_file('global_file_provider','/tmp/keyring.per');
 SELECT pg_tde_add_database_key_provider_file('local_file_provider','/tmp/keyring.per');
+
 SELECT pg_tde_create_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('server_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('default_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_database_key_provider('database_key', 'local_file_provider');
+
 SELECT pg_tde_set_key_using_database_key_provider('database_key', 'local_file_provider');
 SELECT pg_tde_set_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('server_key', 'global_file_provider');
@@ -36,7 +39,7 @@ SELECT pg_tde_set_default_key_using_global_key_provider('default_key', 'global_f
 CREATE TABLE t1(id INT, data TEXT) USING tde_heap;
 INSERT INTO t1 VALUES (1, 'secret');
 SELECT * FROM t1;
-ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON'
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON';
 EOF
 
 # Enable WAL encryption
@@ -50,9 +53,23 @@ SELECT pg_tde_key_info();
 SELECT pg_tde_server_key_info();
 SELECT pg_tde_default_key_info();
 SELECT * FROM t1;
+
 SELECT pg_tde_is_encrypted('t1');
 SHOW pg_tde.wal_encrypt;
-DROP EXTENSION pg_tde CASCADE;
+
+SELECT pg_tde_delete_key();
+DROP TABLE t1;
+SELECT pg_tde_delete_default_key();
+
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'OFF';
+EOF
+
+# Disable WAL encryption
+sudo systemctl restart postgresql
+
+sudo -u postgres psql <<EOF
+SHOW pg_tde.wal_encrypt;
+DROP EXTENSION pg_tde;
 EOF
 
 # Stop server

postgresql/package_testing/ol8/provision.sh

@@ -22,15 +22,18 @@ sudo sed -i -E "s|^\s*shared_preload_libraries\s*=\s*'[^']*'|shared_preload_libr
 sudo systemctl restart postgresql-17
 
 # Test pg_tde
+rm -rf /tmp/keyring.per
 sudo -u postgres psql <<EOF
 SELECT version();
 CREATE EXTENSION pg_tde;
 SELECT pg_tde_add_global_key_provider_file('global_file_provider','/tmp/keyring.per');
 SELECT pg_tde_add_database_key_provider_file('local_file_provider','/tmp/keyring.per');
+
 SELECT pg_tde_create_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('server_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('default_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_database_key_provider('database_key', 'local_file_provider');
+
 SELECT pg_tde_set_key_using_database_key_provider('database_key', 'local_file_provider');
 SELECT pg_tde_set_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('server_key', 'global_file_provider');
@@ -39,7 +42,7 @@ SELECT pg_tde_set_default_key_using_global_key_provider('default_key', 'global_f
 CREATE TABLE t1(id INT, data TEXT) USING tde_heap;
 INSERT INTO t1 VALUES (1, 'secret');
 SELECT * FROM t1;
-ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON'
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON';
 EOF
 
 # Enable WAL encryption
@@ -53,9 +56,23 @@ SELECT pg_tde_key_info();
 SELECT pg_tde_server_key_info();
 SELECT pg_tde_default_key_info();
 SELECT * FROM t1;
+
 SELECT pg_tde_is_encrypted('t1');
 SHOW pg_tde.wal_encrypt;
-DROP EXTENSION pg_tde CASCADE;
+
+SELECT pg_tde_delete_key();
+DROP TABLE t1;
+SELECT pg_tde_delete_default_key();
+
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'OFF';
+EOF
+
+# Disable WAL encryption
+sudo systemctl restart postgresql-17
+
+sudo -u postgres psql <<EOF
+SHOW pg_tde.wal_encrypt;
+DROP EXTENSION pg_tde;
 EOF
 
 # Stop server

postgresql/package_testing/ol9/provision.sh

@@ -22,15 +22,18 @@ sudo sed -i -E "s|^\s*shared_preload_libraries\s*=\s*'[^']*'|shared_preload_libr
 sudo systemctl restart postgresql-17
 
 # Test pg_tde
+rm -rf /tmp/keyring.per
 sudo -u postgres psql <<EOF
 SELECT version();
 CREATE EXTENSION pg_tde;
 SELECT pg_tde_add_global_key_provider_file('global_file_provider','/tmp/keyring.per');
 SELECT pg_tde_add_database_key_provider_file('local_file_provider','/tmp/keyring.per');
+
 SELECT pg_tde_create_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('server_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('default_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_database_key_provider('database_key', 'local_file_provider');
+
 SELECT pg_tde_set_key_using_database_key_provider('database_key', 'local_file_provider');
 SELECT pg_tde_set_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('server_key', 'global_file_provider');
@@ -39,7 +42,7 @@ SELECT pg_tde_set_default_key_using_global_key_provider('default_key', 'global_f
 CREATE TABLE t1(id INT, data TEXT) USING tde_heap;
 INSERT INTO t1 VALUES (1, 'secret');
 SELECT * FROM t1;
-ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON'
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON';
 EOF
 
 # Enable WAL encryption
@@ -53,9 +56,23 @@ SELECT pg_tde_key_info();
 SELECT pg_tde_server_key_info();
 SELECT pg_tde_default_key_info();
 SELECT * FROM t1;
+
 SELECT pg_tde_is_encrypted('t1');
 SHOW pg_tde.wal_encrypt;
-DROP EXTENSION pg_tde CASCADE;
+
+SELECT pg_tde_delete_key();
+DROP TABLE t1;
+SELECT pg_tde_delete_default_key();
+
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'OFF';
+EOF
+
+# Disable WAL encryption
+sudo systemctl restart postgresql-17
+
+sudo -u postgres psql <<EOF
+SHOW pg_tde.wal_encrypt;
+DROP EXTENSION pg_tde;
 EOF
 
 # Stop server

postgresql/package_testing/ubuntu20/provision.sh

@@ -19,15 +19,18 @@ sudo sed -i -E "s|^\s*shared_preload_libraries\s*=\s*'[^']*'|shared_preload_libr
 sudo systemctl restart postgresql
 
 # Test pg_tde
+rm -rf /tmp/keyring.per
 sudo -u postgres psql <<EOF
 SELECT version();
 CREATE EXTENSION pg_tde;
 SELECT pg_tde_add_global_key_provider_file('global_file_provider','/tmp/keyring.per');
 SELECT pg_tde_add_database_key_provider_file('local_file_provider','/tmp/keyring.per');
+
 SELECT pg_tde_create_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('server_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('default_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_database_key_provider('database_key', 'local_file_provider');
+
 SELECT pg_tde_set_key_using_database_key_provider('database_key', 'local_file_provider');
 SELECT pg_tde_set_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('server_key', 'global_file_provider');
@@ -36,7 +39,7 @@ SELECT pg_tde_set_default_key_using_global_key_provider('default_key', 'global_f
 CREATE TABLE t1(id INT, data TEXT) USING tde_heap;
 INSERT INTO t1 VALUES (1, 'secret');
 SELECT * FROM t1;
-ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON'
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON';
 EOF
 
 # Enable WAL encryption
@@ -50,9 +53,23 @@ SELECT pg_tde_key_info();
 SELECT pg_tde_server_key_info();
 SELECT pg_tde_default_key_info();
 SELECT * FROM t1;
+
 SELECT pg_tde_is_encrypted('t1');
 SHOW pg_tde.wal_encrypt;
-DROP EXTENSION pg_tde CASCADE;
+
+SELECT pg_tde_delete_key();
+DROP TABLE t1;
+SELECT pg_tde_delete_default_key();
+
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'OFF';
+EOF
+
+# Disable WAL encryption
+sudo systemctl restart postgresql
+
+sudo -u postgres psql <<EOF
+SHOW pg_tde.wal_encrypt;
+DROP EXTENSION pg_tde;
 EOF
 
 # Stop server

postgresql/package_testing/ubuntu22/provision.sh

@@ -19,15 +19,18 @@ sudo sed -i -E "s|^\s*shared_preload_libraries\s*=\s*'[^']*'|shared_preload_libr
 sudo systemctl restart postgresql
 
 # Test pg_tde
+rm -rf /tmp/keyring.per
 sudo -u postgres psql <<EOF
 SELECT version();
 CREATE EXTENSION pg_tde;
 SELECT pg_tde_add_global_key_provider_file('global_file_provider','/tmp/keyring.per');
 SELECT pg_tde_add_database_key_provider_file('local_file_provider','/tmp/keyring.per');
+
 SELECT pg_tde_create_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('server_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('default_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_database_key_provider('database_key', 'local_file_provider');
+
 SELECT pg_tde_set_key_using_database_key_provider('database_key', 'local_file_provider');
 SELECT pg_tde_set_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('server_key', 'global_file_provider');
@@ -36,7 +39,7 @@ SELECT pg_tde_set_default_key_using_global_key_provider('default_key', 'global_f
 CREATE TABLE t1(id INT, data TEXT) USING tde_heap;
 INSERT INTO t1 VALUES (1, 'secret');
 SELECT * FROM t1;
-ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON'
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON';
 EOF
 
 # Enable WAL encryption
@@ -50,9 +53,23 @@ SELECT pg_tde_key_info();
 SELECT pg_tde_server_key_info();
 SELECT pg_tde_default_key_info();
 SELECT * FROM t1;
+
 SELECT pg_tde_is_encrypted('t1');
 SHOW pg_tde.wal_encrypt;
-DROP EXTENSION pg_tde CASCADE;
+
+SELECT pg_tde_delete_key();
+DROP TABLE t1;
+SELECT pg_tde_delete_default_key();
+
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'OFF';
+EOF
+
+# Disable WAL encryption
+sudo systemctl restart postgresql
+
+sudo -u postgres psql <<EOF
+SHOW pg_tde.wal_encrypt;
+DROP EXTENSION pg_tde;
 EOF
 
 # Stop server

postgresql/package_testing/ubuntu24/provision.sh

@@ -19,15 +19,18 @@ sudo sed -i -E "s|^\s*shared_preload_libraries\s*=\s*'[^']*'|shared_preload_libr
 sudo systemctl restart postgresql
 
 # Test pg_tde
+rm -rf /tmp/keyring.per
 sudo -u postgres psql <<EOF
 SELECT version();
 CREATE EXTENSION pg_tde;
 SELECT pg_tde_add_global_key_provider_file('global_file_provider','/tmp/keyring.per');
 SELECT pg_tde_add_database_key_provider_file('local_file_provider','/tmp/keyring.per');
+
 SELECT pg_tde_create_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('server_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_global_key_provider('default_key', 'global_file_provider');
 SELECT pg_tde_create_key_using_database_key_provider('database_key', 'local_file_provider');
+
 SELECT pg_tde_set_key_using_database_key_provider('database_key', 'local_file_provider');
 SELECT pg_tde_set_key_using_global_key_provider('global_database_key', 'global_file_provider');
 SELECT pg_tde_set_server_key_using_global_key_provider('server_key', 'global_file_provider');
@@ -36,7 +39,7 @@ SELECT pg_tde_set_default_key_using_global_key_provider('default_key', 'global_f
 CREATE TABLE t1(id INT, data TEXT) USING tde_heap;
 INSERT INTO t1 VALUES (1, 'secret');
 SELECT * FROM t1;
-ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON'
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'ON';
 EOF
 
 # Enable WAL encryption
@@ -50,9 +53,23 @@ SELECT pg_tde_key_info();
 SELECT pg_tde_server_key_info();
 SELECT pg_tde_default_key_info();
 SELECT * FROM t1;
+
 SELECT pg_tde_is_encrypted('t1');
 SHOW pg_tde.wal_encrypt;
-DROP EXTENSION pg_tde CASCADE;
+
+SELECT pg_tde_delete_key();
+DROP TABLE t1;
+SELECT pg_tde_delete_default_key();
+
+ALTER SYSTEM SET pg_tde.wal_encrypt = 'OFF';
+EOF
+
+# Disable WAL encryption
+sudo systemctl restart postgresql
+
+sudo -u postgres psql <<EOF
+SHOW pg_tde.wal_encrypt;
+DROP EXTENSION pg_tde;
 EOF
 
 # Stop server