Linux GCC/Clang Qt6.4 #383

Workflow file for this run

.github/workflows/linux-qt6.yml at 1c8e4d3

	# MySQL
	# ---
	# Forces TLS connections with the caching_sha2_password and certificate validation, also validates
	# certificate's CN for issuer and subject.

	# PostgreSQL
	# ---
	# Forces TLS connections with the certificate authentication and full certificate validation
	# using the clientname=DN map=dn in the pg_hba.conf, so the username is matched against
	# the entire Distinguished Name (DN) of the client certificate and sslmode=verify-full
	# on the libpq client side, so the the server host name is matched against the CN (Common Name)
	# stored in the server certificate.

	name: Linux GCC/Clang Qt6.4

	on:
	workflow_dispatch:
	push:
	branches:
	- main
	- gh-actions

	jobs:

	build:
	name: cmake build / ctest

	runs-on: ubuntu-24.04

	env:
	# Settings (constant variables)
	# This number must also be changed in the matrix as env context can't be used in the matrix
	TINY_LLVM_VERSION: 18
	TINY_LLVM_APT_NAME: noble
	# First value is a compressed data size
	# gcc: ~ 165 * 3 + 100 ; clang: ~ 100 * 3 + 100
	TINY_CCACHE_MAX_SIZE_GCC: 600M
	TINY_CCACHE_MAX_SIZE_CLANG: 400M
	# Clang and vcpkg use $(nproc) (max. available cores)
	TINY_PARALLEL_GCC: 2

	strategy:
	matrix:
	compiler:
	- key: clang
	name: clang18
	apt: [ clang-18, lld-18 ]
	command: clang++-18

	- key: gcc
	name: gcc12
	apt: [ g++-12 ]
	command: g++-12

	steps:
	- uses: actions/checkout@v4

	- name: TinyORM prepare environment
	run: \|
	runnerWorkPath=$(realpath "$RUNNER_WORKSPACE/..")
	echo "TinyRunnerWorkPath=$runnerWorkPath" >> $GITHUB_ENV

	sqlitePath="$runnerWorkPath/SQLite/$DB_SQLITE_DATABASE"
	echo "TinySQLitePath=$sqlitePath" >> $GITHUB_ENV

	[[ '${{ matrix.compiler.key }}' == 'gcc' ]] && ccacheMaxSize="$TINY_CCACHE_MAX_SIZE_GCC" \
	\|\| ccacheMaxSize="$TINY_CCACHE_MAX_SIZE_CLANG"
	echo "TinyCcacheMaxSize=$ccacheMaxSize" >> $GITHUB_ENV

	[[ '${{ matrix.compiler.key }}' == 'gcc' ]] && parallel=$TINY_PARALLEL_GCC \
	\|\| parallel=$(nproc)
	echo "TinyParallel=$parallel" >> $GITHUB_ENV

	echo "TinyParallelVcpkg=$(nproc)" >> $GITHUB_ENV

	tinyormBuildName='${{ matrix.compiler.name }}-cmake-debug'
	echo "TinyORMBuildName=$tinyormBuildName" >> $GITHUB_ENV

	tinyormBuildTree="$RUNNER_WORKSPACE/TinyORM-builds-cmake/build-$tinyormBuildName"
	echo "TinyORMBuildTree=$tinyormBuildTree" >> $GITHUB_ENV
	env:
	DB_SQLITE_DATABASE: ${{ secrets.DB_SQLITE_DATABASE }}

	- name: Hosts add PostgreSQL server hostname
	run: >-
	sudo -- sh -c "echo '127.0.0.1\t$DB_PGSQL_HOST' >> /etc/hosts"
	env:
	DB_PGSQL_HOST: ${{ secrets.DB_PGSQL_HOST_SSL }}

	- name: PostgreSQL service start
	run: \|
	sudo systemctl start postgresql.service

	- name: PostgreSQL prepare environment
	id: databases-initialize-postgresql
	run: \|
	pgConfigFile=$(sudo --user=postgres --login -- \
	psql --command='show config_file;' --no-align --tuples-only)

	pgConfigPath=$(dirname "$pgConfigFile")
	echo "PgConfigPath=$pgConfigPath" >> $GITHUB_OUTPUT

	pgDataPath=$(sudo --user=postgres --login -- \
	psql --command='show data_directory;' --no-align --tuples-only)
	echo "PgDataPath=$pgDataPath" >> $GITHUB_OUTPUT

	- name: PostgreSQL initialize configuration
	working-directory: .github/resources/postgresql
	run: \|
	sudo --user=postgres -- cp --recursive --target-directory="$pg_config_path" ./

	echo "\
	ssl_cert_file = 'server.crt'
	ssl_key_file = 'server.key'
	" \| \
	sudo tee --append "$pg_config_path/conf.d/90-crystal.conf" > /dev/null
	env:
	pg_config_path: ${{ steps.databases-initialize-postgresql.outputs.PgConfigPath }}

	- name: PostgreSQL SSL certificates initialize
	id: openssl-initialize-postgresql-certificates
	run: \|
	folderPath="$TinyRunnerWorkPath/tiny-postgresql-certificates"

	# Create an empty folder for generating certificates
	sudo mkdir "$folderPath"
	sudo chown runner:docker "$folderPath"

	echo "FolderPath=$folderPath" >> $GITHUB_OUTPUT

	# This hash invalidates the PostgreSQL certificates cache every month
	hash=$(date +%4Y%2m)
	echo "Hash=$hash" >> $GITHUB_OUTPUT

	- name: PostgreSQL SSL certificates restore cache
	uses: actions/cache/restore@v3
	id: openssl-cache-postgresql-certificates
	with:
	path: \|
	${{ env.folder_path }}/*.crt
	${{ env.folder_path }}/*.key
	key: ${{ runner.os }}-openssl-${{ env.cache_name }}-${{ env.cache_hash }}
	env:
	# This hash invalidates this certificates cache every month
	cache_hash: ${{ steps.openssl-initialize-postgresql-certificates.outputs.Hash }}
	cache_name: postgresql-certificates
	folder_path: ${{ steps.openssl-initialize-postgresql-certificates.outputs.FolderPath }}

	- name: PostgreSQL SSL certificates generate
	if: steps.openssl-cache-postgresql-certificates.outputs.cache-hit != 'true'
	working-directory: ${{ steps.openssl-initialize-postgresql-certificates.outputs.FolderPath }}
	run: \|
	echo '::group::Print openssl version'
	openssl version -a
	echo '::endgroup::'

	echo '::group::CA certificate'
	# -days 32 is important, -days 30 is not enough
	openssl req -new -x509 -nodes -subj "$DB_PGSQL_SSL_SUBJECT_CA" -days 32 \
	-keyout ./root.key -out ./root.crt
	echo '::endgroup::'

	echo '::group::Server certificate'
	openssl req -new -nodes -subj "$DB_PGSQL_SSL_SUBJECT_SERVER" -keyout ./server.key -out \
	./server.csr
	OPENSSL_SAN="DNS:${DB_PGSQL_HOST}" \
	openssl x509 -req -CA ./root.crt -CAkey ./root.key -days 32 -set_serial 01 \
	-extfile "$extfile" -in ./server.csr -out ./server.crt
	echo '::endgroup::'

	echo '::group::Client certificate'
	openssl req -new -nodes -subj "$DB_PGSQL_SSL_SUBJECT_CLIENT" -keyout ./postgresql.key \
	-out ./postgresql.csr
	OPENSSL_SAN="DNS:${DB_PGSQL_USERNAME}" \
	openssl x509 -req -CA ./root.crt -CAkey ./root.key -days 32 -set_serial 02 \
	-extfile "$extfile" -in ./postgresql.csr -out ./postgresql.crt
	echo '::endgroup::'
	env:
	extfile: ${{ github.workspace }}/.github/resources/openssl/usr_cert.cnf
	DB_PGSQL_HOST: ${{ secrets.DB_PGSQL_HOST_SSL }}
	DB_PGSQL_USERNAME: ${{ secrets.DB_PGSQL_USERNAME }}
	DB_PGSQL_SSL_SUBJECT_CA: ${{ secrets.DB_PGSQL_SSL_SUBJECT_CA }}
	DB_PGSQL_SSL_SUBJECT_SERVER: ${{ secrets.DB_PGSQL_SSL_SUBJECT_SERVER }}
	DB_PGSQL_SSL_SUBJECT_CLIENT: ${{ secrets.DB_PGSQL_SSL_SUBJECT_CLIENT }}

	- name: PostgreSQL SSL certificates print
	working-directory: ${{ steps.openssl-initialize-postgresql-certificates.outputs.FolderPath }}
	run: \|
	echo '::group::CA certificate'
	openssl x509 -noout -text -in ./root.crt
	echo '::endgroup::'

	echo '::group::Server certificate'
	openssl x509 -noout -text -in ./server.crt
	echo '::endgroup::'

	echo '::group::Client certificate'
	openssl x509 -noout -text -in ./postgresql.crt
	echo '::endgroup::'

	# Always verify, regardless if certificates were newly generated or restored from the cache
	- name: PostgreSQL SSL certificates verify
	working-directory: ${{ steps.openssl-initialize-postgresql-certificates.outputs.FolderPath }}
	run: \|
	openssl verify -CAfile ./root.crt ./server.crt ./postgresql.crt

	# Save the cache only if certificates were newly generated
	# The actions/cache/save allows to use the Move-Item during the install step
	- name: PostgreSQL SSL certificates save cache
	if: steps.openssl-cache-postgresql-certificates.outputs.cache-hit != 'true'
	uses: actions/cache/save@v3
	with:
	path: \|
	${{ env.folder_path }}/*.crt
	${{ env.folder_path }}/*.key
	key: ${{ steps.openssl-cache-postgresql-certificates.outputs.cache-primary-key }}
	env:
	folder_path: ${{ steps.openssl-initialize-postgresql-certificates.outputs.FolderPath }}

	- name: PostgreSQL SSL certificates install
	working-directory: ${{ steps.openssl-initialize-postgresql-certificates.outputs.FolderPath }}
	run: \|
	echo '::group::Install server certificates'
	sudo cp --target-directory="$pg_data_path" ./root.crt
	sudo mv --target-directory="$pg_data_path" ./server.{crt,key}
	sudo chown postgres:postgres "$pg_data_path"/server.{crt,key} "$pg_data_path/root.crt"
	sudo chmod 600 "$pg_data_path/server.key"
	sudo chmod 640 "$pg_data_path"/{root,server}.crt
	echo '::endgroup::'

	echo '::group::Install client certificates'
	folderPath=~/.postgresql
	mkdir "$folderPath"
	mv --target-directory="$folderPath" ./postgresql.{crt,key} ./root.crt
	chmod 600 "$folderPath/postgresql.key"
	chmod 640 "$folderPath"/{postgresql,root}.crt
	echo '::endgroup::'
	env:
	pg_data_path: ${{ steps.databases-initialize-postgresql.outputs.PgDataPath }}

	- name: PostgreSQL change ${{ secrets.DB_PGSQL_ROOT_USERNAME }} password
	run: >-
	sudo --user=postgres --login --
	psql --command="alter user \"$DB_PGSQL_ROOT_USERNAME\"
	with password '$DB_PGSQL_ROOT_PASSWORD';"
	env:
	DB_PGSQL_ROOT_PASSWORD: ${{ secrets.DB_PGSQL_ROOT_PASSWORD }}
	DB_PGSQL_ROOT_USERNAME: ${{ secrets.DB_PGSQL_ROOT_USERNAME }}

	- name: PostgreSQL create TinyORM user
	run: >-
	sudo --user=postgres --login --
	psql --command="create user \"$DB_PGSQL_USERNAME\"
	with createdb password '$DB_PGSQL_PASSWORD';"
	env:
	DB_PGSQL_PASSWORD: ${{ secrets.DB_PGSQL_PASSWORD }}
	DB_PGSQL_USERNAME: ${{ secrets.DB_PGSQL_USERNAME }}

	- name: PostgreSQL create TinyORM database
	run: >-
	sudo --user=postgres --login --
	createdb --owner="$DB_PGSQL_USERNAME" "$DB_PGSQL_DATABASE"
	env:
	DB_PGSQL_DATABASE: ${{ secrets.DB_PGSQL_DATABASE }}
	DB_PGSQL_USERNAME: ${{ secrets.DB_PGSQL_USERNAME }}

	- name: PostgreSQL initialize client authentication
	run: \|
	# Create the $PGDATA/tinyorm_dbs file with databases list
	tinyormDbsPath="$pg_config_path/tinyorm_dbs"
	databasesArr=("$DB_PGSQL_DATABASE" "$TINYORM_DATABASE_TESTS_SCHEMABUILDER")
	(IFS=$'\n'; echo "${databasesArr[*]}") \| \
	sudo --user=postgres -- tee --append "$tinyormDbsPath" > /dev/null
	sudo chmod 640 "$tinyormDbsPath"

	pgHbaConf="$pg_config_path/pg_hba.conf"

	pgHbaTmplTmpl='\\n\
	# crystal\
	hostssl @tinyorm_dbs %s 127.0.0.1\/32 cert clientname=DN map=dn'

	pgHbaTmpl=$(printf "$pgHbaTmplTmpl" "$DB_PGSQL_USERNAME")

	sudo sed --regexp-extended "s/(# +TYPE +DATABASE +USER +ADDRESS +METHOD)/\1$pgHbaTmpl/" \
	--in-place "$pgHbaConf"

	pgIdentConf="$pg_config_path/pg_ident.conf"

	printf 'dn "/^%s$" %s' "$DB_PGSQL_SSL_DN" "$DB_PGSQL_USERNAME" \| \
	sudo tee --append "$pgIdentConf" > /dev/null
	env:
	pg_config_path: ${{ steps.databases-initialize-postgresql.outputs.PgConfigPath }}
	DB_PGSQL_DATABASE: ${{ secrets.DB_PGSQL_DATABASE }}
	DB_PGSQL_SSL_DN: ${{ secrets.DB_PGSQL_SSL_DN }}
	DB_PGSQL_USERNAME: ${{ secrets.DB_PGSQL_USERNAME }}
	TINYORM_DATABASE_TESTS_SCHEMABUILDER: ${{ secrets.TINYORM_DATABASE_TESTS_SCHEMABUILDER }}

	- name: PostgreSQL service restart
	run: \|
	sudo systemctl restart postgresql.service

	- name: PostgreSQL service check status
	run: \|
	echo '::group::Service status'
	systemctl status postgresql.service
	echo '::endgroup::'

	echo '::group::pg_isready'
	pg_isready
	echo '::endgroup::'

	# Adding the DB_MYSQL_HOST_CLIENT isn't strictly needed (works without it too)
	- name: Hosts add MySQL server hostname
	run: >-
	sudo -- sh -c "echo '127.0.0.1\t$DB_MYSQL_HOST $DB_MYSQL_HOST_CLIENT' >> /etc/hosts"
	env:
	DB_MYSQL_HOST: ${{ secrets.DB_MYSQL_HOST_SSL }}
	DB_MYSQL_HOST_CLIENT: ${{ secrets.DB_MYSQL_HOST_CLIENT_SSL }}

	- name: MySQL initialize crystal_mysqld.cnf configuration
	working-directory: .github/resources/linux
	run: \|
	sudo mv ./crystal_mysqld_ssl.cnf /etc/mysql/mysql.conf.d/crystal_mysqld.cnf

	- name: MySQL initialize crystal_client.cnf configuration (global)
	working-directory: .github/resources/linux
	run: >-
	cat ./crystal_client_ssl.template.cnf \|
	sed 's/{SSL_CERTIFICATES_PATH}/\/usr\/local\/share\/crystal-mysql/' \|
	sed "s/{MYSQL_HOST}/$DB_MYSQL_HOST/" \|
	sudo tee /etc/mysql/conf.d/crystal_client.cnf > /dev/null
	env:
	DB_MYSQL_HOST: ${{ secrets.DB_MYSQL_HOST_SSL }}

	# Remove certificates to generate are own
	- name: MySQL SSL certificates remove
	run: >-
	sudo --user=mysql --
	rm /var/lib/mysql/{ca,ca-key,server-cert,server-key,client-cert,client-key}.pem

	- name: MySQL SSL certificates initialize
	id: openssl-initialize-mysql-certificates
	run: \|
	folderPath="$TinyRunnerWorkPath/tiny-mysql-certificates"

	# Create an empty folder for generating certificates
	sudo mkdir "$folderPath"
	sudo chown runner:docker "$folderPath"

	echo "FolderPath=$folderPath" >> $GITHUB_OUTPUT

	# This hash invalidates the MySQL certificates cache every month
	hash=$(date +%4Y%2m)
	echo "Hash=$hash" >> $GITHUB_OUTPUT

	- name: MySQL SSL certificates restore cache
	uses: actions/cache/restore@v3
	id: openssl-cache-mysql-certificates
	with:
	path: \|
	${{ env.folder_path }}/*.pem
	key: ${{ runner.os }}-openssl-${{ env.cache_name }}-${{ env.cache_hash }}
	env:
	# This hash invalidates this certificates cache every month
	cache_hash: ${{ steps.openssl-initialize-mysql-certificates.outputs.Hash }}
	cache_name: mysql-certificates
	folder_path: ${{ steps.openssl-initialize-mysql-certificates.outputs.FolderPath }}

	- name: MySQL SSL certificates generate
	if: steps.openssl-cache-mysql-certificates.outputs.cache-hit != 'true'
	working-directory: ${{ steps.openssl-initialize-mysql-certificates.outputs.FolderPath }}
	run: \|
	echo '::group::Print openssl version'
	openssl version -a
	echo '::endgroup::'

	echo '::group::CA certificate'
	# -days 32 is important, -days 30 is not enough
	openssl req -new -x509 -nodes -subj "$DB_MYSQL_SSL_SUBJECT_CA" -days 32 \
	-keyout ./ca-key.pem -out ./ca.pem
	echo '::endgroup::'

	echo '::group::Server certificate'
	openssl req -new -nodes -subj "$DB_MYSQL_SSL_SUBJECT_SERVER" -keyout ./server-key.pem -out \
	./server-req.pem
	OPENSSL_SAN="DNS:${DB_MYSQL_HOST}" \
	openssl x509 -req -CA ./ca.pem -CAkey ./ca-key.pem -days 32 -set_serial 01 \
	-extfile "$extfile" -in ./server-req.pem -out ./server-cert.pem
	echo '::endgroup::'

	echo '::group::Client certificate'
	openssl req -new -nodes -subj "$DB_MYSQL_SSL_SUBJECT_CLIENT" -keyout ./client-key.pem \
	-out ./client-req.pem
	OPENSSL_SAN="DNS:${DB_MYSQL_HOST_CLIENT}" \
	openssl x509 -req -CA ./ca.pem -CAkey ./ca-key.pem -days 32 -set_serial 02 \
	-extfile "$extfile" -in ./client-req.pem -out ./client-cert.pem
	echo '::endgroup::'
	env:
	extfile: ${{ github.workspace }}/.github/resources/openssl/usr_cert.cnf
	DB_MYSQL_HOST: ${{ secrets.DB_MYSQL_HOST_SSL }}
	DB_MYSQL_HOST_CLIENT: ${{ secrets.DB_MYSQL_HOST_CLIENT_SSL }}
	DB_MYSQL_SSL_SUBJECT_CA: ${{ secrets.DB_MYSQL_SSL_SUBJECT_CA }}
	DB_MYSQL_SSL_SUBJECT_SERVER: ${{ secrets.DB_MYSQL_SSL_SUBJECT_SERVER }}
	DB_MYSQL_SSL_SUBJECT_CLIENT: ${{ secrets.DB_MYSQL_SSL_SUBJECT_CLIENT }}

	# Always verify, regardless if certificates were newly generated or restored from the cache
	- name: MySQL SSL certificates verify
	working-directory: ${{ steps.openssl-initialize-mysql-certificates.outputs.FolderPath }}
	run: \|
	openssl verify -CAfile ./ca.pem ./server-cert.pem ./client-cert.pem

	# Save the cache only if certificates were newly generated
	# The actions/cache/save allows to use the Move-Item during the install step
	- name: MySQL SSL certificates save cache
	if: steps.openssl-cache-mysql-certificates.outputs.cache-hit != 'true'
	uses: actions/cache/save@v3
	with:
	path: \|
	${{ env.folder_path }}/*.pem
	key: ${{ steps.openssl-cache-mysql-certificates.outputs.cache-primary-key }}
	env:
	folder_path: ${{ steps.openssl-initialize-mysql-certificates.outputs.FolderPath }}

	- name: MySQL SSL certificates install
	working-directory: ${{ steps.openssl-initialize-mysql-certificates.outputs.FolderPath }}
	run: \|
	mysqlDataPath=/var/lib/mysql

	echo '::group::Install CA certificate'
	sudo mv --target-directory="$mysqlDataPath" ./ca.pem
	sudo chmod 644 "$mysqlDataPath/ca.pem"
	sudo chown mysql:mysql "$mysqlDataPath/ca.pem"
	echo '::endgroup::'

	echo '::group::Install server certificates'
	sudo mv --target-directory="$mysqlDataPath" ./server-{cert,key}.pem
	sudo chmod 640 "$mysqlDataPath/server-cert.pem"
	sudo chmod 600 "$mysqlDataPath/server-key.pem"
	sudo chown mysql:mysql "$mysqlDataPath"/server-{cert,key}.pem
	echo '::endgroup::'

	echo '::group::Install client certificates'
	sudo mv --target-directory="$mysqlDataPath" ./client-{cert,key}.pem
	sudo chmod 640 "$mysqlDataPath/client-cert.pem"
	sudo chmod 600 "$mysqlDataPath/client-key.pem"
	sudo chown mysql:mysql "$mysqlDataPath"/client-{cert,key}.pem
	echo '::endgroup::'
	env:
	pg_data_path: ${{ steps.databases-initialize-mysql.outputs.PgDataPath }}

	- name: MySQL copy SSL certificates for runner user
	run: \|
	crystalMySqlPath=/usr/local/share/crystal-mysql

	sudo mkdir --parents "$crystalMySqlPath"
	cd "$crystalMySqlPath"

	sudo cp --target-directory="$crystalMySqlPath" \
	/var/lib/mysql/{ca,client-cert,client-key}.pem

	sudo chown --recursive root:root "$crystalMySqlPath"
	sudo chmod 444 "$crystalMySqlPath"/{ca,client-cert,client-key}.pem

	- name: MySQL service start
	run: \|
	sudo systemctl start mysql.service

	# Securing the root account even on localhost is for testing to make sure that everything
	# works as expected
	- name: MySQL change ${{ secrets.DB_MYSQL_ROOT_USERNAME }} password
	run: >-
	echo "
	alter user '$DB_MYSQL_ROOT_USERNAME'@'localhost'
	identified with caching_sha2_password by '$DB_MYSQL_ROOT_PASSWORD'
	require issuer '$DB_MYSQL_SSL_SUBJECT_CA' and
	subject '$DB_MYSQL_SSL_SUBJECT_CLIENT';" \|
	mysql --user="$DB_MYSQL_ROOT_USERNAME" --password="$DB_MYSQL_ROOT_PASSWORD_DEFAULT"
	env:
	DB_MYSQL_ROOT_PASSWORD: ${{ secrets.DB_MYSQL_ROOT_PASSWORD }}
	DB_MYSQL_ROOT_PASSWORD_DEFAULT: ${{ secrets.DB_MYSQL_ROOT_PASSWORD_DEFAULT }}
	DB_MYSQL_ROOT_USERNAME: ${{ secrets.DB_MYSQL_ROOT_USERNAME }}
	DB_MYSQL_SSL_SUBJECT_CA: ${{ secrets.DB_MYSQL_SSL_SUBJECT_CA }}
	DB_MYSQL_SSL_SUBJECT_CLIENT: ${{ secrets.DB_MYSQL_SSL_SUBJECT_CLIENT }}

	- name: MySQL populate time zone tables 👌
	run: >-
	mysql_tzinfo_to_sql /usr/share/zoneinfo \|
	mysql --user="$DB_MYSQL_ROOT_USERNAME" --password="$DB_MYSQL_ROOT_PASSWORD" mysql

	sudo systemctl restart mysql.service
	env:
	DB_MYSQL_ROOT_PASSWORD: ${{ secrets.DB_MYSQL_ROOT_PASSWORD }}
	DB_MYSQL_ROOT_USERNAME: ${{ secrets.DB_MYSQL_ROOT_USERNAME }}

	- name: MySQL service check status
	run: \|
	echo '::group::Service status'
	systemctl status mysql.service
	echo '::endgroup::'

	echo '::group::Service is-active check'
	systemctl is-active --quiet mysql.service
	echo '::endgroup::'

	echo '::group::Ping'
	mysqladmin --user="$DB_MYSQL_ROOT_USERNAME" --password="$DB_MYSQL_ROOT_PASSWORD" ping
	echo '::endgroup::'
	env:
	DB_MYSQL_ROOT_PASSWORD: ${{ secrets.DB_MYSQL_ROOT_PASSWORD }}
	DB_MYSQL_ROOT_USERNAME: ${{ secrets.DB_MYSQL_ROOT_USERNAME }}

	- name: MySQL create TinyORM database
	run: >-
	echo "
	create database if not exists \`$DB_MYSQL_DATABASE\`
	default character set $DB_MYSQL_CHARSET
	default collate $DB_MYSQL_COLLATION;" \|
	mysql --user="$DB_MYSQL_ROOT_USERNAME" --password="$DB_MYSQL_ROOT_PASSWORD"
	env:
	DB_MYSQL_CHARSET: ${{ secrets.DB_MYSQL_CHARSET }}
	DB_MYSQL_COLLATION: ${{ secrets.DB_MYSQL_COLLATION }}
	DB_MYSQL_DATABASE: ${{ secrets.DB_MYSQL_DATABASE }}
	DB_MYSQL_ROOT_PASSWORD: ${{ secrets.DB_MYSQL_ROOT_PASSWORD }}
	DB_MYSQL_ROOT_USERNAME: ${{ secrets.DB_MYSQL_ROOT_USERNAME }}

	- name: MySQL create TinyORM user
	run: >-
	echo "
	create user '$DB_MYSQL_USERNAME'@'%'
	identified with caching_sha2_password by '$DB_MYSQL_PASSWORD'
	require issuer '$DB_MYSQL_SSL_SUBJECT_CA' and
	subject '$DB_MYSQL_SSL_SUBJECT_CLIENT';
	grant all privileges on \`tinyorm\\_%\`.* to '$DB_MYSQL_USERNAME'@'%';
	grant select on \`mysql\`.\`time_zone_name\` to '$DB_MYSQL_USERNAME'@'%';
	flush privileges;" \|
	mysql --user="$DB_MYSQL_ROOT_USERNAME" --password="$DB_MYSQL_ROOT_PASSWORD"
	env:
	DB_MYSQL_PASSWORD: ${{ secrets.DB_MYSQL_PASSWORD }}
	DB_MYSQL_ROOT_PASSWORD: ${{ secrets.DB_MYSQL_ROOT_PASSWORD }}
	DB_MYSQL_ROOT_USERNAME: ${{ secrets.DB_MYSQL_ROOT_USERNAME }}
	DB_MYSQL_USERNAME: ${{ secrets.DB_MYSQL_USERNAME }}
	DB_MYSQL_SSL_SUBJECT_CA: ${{ secrets.DB_MYSQL_SSL_SUBJECT_CA }}
	DB_MYSQL_SSL_SUBJECT_CLIENT: ${{ secrets.DB_MYSQL_SSL_SUBJECT_CLIENT }}

	- name: SQLite create TinyORM database
	run: \|
	mkdir --parents "$(dirname "$TinySQLitePath")"

	touch "$TinySQLitePath"

	- name: Print MySQL, PostgreSQL, and SQLite database versions
	run: \|
	echo '::group::MySQL version'
	mysql --version
	echo '::endgroup::'

	echo '::group::PostgreSQL version'
	pg_config --version
	echo '::endgroup::'

	echo '::group::SQLite version'
	sqlite3 --version
	echo '::endgroup::'

	- name: add-apt-repository Clang ${{ env.TINY_LLVM_VERSION }}
	if: matrix.compiler.key == 'clang'
	run: >-
	wget -O- https://apt.llvm.org/llvm-snapshot.gpg.key \|
	sudo tee /etc/apt/trusted.gpg.d/llvm-${{ env.TINY_LLVM_VERSION }}.asc > /dev/null

	sudo add-apt-repository --yes
	--sourceslist 'deb http://apt.llvm.org/${{ env.TINY_LLVM_APT_NAME }}/
	llvm-toolchain-${{ env.TINY_LLVM_APT_NAME }}-${{ env.TINY_LLVM_VERSION }} main'

	- name: apt update
	run: \|
	sudo apt update

	- name: apt install ${{ join(matrix.compiler.apt, ', ') }}, Qt 6 base, and ccache
	run: >-
	sudo apt install --yes ${{ join(matrix.compiler.apt, ' ') }}
	qt6-base-dev libqt6sql6-mysql libqt6sql6-sqlite libqt6sql6-psql ccache

	# No need to use lukka/get-cmake, these images always have latest version
	- name: Ninja install latest version
	uses: seanmiddleditch/gha-setup-ninja@master
	with:
	destination: ${{ env.TinyRunnerWorkPath }}/ninja-build

	- name: Ccache initialize
	id: ccache-initialize-cache
	run: \|
	cachePath=$(ccache --get-config cache_dir)
	echo "CachePath=$cachePath" >> $GITHUB_OUTPUT

	echo "ImageOS=$ImageOS" >> $GITHUB_OUTPUT

	- name: Ccache restore cache 🕺
	uses: actions/cache@v3
	with:
	path: ${{ env.cache_path }}
	key: ${{ runner.os }}-${{ env.image_os }}-ccache-${{ env.cache_name }}-${{ github.run_id }}
	restore-keys: \|
	${{ runner.os }}-${{ env.image_os }}-ccache-${{ env.cache_name }}-
	env:
	cache_name: ${{ matrix.compiler.name }}-qt6
	cache_path: ${{ steps.ccache-initialize-cache.outputs.CachePath }}
	image_os: ${{ steps.ccache-initialize-cache.outputs.ImageOS }}

	- name: Ccache prepare configuration 🥳
	run: \|
	ccache --set-config max_size="$TinyCcacheMaxSize"
	ccache --set-config sloppiness=pch_defines,time_macros

	- name: Ccache print version and configuration
	run: \|
	echo '::group::Print version'
	ccache --version
	echo '::endgroup::'

	echo '::group::Print ccache config'
	ccache --show-config
	echo '::endgroup::'

	- name: vcpkg prepare environment
	run: \|
	echo "VCPKG_ROOT=$VCPKG_INSTALLATION_ROOT" >> $GITHUB_ENV
	echo 'VCPKG_DEFAULT_TRIPLET=x64-linux-dynamic' >> $GITHUB_ENV
	echo "VCPKG_MAX_CONCURRENCY=$TinyParallelVcpkg" >> $GITHUB_ENV

	- name: CMake print version
	run: \|
	cmake --version

	- name: Ccache clear statistics
	run: \|
	ccache --zero-stats

	- name: TinyORM cmake configure (${{ env.TinyORMBuildName }})
	run: >-
	cmake --log-level=DEBUG --log-context
	-S .
	-B "$TinyORMBuildTree"
	-G Ninja
	-D CMAKE_CXX_COMPILER_LAUNCHER:FILEPATH=ccache
	-D CMAKE_CXX_COMPILER:FILEPATH=${{ matrix.compiler.command }}
	-D CMAKE_TOOLCHAIN_FILE:FILEPATH="$VCPKG_INSTALLATION_ROOT/scripts/buildsystems/vcpkg.cmake"
	-D CMAKE_DISABLE_PRECOMPILE_HEADERS:BOOL=ON
	-D CMAKE_EXPORT_PACKAGE_REGISTRY:BOOL=OFF
	-D CMAKE_BUILD_TYPE:STRING=Debug
	-D CMAKE_CXX_SCAN_FOR_MODULES:BOOL=OFF
	-D VCPKG_APPLOCAL_DEPS:BOOL=OFF
	-D VERBOSE_CONFIGURE:BOOL=ON
	-D BUILD_TREE_DEPLOY:BOOL=OFF
	-D MATCH_EQUAL_EXPORTED_BUILDTREE:BOOL=OFF
	-D STRICT_MODE:BOOL=OFF
	-D MYSQL_PING:BOOL=ON
	-D BUILD_TESTS:BOOL=ON
	-D ORM:BOOL=ON
	-D TOM:BOOL=ON
	-D TOM_EXAMPLE:BOOL=ON
	-D BUILD_DRIVERS:BOOL=OFF

	- name: TinyORM cmake build ✨ (${{ env.TinyORMBuildName }})
	working-directory: ${{ env.TinyORMBuildTree }}
	run: \|
	cmake --build . --target all --parallel $TinyParallel

	- name: Ccache print statistics
	run: \|
	ccache --show-stats --verbose

	- name: TinyORM add on the $LD_LIBRARY_PATH
	run: \|
	echo "LD_LIBRARY_PATH=$TinyORMBuildTree${LD_LIBRARY_PATH:+:}$LD_LIBRARY_PATH" >> $env:GITHUB_ENV

	- name: Create and Seed tables for unit tests 🎉
	working-directory: ${{ env.TinyORMBuildTree }}/tests/testdata_tom
	run: >-
	./tom_testdata migrate
	--database=tinyorm_testdata_tom_mysql,tinyorm_testdata_tom_postgres,tinyorm_testdata_tom_sqlite
	--seed --no-ansi
	env:
	DB_MYSQL_CHARSET: ${{ secrets.DB_MYSQL_CHARSET }}
	DB_MYSQL_COLLATION: ${{ secrets.DB_MYSQL_COLLATION }}
	DB_MYSQL_DATABASE: ${{ secrets.DB_MYSQL_DATABASE }}
	DB_MYSQL_HOST: ${{ secrets.DB_MYSQL_HOST_SSL }}
	DB_MYSQL_PASSWORD: ${{ secrets.DB_MYSQL_PASSWORD }}
	DB_MYSQL_SSL_CA: /usr/local/share/crystal-mysql/ca.pem
	DB_MYSQL_SSL_CERT: /usr/local/share/crystal-mysql/client-cert.pem
	DB_MYSQL_SSL_KEY: /usr/local/share/crystal-mysql/client-key.pem
	DB_MYSQL_SSL_MODE: ${{ secrets.DB_MYSQL_SSL_MODE }}
	DB_MYSQL_USERNAME: ${{ secrets.DB_MYSQL_USERNAME }}
	DB_PGSQL_CHARSET: ${{ secrets.DB_PGSQL_CHARSET }}
	DB_PGSQL_DATABASE: ${{ secrets.DB_PGSQL_DATABASE }}
	DB_PGSQL_HOST: ${{ secrets.DB_PGSQL_HOST_SSL }}
	DB_PGSQL_SEARCHPATH: ${{ secrets.DB_PGSQL_SEARCHPATH }}
	DB_PGSQL_SSLMODE: ${{ secrets.DB_PGSQL_SSLMODE }}
	DB_PGSQL_USERNAME: ${{ secrets.DB_PGSQL_USERNAME }}
	DB_SQLITE_DATABASE: ${{ env.TinySQLitePath }}
	TOM_TESTDATA_ENV: ${{ vars.TOM_TESTDATA_ENV }}

	- name: TinyORM execute ctest 🔥
	working-directory: ${{ env.TinyORMBuildTree }}
	run: \|
	ctest --output-on-failure --parallel $(($TinyParallel + $(nproc) / 2))
	env:
	DB_MYSQL_CHARSET: ${{ secrets.DB_MYSQL_CHARSET }}
	DB_MYSQL_COLLATION: ${{ secrets.DB_MYSQL_COLLATION }}
	DB_MYSQL_DATABASE: ${{ secrets.DB_MYSQL_DATABASE }}
	DB_MYSQL_HOST: ${{ secrets.DB_MYSQL_HOST_SSL }}
	DB_MYSQL_PASSWORD: ${{ secrets.DB_MYSQL_PASSWORD }}
	DB_MYSQL_SSL_CA: /usr/local/share/crystal-mysql/ca.pem
	DB_MYSQL_SSL_CERT: /usr/local/share/crystal-mysql/client-cert.pem
	DB_MYSQL_SSL_KEY: /usr/local/share/crystal-mysql/client-key.pem
	DB_MYSQL_SSL_MODE: ${{ secrets.DB_MYSQL_SSL_MODE }}
	DB_MYSQL_USERNAME: ${{ secrets.DB_MYSQL_USERNAME }}
	DB_PGSQL_CHARSET: ${{ secrets.DB_PGSQL_CHARSET }}
	DB_PGSQL_DATABASE: ${{ secrets.DB_PGSQL_DATABASE }}
	DB_PGSQL_HOST: ${{ secrets.DB_PGSQL_HOST_SSL }}
	DB_PGSQL_SEARCHPATH: ${{ secrets.DB_PGSQL_SEARCHPATH }}
	DB_PGSQL_SSLMODE: ${{ secrets.DB_PGSQL_SSLMODE }}
	DB_PGSQL_USERNAME: ${{ secrets.DB_PGSQL_USERNAME }}
	DB_SQLITE_DATABASE: ${{ env.TinySQLitePath }}
	TOM_TESTS_ENV: ${{ vars.TOM_TESTS_ENV }}

	- name: Tom example test some commands (MySQL) 🚀
	working-directory: ${{ env.TinyORMBuildTree }}/examples/tom
	run: \|
	./tom migrate:fresh --database=tinyorm_tom_mysql --no-ansi
	./tom migrate:uninstall --reset --database=tinyorm_tom_mysql --no-ansi
	./tom migrate:install --database=tinyorm_tom_mysql --no-ansi
	./tom migrate --database=tinyorm_tom_mysql --seed --no-ansi
	./tom migrate:status --database=tinyorm_tom_mysql --no-ansi
	./tom migrate:refresh --database=tinyorm_tom_mysql --seed --no-ansi
	./tom migrate:reset --database=tinyorm_tom_mysql --no-ansi
	./tom migrate:uninstall --database=tinyorm_tom_mysql --no-ansi
	env:
	DB_MYSQL_CHARSET: ${{ secrets.DB_MYSQL_CHARSET }}
	DB_MYSQL_COLLATION: ${{ secrets.DB_MYSQL_COLLATION }}
	DB_MYSQL_DATABASE: ${{ secrets.DB_MYSQL_DATABASE }}
	DB_MYSQL_HOST: ${{ secrets.DB_MYSQL_HOST_SSL }}
	DB_MYSQL_PASSWORD: ${{ secrets.DB_MYSQL_PASSWORD }}
	DB_MYSQL_SSL_CA: /usr/local/share/crystal-mysql/ca.pem
	DB_MYSQL_SSL_CERT: /usr/local/share/crystal-mysql/client-cert.pem
	DB_MYSQL_SSL_KEY: /usr/local/share/crystal-mysql/client-key.pem
	DB_MYSQL_SSL_MODE: ${{ secrets.DB_MYSQL_SSL_MODE }}
	DB_MYSQL_USERNAME: ${{ secrets.DB_MYSQL_USERNAME }}
	TOM_EXAMPLE_ENV: ${{ vars.TOM_EXAMPLE_ENV }}

	- name: Tom example test some commands (PostgreSQL) 🙌
	working-directory: ${{ env.TinyORMBuildTree }}/examples/tom
	run: \|
	./tom migrate:fresh --database=tinyorm_tom_postgres --no-ansi
	./tom migrate:uninstall --reset --database=tinyorm_tom_postgres --no-ansi
	./tom migrate:install --database=tinyorm_tom_postgres --no-ansi
	./tom migrate --database=tinyorm_tom_postgres --seed --no-ansi
	./tom migrate:status --database=tinyorm_tom_postgres --no-ansi
	./tom migrate:refresh --database=tinyorm_tom_postgres --seed --no-ansi
	./tom migrate:reset --database=tinyorm_tom_postgres --no-ansi
	./tom migrate:uninstall --database=tinyorm_tom_postgres --no-ansi
	env:
	DB_PGSQL_CHARSET: ${{ secrets.DB_PGSQL_CHARSET }}
	DB_PGSQL_DATABASE: ${{ secrets.DB_PGSQL_DATABASE }}
	DB_PGSQL_HOST: ${{ secrets.DB_PGSQL_HOST_SSL }}
	DB_PGSQL_SEARCHPATH: ${{ secrets.DB_PGSQL_SEARCHPATH }}
	DB_PGSQL_SSLMODE: ${{ secrets.DB_PGSQL_SSLMODE }}
	DB_PGSQL_USERNAME: ${{ secrets.DB_PGSQL_USERNAME }}
	TOM_EXAMPLE_ENV: ${{ vars.TOM_EXAMPLE_ENV }}

	- name: Tom example test some commands (SQLite) 🏁
	working-directory: ${{ env.TinyORMBuildTree }}/examples/tom
	run: \|
	./tom migrate:fresh --database=tinyorm_tom_sqlite --no-ansi
	./tom migrate:uninstall --reset --database=tinyorm_tom_sqlite --no-ansi
	./tom migrate:install --database=tinyorm_tom_sqlite --no-ansi
	./tom migrate --database=tinyorm_tom_sqlite --seed --no-ansi
	./tom migrate:status --database=tinyorm_tom_sqlite --no-ansi
	./tom migrate:refresh --database=tinyorm_tom_sqlite --seed --no-ansi
	./tom migrate:reset --database=tinyorm_tom_sqlite --no-ansi
	./tom migrate:uninstall --database=tinyorm_tom_sqlite --no-ansi
	env:
	DB_SQLITE_DATABASE: ${{ env.TinySQLitePath }}
	TOM_EXAMPLE_ENV: ${{ vars.TOM_EXAMPLE_ENV }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Linux GCC/Clang Qt6.4 #383

Workflow file

Linux GCC/Clang Qt6.4 #383

Jobs

Run details

Workflow file for this run