chore(beads): close P1-9e scope->ceiling mapping (oracle-qmwz.2.9.5) #4
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Real-Oracle integration matrix for oraclemcp (bead T-INTEG / oracle-qmwz.6.1, | ||
|
Check failure on line 1 in .github/workflows/oraclemcp-integration.yml
|
||
| # plan §12). Spins up a real Oracle, installs Instant Client, and runs the | ||
| # live-XE suite (`oraclemcp-db --features live-xe`) — connectivity, type | ||
| # fidelity, lease, pagination, preview — with structured `--nocapture` logging | ||
| # uploaded as verifiable evidence. | ||
| # | ||
| # Two tiers: | ||
| # * `xe-free` — gvenzl/oracle-free 23ai (no Oracle login; anonymous-PR | ||
| # friendly). Runs on push to main + manual dispatch. This is | ||
| # the "CI spins up XE, runs the live-XE suite green" gate. | ||
| # * `enterprise` — container-registry.oracle.com images for 23ai / 19c | ||
| # (needs an FUTC-accepted login secret). Runs on tag only. | ||
| # | ||
| # Version-gated feature columns (DRCP, JSON type, Kerberos, native MFA) light up | ||
| # in the enterprise tier as the corresponding features land; the suite runs | ||
| # whatever is implemented and skips-with-banner the rest (never a false green). | ||
| name: oraclemcp-integration (Oracle matrix) | ||
| on: | ||
| workflow_dispatch: | ||
| push: | ||
| branches: [main] | ||
| tags: | ||
| - "v*" | ||
| paths: | ||
| - "crates/oraclemcp-db/**" | ||
| - ".github/workflows/oraclemcp-integration.yml" | ||
| env: | ||
| CARGO_TERM_COLOR: always | ||
| # The live-xe suite reads these; defaults match the gvenzl no-auth image. | ||
| ORACLEMCP_TEST_DSN: "//localhost:1521/FREEPDB1" | ||
| ORACLEMCP_TEST_USER: "system" | ||
| jobs: | ||
| xe-free: | ||
| name: live-XE suite (Oracle Free 23ai, gvenzl) | ||
| # Skip on tag pushes (the enterprise job owns those). | ||
| if: ${{ !startsWith(github.ref, 'refs/tags/') }} | ||
| runs-on: ubuntu-latest | ||
| services: | ||
| oracle: | ||
| image: gvenzl/oracle-free:23-slim | ||
| ports: | ||
| - 1521:1521 | ||
| env: | ||
| ORACLE_PASSWORD: "DemoPlsqlIntel#2026" | ||
| options: >- | ||
| --health-cmd "healthcheck.sh" | ||
| --health-interval 20s | ||
| --health-timeout 10s | ||
| --health-retries 30 | ||
| --health-start-period 4m | ||
| env: | ||
| ORACLEMCP_TEST_PASSWORD: "DemoPlsqlIntel#2026" | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: dtolnay/rust-toolchain@stable | ||
| - uses: Swatinem/rust-cache@v2 | ||
| - name: Install Oracle Instant Client | ||
| run: | | ||
| sudo apt-get update -y | ||
| sudo apt-get install -y libaio1t64 || sudo apt-get install -y libaio1 | ||
| curl -L -o /tmp/instantclient.zip \ | ||
| https://download.oracle.com/otn_software/linux/instantclient/2370000/instantclient-basic-linux.x64-23.7.0.25.01.zip | ||
| sudo unzip -q /tmp/instantclient.zip -d /opt/oracle | ||
| sudo ln -sf /opt/oracle/instantclient_23_7 /opt/oracle/instantclient | ||
| echo "LD_LIBRARY_PATH=/opt/oracle/instantclient" >> "$GITHUB_ENV" | ||
| - name: Run the live-XE suite (structured logging) | ||
| run: | | ||
| set -o pipefail | ||
| cargo test -p oraclemcp-db --features live-xe -- --nocapture \ | ||
| 2>&1 | tee target/oraclemcp-live-xe.log | ||
| - name: Upload live-XE evidence log | ||
| if: always() | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: oraclemcp-live-xe-log | ||
| path: target/oraclemcp-live-xe.log | ||
| if-no-files-found: warn | ||
| enterprise: | ||
| name: live suite (enterprise ${{ matrix.label }}) | ||
| if: ${{ startsWith(github.ref, 'refs/tags/') }} | ||
| runs-on: ubuntu-latest | ||
| strategy: | ||
| fail-fast: false | ||
| matrix: | ||
| include: | ||
| - label: "23ai" | ||
| image: "container-registry.oracle.com/database/free:23.7.0.0-lite" | ||
| # 19c requires container-registry.oracle.com/database/enterprise:19.x | ||
| # (FUTC login). Enable once the registry secret is provisioned: | ||
| # - label: "19c" | ||
| # image: "container-registry.oracle.com/database/enterprise:19.3.0.0" | ||
| services: | ||
| oracle: | ||
| image: ${{ matrix.image }} | ||
| ports: | ||
| - 1521:1521 | ||
| env: | ||
| ORACLE_PWD: ${{ secrets.ORACLE_XE_PWD }} | ||
| ORACLE_CHARACTERSET: AL32UTF8 | ||
| options: >- | ||
| --health-cmd "echo 'select 1 from dual;' | sqlplus -s system/${{ secrets.ORACLE_XE_PWD }}@//localhost:1521/FREEPDB1 | grep -q 1" | ||
| --health-interval 30s | ||
| --health-timeout 10s | ||
| --health-retries 20 | ||
| --health-start-period 5m | ||
| env: | ||
| ORACLEMCP_TEST_PASSWORD: ${{ secrets.ORACLE_XE_PWD }} | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
| - uses: dtolnay/rust-toolchain@stable | ||
| - uses: Swatinem/rust-cache@v2 | ||
| - name: Install Oracle Instant Client | ||
| run: | | ||
| sudo apt-get update -y | ||
| sudo apt-get install -y libaio1t64 || sudo apt-get install -y libaio1 | ||
| curl -L -o /tmp/instantclient.zip \ | ||
| https://download.oracle.com/otn_software/linux/instantclient/2370000/instantclient-basic-linux.x64-23.7.0.25.01.zip | ||
| sudo unzip -q /tmp/instantclient.zip -d /opt/oracle | ||
| sudo ln -sf /opt/oracle/instantclient_23_7 /opt/oracle/instantclient | ||
| echo "LD_LIBRARY_PATH=/opt/oracle/instantclient" >> "$GITHUB_ENV" | ||
| - name: Smoke connectivity + live suite (${{ matrix.label }}) | ||
| run: | | ||
| set -o pipefail | ||
| cargo test -p oraclemcp-db --features live-xe -- --nocapture \ | ||
| 2>&1 | tee "target/oraclemcp-live-${{ matrix.label }}.log" | ||
| - name: Upload evidence log | ||
| if: always() | ||
| uses: actions/upload-artifact@v4 | ||
| with: | ||
| name: oraclemcp-live-${{ matrix.label }}-log | ||
| path: target/oraclemcp-live-${{ matrix.label }}.log | ||
| if-no-files-found: warn | ||
