From d12a25ba0322161561ec1696fb1e1b87d3d4f778 Mon Sep 17 00:00:00 2001 From: Dianjin Wang Date: Fri, 17 Nov 2023 11:57:13 +0800 Subject: [PATCH] Add basic community files (#1) --- .github/ISSUE_TEMPLATE/bug-report.yml | 63 +++++++++ .github/ISSUE_TEMPLATE/config.yml | 14 ++ .github/pull_request_template.md | 20 +++ CODE-OF-CONDUCT.md | 149 +++++++++++++------- CONTRIBUTING.md | 122 ++++++++++------- LICENSE | 25 ++++ Makefile | 6 +- NOTICE | 23 ++++ README.md | 73 ++++++---- SECURITY.md | 189 +++++++++----------------- 10 files changed, 435 insertions(+), 249 deletions(-) create mode 100644 .github/ISSUE_TEMPLATE/bug-report.yml create mode 100644 .github/ISSUE_TEMPLATE/config.yml create mode 100644 .github/pull_request_template.md diff --git a/.github/ISSUE_TEMPLATE/bug-report.yml b/.github/ISSUE_TEMPLATE/bug-report.yml new file mode 100644 index 00000000..965783d2 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug-report.yml @@ -0,0 +1,63 @@ +name: "\U0001F41B Bug Report" +description: Problems and issues with code in gp-common-go-libs for CloudberryDB. +title: "[Bug] " +labels: ["type: Bug"] +body: + - type: markdown + attributes: + value: "Thank you for reporting the problem! We really appreciate your efforts to improve Cloudberry Database. Before reporting it, please (ideally) test on the latest release or main to see if the issue is fixed." + - type: textarea + attributes: + label: Cloudberry Database version + description: What version are you using? + - type: textarea + attributes: + label: What happened + description: Describe what happened. + placeholder: > + Please provide the context in which the problem occurred and explain what happened + validations: + required: true + - type: textarea + attributes: + label: What you think should happen instead + description: What do you think went wrong? + placeholder: > + Please explain why you think the behavior is erroneous. It is extremely helpful if you copy&paste the fragment of logs showing the exact error messages or wrong behavior. If you can provide some screenshots or videos, you can include files by dragging and dropping them here. + - type: textarea + attributes: + label: How to reproduce + description: > + What should we do to reproduce the problem? Any SQL commands or operations? + placeholder: > + Please make sure you provide a reproducible step-by-step case of how to reproduce the problem as minimally and precisely as possible. Remember that non-reproducible issues will be closed! Opening a discussion is recommended as a first step. + - type: input + attributes: + label: Operating System + description: What Operating System are you using? + placeholder: "You can get it via `cat /etc/os-release` for example" + - type: textarea + attributes: + label: Anything else + description: Anything else we need to know? + placeholder: > + How often does this problem occur? (Once? Every time? Only when certain conditions are met?) Any relevant logs to include? Put them here. + - type: checkboxes + attributes: + label: Are you willing to submit PR? + description: > + This is absolutely not required, but we are happy to guide you in the contribution process, especially if you already understand how to implement the fix. + options: + - label: Yes, I am willing to submit a PR! + - type: checkboxes + attributes: + label: Code of Conduct + description: The Code of Conduct helps create a safe space for everyone. We require that everyone agrees to it. + options: + - label: > + I agree to follow this project's + [Code of Conduct](https://cloudberrydb.org/community/coc). + required: true + - type: markdown + attributes: + value: "Thanks for completing our form!" diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 00000000..a3a57eb1 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,14 @@ +blank_issues_enabled: false +contact_links: + - name: πŸ™πŸ» Q&A + url: https://github.com/orgs/cloudberrydb/discussions/categories/q-a + about: Ask for help when running/developing Cloudberry Database. + - name: πŸ’‘οΈ New Ideas / Feature Requests + url: https://github.com/orgs/cloudberrydb/discussions/categories/ideas-feature-requests + about: Share ideas for new features. + - name: πŸŽ™οΈ Submit Your Proposal + url: https://github.com/orgs/cloudberrydb/discussions/categories/proposal + about: As a developer, proposing any major change or enhancement to Cloudberry Database. + - name: πŸ’¬οΈ Join Slack for Real-time Chat + url: https://communityinviter.com/apps/cloudberrydb/welcome + about: Real-time chat including QA, Dev, Events and more. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 00000000..0dfb7e84 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,20 @@ + + +fix #ISSUE_Number + + +--- + +## Change logs + +> Describe your change clearly, including what problem is being solved or what document is being added or updated. + +## Contributor's checklist + +Here are some reminders before you submit your pull request: + +* Make sure that your Pull Request has a clear title and commit message. You can take the [Git commit template](https://github.com/cloudberrydb/cloudberrydb/blob/main/.gitmessage) as a reference. +* Sign the Contributor License Agreement as prompted for your first-time contribution (*One-time setup*). +* Learn the [code contribution](https://cloudberrydb.org/contribute/code) and [doc contribution](https://cloudberrydb.org/contribute/doc) guides for better collaboration. +* List your communications in the [GitHub Issues](https://github.com/cloudberrydb/cloudberrydb-site/issues) or [Discussions](https://github.com/orgs/cloudberrydb/discussions) (if has or needed). +* Feel free to ask for the cloudberrydb team to help review and approve. diff --git a/CODE-OF-CONDUCT.md b/CODE-OF-CONDUCT.md index 69290a9f..922d7f50 100644 --- a/CODE-OF-CONDUCT.md +++ b/CODE-OF-CONDUCT.md @@ -2,77 +2,130 @@ ## Our Pledge -In the interest of fostering an open and welcoming environment, we as -contributors and maintainers pledge to making participation in the -Greenplum Database Backup project and our community a harassment-free -experience for everyone, regardless of age, body size, disability, -ethnicity, sex characteristics, gender identity and expression, level -of experience, education, socio-economic status, nationality, personal -appearance, race, religion, or sexual identity and orientation. +We as members, contributors, and leaders pledge to make participation in our +community a harassment-free experience for everyone, regardless of age, body +size, visible or invisible disability, ethnicity, sex characteristics, gender +identity and expression, level of experience, education, socio-economic status, +nationality, personal appearance, race, caste, color, religion, or sexual +identity and orientation. + +We pledge to act and interact in ways that contribute to an open, welcoming, +diverse, inclusive, and healthy community. ## Our Standards -Examples of behavior that contributes to creating a positive environment -include: +Examples of behavior that contributes to a positive environment for our +community include: -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members +* Demonstrating empathy and kindness toward other people +* Being respectful of differing opinions, viewpoints, and experiences +* Giving and gracefully accepting constructive feedback +* Accepting responsibility and apologizing to those affected by our mistakes, + and learning from the experience +* Focusing on what is best not just for us as individuals, but for the overall + community -Examples of unacceptable behavior by participants include: +Examples of unacceptable behavior include: -* The use of sexualized language or imagery and unwelcome sexual attention or - advances -* Trolling, insulting/derogatory comments, and personal or political attacks +* The use of sexualized language or imagery, and sexual attention or advances of + any kind +* Trolling, insulting or derogatory comments, and personal or political attacks * Public or private harassment -* Publishing others' private information, such as a physical or electronic - address, without explicit permission +* Publishing others' private information, such as a physical or email address, + without their explicit permission * Other conduct which could reasonably be considered inappropriate in a professional setting -## Our Responsibilities +## Enforcement Responsibilities -Project maintainers are responsible for clarifying the standards of acceptable -behavior and are expected to take appropriate and fair corrective action in -response to any instances of unacceptable behavior. +Community leaders are responsible for clarifying and enforcing our standards of +acceptable behavior and will take appropriate and fair corrective action in +response to any behavior that they deem inappropriate, threatening, offensive, +or harmful. -Project maintainers have the right and responsibility to remove, edit, or -reject comments, commits, code, wiki edits, issues, and other contributions -that are not aligned to this Code of Conduct, or to ban temporarily or -permanently any contributor for other behaviors that they deem inappropriate, -threatening, offensive, or harmful. +Community leaders have the right and responsibility to remove, edit, or reject +comments, commits, code, wiki edits, issues, and other contributions that are +not aligned to this Code of Conduct, and will communicate reasons for moderation +decisions when appropriate. ## Scope -This Code of Conduct applies both within project spaces and in public spaces -when an individual is representing the project or its community. Examples of -representing a project or community include using an official project e-mail -address, posting via an official social media account, or acting as an appointed -representative at an online or offline event. Representation of a project may be -further defined and clarified by project maintainers. +This Code of Conduct applies within all community spaces, and also applies when +an individual is officially representing the community in public spaces. +Examples of representing our community include using an official e-mail address, +posting via an official social media account, or acting as an appointed +representative at an online or offline event. ## Enforcement Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported by contacting the project team at oss-coc@vmware.com. All -complaints will be reviewed and investigated and will result in a response that -is deemed necessary and appropriate to the circumstances. The project team is -obligated to maintain confidentiality with regard to the reporter of an incident. -Further details of specific enforcement policies may be posted separately. +reported to the community leaders responsible for enforcement at info@cloudberrydb.org. +All complaints will be reviewed and investigated promptly and fairly. + +All community leaders are obligated to respect the privacy and security of the +reporter of any incident. + +## Enforcement Guidelines + +Community leaders will follow these Community Impact Guidelines in determining +the consequences for any action they deem in violation of this Code of Conduct: + +### 1. Correction + +**Community Impact**: Use of inappropriate language or other behavior deemed +unprofessional or unwelcome in the community. + +**Consequence**: A private, written warning from community leaders, providing +clarity around the nature of the violation and an explanation of why the +behavior was inappropriate. A public apology may be requested. + +### 2. Warning + +**Community Impact**: A violation through a single incident or series of +actions. -Project maintainers who do not follow or enforce the Code of Conduct in good -faith may face temporary or permanent repercussions as determined by other -members of the project's leadership. +**Consequence**: A warning with consequences for continued behavior. No +interaction with the people involved, including unsolicited interaction with +those enforcing the Code of Conduct, for a specified period of time. This +includes avoiding interactions in community spaces as well as external channels +like social media. Violating these terms may lead to a temporary or permanent +ban. + +### 3. Temporary Ban + +**Community Impact**: A serious violation of community standards, including +sustained inappropriate behavior. + +**Consequence**: A temporary ban from any sort of interaction or public +communication with the community for a specified period of time. No public or +private interaction with the people involved, including unsolicited interaction +with those enforcing the Code of Conduct, is allowed during this period. +Violating these terms may lead to a permanent ban. + +### 4. Permanent Ban + +**Community Impact**: Demonstrating a pattern of violation of community +standards, including sustained inappropriate behavior, harassment of an +individual, or aggression toward or disparagement of classes of individuals. + +**Consequence**: A permanent ban from any sort of public interaction within the +community. ## Attribution -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, -available at https://www.contributor-covenant.org/version/1/4/code-of-conduct.html +This Code of Conduct is adapted from the [Contributor Covenant][homepage], +version 2.1, available at +[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1]. -[homepage]: https://www.contributor-covenant.org +Community Impact Guidelines were inspired by +[Mozilla's code of conduct enforcement ladder][Mozilla CoC]. -For answers to common questions about this code of conduct, see -https://www.contributor-covenant.org/faq +For answers to common questions about this code of conduct, see the FAQ at +[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at +[https://www.contributor-covenant.org/translations][translations]. +[homepage]: https://www.contributor-covenant.org +[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html +[Mozilla CoC]: https://github.com/mozilla/diversity +[FAQ]: https://www.contributor-covenant.org/faq +[translations]: https://www.contributor-covenant.org/translations diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index a5fd35fd..75705f2f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,62 +1,84 @@ -# Contributing - -We warmly welcome and greatly appreciate contributions from the -community. By participating you agree to the [code of -conduct](https://github.com/greenplum-db/gpbackup/blob/main/CODE-OF-CONDUCT.md). -Overall, we follow GPDB's comprehensive contribution policy. Please -refer to it [here](https://github.com/greenplum-db/gpdb#contributing) -for details. - -## Getting Started - -* Sign our [Contributor License Agreement](https://cla.pivotal.io/sign/greenplum) -* Fork the gpbackup repository on GitHub -* Run `go get github.com/greenplum-db/gpbackup/...` and add your fork as a remote -* Run `make depend` to install required dependencies -* Follow the README to set up your environment and run the tests - -## Creating a change - -* Create your own feature branch (e.g. `git checkout -b - gpbackup_branch`) and make changes on this branch. -* Try and follow similar coding styles as found throughout the code - base. -* Make commits as logical units for ease of reviewing. -* Rebase with main often to stay in sync with upstream. +Cloudberry Database community welcomes contributions from anyone, new and +experienced! We appreciate your interest in contributing. This guide will help +you get started with the contribution. + +## Code of Conduct + +Everyone who participates in Cloudberry Database, either as a user or a +contributor, is obliged to follow our community [Code of +Conduct](./CODE_OF_CONDUCT.md). Every violation against it will be reviewed +and investigated and will result in a response that is deemed necessary and +appropriate to the circumstances. The moderator team is obligated to maintain +confidentiality regarding the reporter of an incident. + +Some behaviors that contribute to creating a positive environment include: + +* Use welcoming and inclusive language. +* Respect differing viewpoints and experiences. +* Accept constructive criticism gracefully. +* Foster what's best for the community. +* Show empathy for community members. + +## GitHub Contribution Workflow + +1. Fork this repo to your own GitHub account. +2. Clone down the repo to your local system. + +``` +git clone https://github.com/your-user-name/gpbackup.git +``` + +3. Add the upstream repo. (You only have to do this once, not every time.) + +``` +git remote add upstream https://github.com/cloudberrydb/gpbackup.git +``` + +4. Create a new branch to hold your work. + +``` +git checkout -b new-branch-name +``` + +5. Work on your new code. + * Add new tests to cover your code. We use [Ginkgo](http://onsi.github.io/ginkgo/) and [Gomega](https://onsi.github.io/gomega/) for testing. -* Ensure a well written commit message as explained - [here](https://chris.beams.io/posts/git-commit/). -* Run `make format`, `make test`, and `make end_to_end` in your - feature branch and ensure they are successful. -* Push your local branch to the fork (e.g. `git push - gpbackup_branch`) +* Run `make format`, `make test`, and `make end_to_end` in your feature branch + and ensure they are successful. -## Submitting a Pull Request +6. Commit your changes. -* Create a [pull request from your - fork](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request-from-a-fork). -* Address PR feedback with fixup and/or squash commits: ``` -git add . -git commit --fixup - -- or -- -git commit --squash +git add +git commit ``` -* Once approved, before merging into main squash your fixups with: + +7. Push your changes to your GitHub repo. + ``` -git rebase -i --autosquash origin/main -git push --force-with-lease $USER +git push origin new-branch-name ``` -Your contribution will be analyzed for product fit and engineering -quality prior to merging. Your pull request is much more likely to be -accepted if it is small and focused with a clear message that conveys -the intent of your change. +8. Open a PR(Pull Request). + +Go to the repo on GitHub. There will be a message about your recently pushed +branch, asking if you would like to open a pull request. Follow the prompts, +compare across repositories, and submit the PR. -## Community +9. Get your code reviewed. +10. Congratulations! Once your PR is approved, and passes the CI/CD without +errors, then the code will be merged. Your code will be shipped in the recent +future releases. -Connect with Greenplum on: -* [Slack](https://greenplum.slack.com/) -* [Dev Google Group mailing list](https://groups.google.com/a/greenplum.org/forum/#!forum/gpdb-dev/join) +## Sync your branch with the upstream + +Before working on your next contribution, make sure your local repository is +up to date: + +``` +git checkout main +git fetch upstream +git rebase upstream/main +``` \ No newline at end of file diff --git a/LICENSE b/LICENSE index d9a10c0d..261eeb9e 100644 --- a/LICENSE +++ b/LICENSE @@ -174,3 +174,28 @@ of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/Makefile b/Makefile index 1e7735f6..eecfb673 100644 --- a/Makefile +++ b/Makefile @@ -12,9 +12,9 @@ VERSION="1.2.7-beta1+dev.7" BIN_DIR=$(shell echo $${GOPATH:-~/go} | awk -F':' '{ print $$1 "/bin"}') GINKGO_FLAGS := -r GIT_VERSION := $(shell git describe --tags | perl -pe 's/(.*)-([0-9]*)-(g[0-9a-f]*)/\1+dev.\2.\3/') -BACKUP_VERSION_STR=github.com/greenplum-db/gpbackup/backup.version=$(VERSION) -RESTORE_VERSION_STR=github.com/greenplum-db/gpbackup/restore.version=$(VERSION) -HELPER_VERSION_STR=github.com/greenplum-db/gpbackup/helper.version=$(VERSION) +BACKUP_VERSION_STR=github.com/cloudberrydb/gpbackup/backup.version=$(VERSION) +RESTORE_VERSION_STR=github.com/cloudberrydb/gpbackup/restore.version=$(VERSION) +HELPER_VERSION_STR=github.com/cloudberrydb/gpbackup/helper.version=$(VERSION) # note that /testutils is not a production directory, but has unit tests to validate testing tools SUBDIRS_HAS_UNIT=backup/ filepath/ history/ helper/ options/ report/ restore/ toc/ utils/ testutils/ diff --git a/NOTICE b/NOTICE index 949eac52..73e9bfd3 100644 --- a/NOTICE +++ b/NOTICE @@ -1,3 +1,26 @@ +gpbackup for CloudberryDB + +Portions Copyright 2016-2023 HashData Technology Limited. or its affiliates. +All Rights Reserved. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +This product may include a number of subcomponents with separate copyright +notices and license terms. Your use of these subcomponents is subject to the +terms and conditions of the subcomponent's license. + +----------------------------------------------------------------------- + Greenplum Database Backup Copyright 2017-Present VMware, Inc. or its affiliates. All Rights Reserved. diff --git a/README.md b/README.md index edacb235..efc26bcc 100644 --- a/README.md +++ b/README.md @@ -1,15 +1,28 @@ -# Greenplum Backup +# gpbackup for CloudberryDB -`gpbackup` and `gprestore` are Go utilities for performing Greenplum Database backups. They are still currently in active development. +[![Slack](https://img.shields.io/badge/Join_Slack-6a32c9)](https://communityinviter.com/apps/cloudberrydb/welcome) +[![Twitter Follow](https://img.shields.io/twitter/follow/cloudberrydb)](https://twitter.com/cloudberrydb) +[![Website](https://img.shields.io/badge/Visit%20Website-eebc46)](https://cloudberrydb.org) +[![GitHub Discussions](https://img.shields.io/github/discussions/cloudberrydb/cloudberrydb)](https://github.com/orgs/cloudberrydb/discussions) +![GitHub License](https://img.shields.io/github/license/cloudberrydb/gpbackup) + +--- + +`gpbackup` and `gprestore` are Go utilities for performing Greenplum database +backups, which are developed by Greenplum Database team. This repo is a fork +of gpbackup, dedicated to support CloduberryDB 1.0+. You will feel no change +using gpbackup in CloudberryDB just as well in Greenplum. ## Pre-Requisites -The project requires the Go Programming language version 1.11 or higher. Follow the directions [here](https://golang.org/doc/) for installation, usage and configuration instructions. +The project requires the Go Programming language version 1.11 or higher. +Follow the directions [here](https://golang.org/doc/) for installation, usage +and configuration instructions. ## Downloading ```bash -go get github.com/greenplum-db/gpbackup/... +go get github.com/cloudberrydb/gpbackup/... ``` This will place the code in `$GOPATH/github.com/greenplum-db/gpbackup`. @@ -60,7 +73,8 @@ To run only unit tests, use make unit ``` To run only integration tests (requires a running GPDB instance), use -```bash + +``` make integration ``` @@ -69,7 +83,8 @@ To run end to end tests (requires a running GPDB instance), use make end_to_end ``` -**We provide the following targets to help developers ensure their code fits Go standard formatting guidelines.** +**We provide the following targets to help developers ensure their code fits +Go standard formatting guidelines.** To run a linting tool that checks for basic coding errors, use ```bash @@ -84,8 +99,11 @@ To automatically format your code and add/remove imports, use ```bash make format ``` -This target runs [goimports](https://godoc.org/golang.org/x/tools/cmd/goimports) and [gofmt](https://golang.org/cmd/gofmt/). -We will only accept code that has been formatted using this target or an equivalent `gofmt` call. + +This target runs +[goimports](https://godoc.org/golang.org/x/tools/cmd/goimports) and +[gofmt](https://golang.org/cmd/gofmt/). We will only accept code that has been +formatted using this target or an equivalent `gofmt` call. ## Running the utilities @@ -108,18 +126,13 @@ To remove the compiled binaries and other generated files, run make clean ``` -# More Information - -The Greenplum Backup [wiki](https://github.com/greenplum-db/gpbackup/wiki) for this project has several articles providing a more in-depth explanation of certain aspects of gpbackup and gprestore. - -# How to Contribute - -See [CONTRIBUTING.md file](https://github.com/greenplum-db/gpbackup/blob/master/CONTRIBUTING.md). - # Code Formatting -We use `goimports` to format go code. See https://godoc.org/golang.org/x/tools/cmd/goimports -The following command formats the gpbackup codebase excluding the vendor directory and also lists the files updated. +We use `goimports` to format go code. See +https://godoc.org/golang.org/x/tools/cmd/goimports The following command +formats the gpbackup codebase excluding the vendor directory and also lists +the files updated. + ```bash goimports -w -l $(find . -type f -name '*.go' -not -path "./vendor/*") ``` @@ -128,8 +141,8 @@ goimports -w -l $(find . -type f -name '*.go' -not -path "./vendor/*") ## Dummy Security Label module is not installed or configured -If you see errors in many integration tests (below), review the -Validation and code quality [Test setup](#Test setup) section above: +If you see errors in many integration tests (below), review the Validation and +code quality [Test setup](#Test setup) section above: ``` SECURITY LABEL FOR dummy ON TYPE public.testtype IS 'unclassified'; @@ -142,9 +155,9 @@ SECURITY LABEL FOR dummy ON TYPE public.testtype IS 'unclassified'; ## Tablespace already exists -If you see errors indicating the `test_tablespace` tablespace already -exists (below), execute `psql postgres -c 'DROP TABLESPACE -test_tablespace'` to cleanup the environment and rerun the tests. +If you see errors indicating the `test_tablespace` tablespace already exists +(below), execute `psql postgres -c 'DROP TABLESPACE test_tablespace'` to +cleanup the environment and rerun the tests. ``` CREATE TABLESPACE test_tablespace LOCATION '/tmp/test_dir' @@ -154,3 +167,17 @@ test_tablespace'` to cleanup the environment and rerun the tests. Code: "42710", Message: "tablespace \"test_tablespace\" already exists", ``` + +## How to Contribute + +See [CONTRIBUTING.md file](./CONTRIBUTING.md). + +## License + +Licensed under Apache License Version 2.0. For more details, please refer to +the [LICENSE](./LICENSE). + +## Acknowledgment + +Thanks to all the Greenplum Backup contributors, more details in its [GitHub +page](https://github.com/greenplum-db/gpbackup). \ No newline at end of file diff --git a/SECURITY.md b/SECURITY.md index fabbb9d2..36b48877 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -1,125 +1,64 @@ -# Security Release Process - -Greenplum Database has adopted this security disclosure and response policy to -ensure we responsibly handle critical issues. - -## Reporting a Vulnerability - Private Disclosure Process - -Security is of the highest importance and all security vulnerabilities or -suspected security vulnerabilities should be reported to Greenplum Database -privately, to minimize attacks against current users of Greenplum Database -before they are fixed. Vulnerabilities will be investigated and patched on the -next patch (or minor) release as soon as possible. This information could be -kept entirely internal to the project. - -If you know of a publicly disclosed security vulnerability for Greenplum -Database, please **IMMEDIATELY** contact the Greenplum Database project team -(security@greenplum.org). - -**IMPORTANT: Do not file public issues on GitHub for security vulnerabilities!** - -To report a vulnerability or a security-related issue, please contact the email -address with the details of the vulnerability. The email will be fielded by the -Greenplum Database project team. Emails will be addressed promptly, including a -detailed plan to investigate the issue and any potential workarounds to perform -in the meantime. Do not report non-security-impacting bugs through this -channel. Use [GitHub issues](https://github.com/greenplum-db/gpdb/issues) -instead. - -## Proposed Email Content - -Provide a descriptive subject line and in the body of the email include the -following information: - -* Basic identity information, such as your name and your affiliation or company. -* Detailed steps to reproduce the vulnerability (POC scripts, screenshots, and - logs are all helpful to us). -* Description of the effects of the vulnerability on Greenplum Database and the - related hardware and software configurations, so that the Greenplum Database - project team can reproduce it. -* How the vulnerability affects Greenplum Database usage and an estimation of - the attack surface, if there is one. -* List other projects or dependencies that were used in conjunction with - Greenplum Database to produce the vulnerability. - -## When to report a vulnerability - -* When you think Greenplum Database has a potential security vulnerability. -* When you suspect a potential vulnerability but you are unsure that it impacts - Greenplum Database. -* When you know of or suspect a potential vulnerability on another project that - is used by Greenplum Database. - -## Patch, Release, and Disclosure - -The Greenplum Database project team will respond to vulnerability reports as -follows: - -1. The Greenplum project team will investigate the vulnerability and determine -its effects and criticality. -2. If the issue is not deemed to be a vulnerability, the Greenplum project team -will follow up with a detailed reason for rejection. -3. The Greenplum project team will initiate a conversation with the reporter -promptly. -4. If a vulnerability is acknowledged and the timeline for a fix is determined, -the Greenplum project team will work on a plan to communicate with the -appropriate community, including identifying mitigating steps that affected -users can take to protect themselves until the fix is rolled out. -5. The Greenplum project team will also create a -[CVSS](https://www.first.org/cvss/specification-document) using the [CVSS -Calculator](https://www.first.org/cvss/calculator/3.0). The Greenplum project -team makes the final call on the calculated CVSS; it is better to move quickly -than making the CVSS perfect. Issues may also be reported to -[Mitre](https://cve.mitre.org/) using this [scoring -calculator](https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator). The CVE will -initially be set to private. -6. The Greenplum project team will work on fixing the vulnerability and perform -internal testing before preparing to roll out the fix. -7. A public disclosure date is negotiated by the Greenplum Database project -team, and the bug submitter. We prefer to fully disclose the bug as soon as -possible once a user mitigation or patch is available. It is reasonable to -delay disclosure when the bug or the fix is not yet fully understood, or the -solution is not well-tested. The timeframe for disclosure is from immediate -(especially if it’s already publicly known) to a few weeks. The Greenplum -Database project team holds the final say when setting a public disclosure -date. -8. Once the fix is confirmed, the Greenplum project team will patch the -vulnerability in the next patch or minor release, and backport a patch release -into earlier supported releases as necessary. Upon release of the patched -version of Greenplum Database, we will follow the **Public Disclosure -Process**. - -## Public Disclosure Process - -The Greenplum project team publishes a [public -advisory](https://github.com/greenplum-db/gpdb/security/advisories?state=published) -to the Greenplum Database community via GitHub. In most cases, additional -communication via Slack, Twitter, mailing lists, blog and other channels will -assist in educating Greenplum Database users and rolling out the patched -release to affected users. - -The Greenplum project team will also publish any mitigating steps users can -take until the fix can be applied to their Greenplum Database instances. - -## Mailing lists - -* Use security@greenplum.org to report security concerns to the Greenplum - Database project team, who uses the list to privately discuss security issues - and fixes prior to disclosure. - -## Confidentiality, integrity and availability - -We consider vulnerabilities leading to the compromise of data confidentiality, -elevation of privilege, or integrity to be our highest priority concerns. -Availability, in particular in areas relating to DoS and resource exhaustion, -is also a serious security concern. The Greenplum Database project team takes -all vulnerabilities, potential vulnerabilities, and suspected vulnerabilities -seriously and will investigate them in an urgent and expeditious manner. - -Note that we do not currently consider the default settings for Greenplum -Database to be secure-by-default. It is necessary for operators to explicitly -configure settings, role based access control, and other resource related -features in Greenplum Database to provide a hardened Greenplum Database -environment. We will not act on any security disclosure that relates to a lack -of safe defaults. Over time, we will work towards improved safe-by-default -configuration, taking into account backwards compatibility. +Thanks for helping make Cloudberry Database safe! + +--- + +## Reporting Security Issues + +To report a security issue, please email +[security@cloudberrydb.org](mailto:security@cloudberrydb.org). This +project follows a 90-day disclosure timeline. We will publish the +[security +advisories](https://github.com/cloudberrydb/cloudberrydb/security/advisories) +via GitHub. + +You should receive a response within 2 weeks. If for some reason you +do not, please follow up via email to ensure we received your original +message. + +Please include the requested information listed below (as much as you +can provide) to help us better understand the nature and scope of the +possible issue: + +* Type of issue (e.g. buffer overflow, SQL injection, cross-site + scripting, etc.) +* Full paths of source file(s) related to the manifestation of the + issue +* The location of the affected source code (tag/branch/commit or + direct URL) +* Any special configuration required to reproduce the issue +* Step-by-step instructions to reproduce the issue +* Proof-of-concept or exploit code (if possible) +* Impact of the issue, including how an attacker might exploit the + issue + +This information will help us triage your report more quickly. + +## Do not + +For better collaboration, we hope you: + +- Do not file public issues on GitHub for security vulnerabilities. +- Do not report non-security-impacting bugs through this channel. If + you have any questions on using, development, please use [GitHub + Issues, Discussions or + Slack](https://github.com/cloudberrydb/cloudberrydb/issues/new/choose) + instead. + +## Handling Process + +Here's an overview of the security issues handling process: + +* The reporter reports the security issues to the Cloudberry Database + team. +* The Cloudberry Database team investigates the report and decides to + accept or reject the report. If our team rejects the report, the + team will explain why to the reporter. If we accept the report, our + team will work privately with the reporter to fix the security + issues. +* Release the new version of the Cloudberry Database that includes the + fix. +* Public the security issues. + +## Preferred Languages + +We prefer all communications to be in English.