This is a partial fix for #496
* BREAKING: Now Martin behaves the same way as `psql` -- by default, if
SSL is available on the server, it will be used, even though it will not
verify that the server has a valid SSL certificate
* Martin now understands `PGSSLCERT`, `PGSSLKEY`, and `PGSSLROOTCERT`
env vars (and corresponding config keys) - same as psql.
* Martin can now process `?sslmode=verify-ca` and `verify-full` (just
like psql). The verify modes require root and/or client cert & key.
* remove `danger_accept_invalid_certs` -- turns out that behavior is
expected by default unless ssl mode is set to verify - which upstream
lib [does not
support](https://github.com/sfackler/rust-postgres/issues/768) - PR
[submitted](https://github.com/sfackler/rust-postgres/pull/988).
* added connection_timeout_ms option for postgres and set it to 5
seconds by default. This way it will fail out earlier.
* added error reporting to bb8 - but it is currently [broken
upstream](https://github.com/djc/bb8/issues/151) - not sure we can fix
it easily, so may need to switch to deadpool later.
* added docker-based TLS test (horray!) - wasn't trivial at all, despite
ending up fairly simple.
* fixed SQL to work on older PG versions
* re-enable CI to test expected `test.sh` output against the one stored
in the `tests/expected`
* add postgres in docker tests on linux - one for the oldest supported
DB, and another using the more recent version
* minor justfile cleanup
* ensure config files are sorted alphabetically
Pedantic lints often offer some good insight into the code. It is
usually easier to sprinkle a few "allow"-s around, than to miss some
important life hack offered by clippy.
Also, make use a different martin port when running integration tests
locally (make sure `git push` works even if martin is running).
This extracts some of the code from #511 but without breaking changes
* Use `PathBuf` instead of `String` where dealing with files
* Parse keep_alive as u64
* More config tests to crash if martin output contains warnings or
errors
By default, Martin is now compiled without openssl, simplifying
debugging and simple case usage, whereas the docker build and CI
publishing would still use openssl
Use cross-compiler to build M1 ARM apple target. Must use vendored
openssl build because of cross-compilation.
Co-authored-by: Yuri Astrakhan <YuriAstrakhan@gmail.com>
* Change docker image to use `entrypoint` -- so that Martin can be used
as a command:
```bash
docker run maplibre/martin <parameters>
```
* The docker image is now tested the same way as in the CI tests
* Added a few changes to the justfile
Fixes#436
Rework CI to run tests locally using the VM-installed Postgres on all
target platforms.
### CI jobs
* Build release versions on Linux/Win/Mac and save build results as
output artifacts
* In a separate VMs (Linux/Win/Mac)
* use
[nyurik/action-setup-postgis](https://github.com/nyurik/action-setup-postgis)
to install postgis and run tests using the built artifacts
* run `cargo test` on Linux only
* copy built artifacts from the build step, and run tests using the
release martin binary
* package and publish if this is a release
### Other changes
* Port some minor changes from the rewrite to porting easier
* minor cleanups
* remove all "expected" data files - too unstable to be usable
* Add justfile to simplify running all the tests
* Save all PBF outputs to the text files
* Consolidate all tests to reuse the same code
* Consolidate database initialization
* updated readme with the new instructions
Note that while this PR creates "expected" files, the CI cannot validate
the generated results because the output is not stable. Eventually we
may try to output just the non-geometry values to have reasonable tests
comparing against the expected results.
This PR re-uses some ideas by @gbip from #448
* move all CI github workflow tests into the dedicated shell scripts
* consolitade two database initialization scripts into one
* Detect all unrecognized config file values, and report them. Ideally
we want to use `serde-ignored` crate, but it doesn't work with flattened
structs (yet). So using a bad workaround.
* CI test has been using all sorts of somewhat duplicated temporary pbf
files - cleaned up to `tmp.pbf`, and made sure curl only shows errors,
not download stats.
* In CI, crash psql instead of silently ignoring errors
* Don't serialize optional config values as nulls
* Tiny error message cleanup
Note that I manually published [maplibre/martin:latest](https://hub.docker.com/r/maplibre/martin) to docker, so it might be able to pass CI ok. I have not looked deeply into the existing CI workflow - @stepankuzmin any suggestions on changes to that? The github actions are now setup
P.S. I am not certain what that whole `brew/tap` thing is - don't know enough about Macs
