v2 - Use tedious mssql module instead of sqlcmd #96
Conversation
zijchen
changed the title
|
@dzsquared @udeeshagautam thoughts on merging PR directly to main branch or have all changes on a feature branch until we're ready for v2 release? |
please merge to a v2 branch, folks may have @master referenced in workflows using the action. |
zijchen
changed the title
|
I made 1 more large edit to this PR: |
zijchen
changed the title
| @@ -1,5 +1,7 @@ | |||
| export default class Constants { | |||
| static readonly ipv4MatchPattern = /\b\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}\b/; | |||
| static readonly connectionStringTester = /^[;\s]*([\w\s]+=(?:('[^']*(''[^']*)*')|("[^"]*(""[^"]*)*")|((?!['"])[^;]*)))(;[;\s]*([\w\s]+=(?:('[^']*(''[^']*)*')|("[^"]*(""[^"]*)*")|((?!['"])[^;]*))))*[;\s]*$/; | |||
There was a problem hiding this comment.
Oof, that's a beefy regex. Regex is a powerful tool, but should be wielded carefully because it's difficult to review/debug. Did you get this regex from somewhere official, or write it yourself?
I think I'd rather have a function that manually parses a connection string; probs would be more performant, too.
There was a problem hiding this comment.
It's from the file I replaced (SqlConnectionConfig replaced SqlConnectionStringBuilder)
sql-action/src/SqlConnectionStringBuilder.ts
Lines 26 to 27 in 7e69fdc
src/FirewallManager.ts
Outdated
| @@ -11,7 +11,7 @@ export default class FirewallManager { | |||
| core.debug(`Client has access to Sql server. Skip adding firewall exception.`); | |||
| return; | |||
| } | |||
| console.log(`Client does not have access to Sql server. Adding firewall exception for client's IP address.`) | |||
| console.log(`Client does not have access to Sql server. Adding firewall exception for client's IP address.`); | |||
There was a problem hiding this comment.
core.debug vs. console.log? Dunno whether these should use the same printout method.
There was a problem hiding this comment.
core.debug only logs when debug logging is enabled
console.log will display 100% of the time, so I think this makes sense
| @@ -47,20 +43,28 @@ export default async function run() { | |||
| } | |||
| } | |||
|
|
|||
| function setUserAgentVariable(): void { | |||
There was a problem hiding this comment.
Is this UA construction defined/specced anywhere that you could add a link to?
There was a problem hiding this comment.
I'm not sure, couldn't find any documentation. This logic was already there, I just moved it to its own private function. I'll keep an eye out in the docs if I come across anything like this.
| @@ -123,7 +122,7 @@ export default class AzureSqlAction { | |||
|
|
|||
| switch (inputs.sqlpackageAction) { | |||
| case SqlPackageAction.Publish: { | |||
| args += `/Action:Publish /TargetConnectionString:"${inputs.connectionString.connectionString}" /SourceFile:"${inputs.dacpacPackage}"`; | |||
| args += `/Action:Publish /TargetConnectionString:"${inputs.connectionConfig.ConnectionString}" /SourceFile:"${inputs.dacpacPackage}"`; | |||
There was a problem hiding this comment.
Might you need to escape any doublequotes inside the connection string here?
There was a problem hiding this comment.
Good point, I'll add a test case for that also
There was a problem hiding this comment.
Actually I don't believe this needs to be escaped. This string is the same as the one user supplied on the command line, so it should be properly escaped already otherwise it will fail validation early on.
src/SqlUtils.ts
Outdated
| stderr: (data: Buffer) => sqlCmdError += data.toString() | ||
| } | ||
| }); | ||
| core.debug(`Validating if client ' has access to SQL Server '${connectionConfig.Config.server}'.`); |
There was a problem hiding this comment.
extra ' here: Validating if client ' has access...?
* v2 - Use tedious mssql module instead of sqlcmd (#96) * Use tedious mssql library instead of sqlcmd * Fix mssql connection * Fix SqlUtils tests * Use config instead of connection string * Replace conn string builder with mssql config * Connect to master db * Restore connection string validation regex * PR comments, fix error handling * Update main.js * Use try catch for error handling * Fix typo * v2 - Change script action from sqlcmd to mssql query (#99) * Change script action from sqlcmd to mssql query * Update action.yml * Fully qualify Table1 in sql script * Add more debug logging * Clone config before changing db to master * Cleanup * Set TEST_DB name before cleanup * Use runner.temp * Always cleanup * PR comments * Fix database cleanup step in pr-check (#101) * Debug script contents * Fix sed command * Remove debug * v2 - Add support for AAD password, AAD default, and AAD service principal auth (#100) * Use tedious mssql library instead of sqlcmd * Fix mssql connection * Fix SqlUtils tests * Use config instead of connection string * Replace conn string builder with mssql config * Connect to master db * Restore connection string validation regex * AAD auth * Add support for client and tenant IDs * Add more debug messaging * Fix connection string find array * Make client-id and tenant-id action inputs * Fix error handling * More fixes * Use try catch instead * Add tests to pr-check.yml * Change script action from sqlcmd to mssql query * Update action.yml * Fully qualify Table1 in sql script * Add more debug logging * Clone config before changing db to master * Cleanup * Set TEST_DB name before cleanup * Use runner.temp * Always cleanup * Add tests for different auth types * Mask tenant and client IDs * Add AAD password test to pr-check.yml * Fix yaml * Limit max-parallel to 2 * Add test for service principal * PR comments * Fix typo * Cleanup sqlcmd references (#102) * Retry connection with user DB if master connection fails (#104) * Retry with DB connection if master fails * Add tests * Add ConnectionResult interface * Add missing doc comment * PR comments * PR Comments * Download and extract go-sqlcmd before main action (#108) * Add setup script to download go-sqlcmd * Add sqlcmd call to pr-check.yml * Add bz2 specific extract tar * Move setup code to main * Move setup code to main * Fix casing of Setup.ts * Use go-sqlcmd for script action (#113) * call go-sqlcmd for script action * Fix auth options not flowing through * Add test cases * Restore sqlcmd variable in cleanup script * Fix pr-check cleanup * Undo changes to pr-check.yml * Undo pr-check.yml changes * PR comments * Change inputs (#105) * Update SQL API version to 2021-11-01 (#117) * Add support for Script, DeployReport, and DriftReport (#106) * Change inputs * Add other publish like actions * Add tests * Fix test * PR comments * Add mockReturnValue for auth type test * Remove MacOS from ci.yml * links to documentation on each argument type (#123) * v2 - Remove client-id and tenant-id as inputs (#124) * Set tenantId and clientId only when passed in * Default to empty string * Default to empty string * Replace mssql call with go-sqlcmd query * Capture sqlcmd error message * Add more debug * Capture stdout too * Fix config passing * Completely remove client-id and tenant-id * cleanup * Update sqlcmd query * adding connection string format to docs (#138) adding connection string format to docs Co-authored-by: Drew Skwiers-Koballa <dzsquared@users.noreply.github.com>
* Use tedious mssql library instead of sqlcmd * Fix mssql connection * Fix SqlUtils tests * Use config instead of connection string * Replace conn string builder with mssql config * Connect to master db * Restore connection string validation regex * PR comments, fix error handling * Update main.js * Use try catch for error handling * Fix typo
* v2 - Use tedious mssql module instead of sqlcmd (#96) * Use tedious mssql library instead of sqlcmd * Fix mssql connection * Fix SqlUtils tests * Use config instead of connection string * Replace conn string builder with mssql config * Connect to master db * Restore connection string validation regex * PR comments, fix error handling * Update main.js * Use try catch for error handling * Fix typo * Fix path to cleanup.sql
Use tedious node-mssql module for connection instead of using sqlcmd. This change adds the module and changes the IP address detection to use it. Script action still calls sqlcmd directly.
SqlConnectionStringBuilderhas been replaced bySqlConnectionConfigwhich is a wrapper onmssql.config. Removed our own implementation for different parts of the connection string, instead leverage the parsing function frommssqlto get aconfigobject from a connection string, with some extra validation. AAD auth will be added in this class in subsequent PRs.TODO in future PRs: