zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-08-03 08:22:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

Enhance the test for forbidden Schema changes (#815)

Browse source 
* Enhance the test for forbidden Schema changes

Current test is git-based. It is difficult to maintain and does not
catch out-of-order version numbers. It is also more aggressive than
necessary, failing on changes to submitted scripts that have not been
deployed yet.

The new test starts a database, deploys the current schema to it,
then deploys the set of Flyway scripts in this repository to the database.
This commit is contained in:
Weimin Yu 2020-09-24 12:31:08 -04:00 committed by GitHub
parent aa217c2fcd
commit 959c7f7899
7 changed files with 115 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

35
integration/run_schema_check.sh
View file

@ -25,12 +25,13 @@ $(basename "$0") OPTIONS
Checks for post-deployment change to Flyway scripts.
With Flyway, once an incremental change script is deployed, it must not be
changed. Even changes to comments or whitespaces would cause validation
failures during future deployment. This script checks for changes (including
removal and renaming which may happen due to incorrect merge conflict
resolution) to scripts that have already been deployed to Sandbox. The
assumption is that the schema in Sandbox is always newer than that in
production.
edited, renamed, or deleted. This script checks for changes to scripts that have
already been deployed to Sandbox. The assumption is that the schema in Sandbox
is always at least as recent as that in production. Please refer to Gradle task
:db:schemaIncrementalDeployTest for more information.
Note that this test MAY fail to catch forbidden changes during the period when
a new schema release is created but not yet deployed to Sandbox.
A side-effect of this check is that old branches missing recently deployed
scripts must update first.
@ -65,16 +66,14 @@ fi
sandbox_tag=$(fetchVersion sql sandbox ${DEV_PROJECT})
echo "Checking Flyway scripts against schema in Sandbox (${sandbox_tag})."
modified_sqls=$(git diff --name-status ${sandbox_tag} \
db/src/main/resources/sql/flyway | grep "^M\|^D\|^R" | grep \.sql$ | wc -l)
if [[ ${modified_sqls} = 0 ]]; then
echo "No illegal change to deployed schema scripts."
exit 0
else
echo "Changes to the following files are not allowed:"
echo $(git diff --name-status ${sandbox_tag} \
db/src/main/resources/sql/flyway | grep "^M\|^D\|^R" | grep \.sql$)
echo "Make sure your branch is up to date with HEAD of master."
exit 1
fi
# The URL of the Maven repo on GCS for the publish_repo parameter must use the
# https scheme (https://storage.googleapis.com/{BUCKET}/{PATH}) in order to work
# with Kokoro. Gradle's alternative gcs scheme does not work on Kokoro: a GCP
# credential with proper scopes for GCS access is required even for public
# buckets, however, Kokoro VM instances are not set up with such credentials.
# Incidentally, gcs can be used on Cloud Build.
(cd ${SCRIPT_DIR}/..; \
./gradlew :db:schemaIncrementalDeployTest \
-PbaseSchemaTag=${sandbox_tag} \
-Ppublish_repo=https://storage.googleapis.com/${DEV_PROJECT}-deployed-tags/maven)