Restore GCP Provider

.github/workflows/run-tests.yaml

@@ -26,11 +26,16 @@ jobs:
 
       - name: Install dependencies
         run: mvn install -DskipTests
+
+      - name: Set GCP environment variables
+        run : |
+          echo "GOOGLE_APPLICATION_CREDENTIALS=$HOME/.gcp/config.json" >> $GITHUB_ENV
 
       - name: Prepare certificate and properties files
         run: |
           mkdir -p $HOME/.azure
           mkdir -p $HOME/.oci
+          mkdir -p $HOME/.gcp
 
           # Prepare certificate
           echo "${{ secrets.TEST_AZURE_CERTIFICATE }}" > $HOME/.azure/ojdbc-plugin-test-app.pem
@@ -113,6 +118,10 @@ jobs:
           OCI_NON_BASE64_TNS_NAMES_OCID=${{ secrets.OCI_NON_BASE64_TNS_NAMES_OCID }}\n
           " >> ojdbc-provider-oci/test.properties
 
+          # Generate GCP config
+          echo "${{ secrets.TEST_GCP_CONFIG }}" > $HOME/.gcp/config.json
+          echo "${{ secrets.GCP_TEST_PROPERTIES }}" > ojdbc-provider-gcp/test.properties
+
       - name: Run tests with Maven
         run: mvn -B test --file pom.xml
 
@@ -125,3 +134,6 @@ jobs:
           rm $HOME/.azure/ojdbc-plugin-test-app.pem
           rm ojdbc-provider-azure/ojdbc-provider-test-app.pfx
           rm ojdbc-provider-azure/test.properties
+
+          rm $HOME/.gcp/config.json
+          rm ojdbc-provider-gcp/test.properties

README.md

@@ -11,6 +11,8 @@ contain providers for a particular cloud platform:
 <dd>Providers for integration with Oracle Cloud Infrastructure (OCI)</dd>
 <dt><a href="ojdbc-provider-azure/README.md">Oracle JDBC Azure Providers</a></dt>
 <dd>Providers for integration with Microsoft Azure</dd>
+<dt><a href="ojdbc-provider-gcp/README.md">Oracle JDBC GCP Providers</a></dt>
+<dd>Providers for integration with Google Cloud Platform</dd>
 </dl>
 And the last one contains a provider for Open Telemetry:
 <dl>
@@ -120,6 +122,8 @@ this project:
 
 [ojdbc-provider-azure](ojdbc-provider-azure/README.md#installation)
 
+[ojdbc-provider-gcp](ojdbc-provider-gcp/README.md#installation)
+
 [ojdbc-provider-opentelemetry](ojdbc-provider-opentelemetry/README.md#installation)
 
 Each module listed above is distributed on the Maven Central Repository as a

ojdbc-provider-gcp/example-secret-manager-wallet.properties

@@ -0,0 +1,77 @@
+################################################################################
+# Copyright (c) 2024 Oracle and/or its affiliates.
+#
+# The Universal Permissive License (UPL), Version 1.0
+#
+# Subject to the condition set forth below, permission is hereby granted to any
+# person obtaining a copy of this software, associated documentation and/or data
+# (collectively the "Software"), free of charge and under any and all copyright
+# rights in the Software, and any and all patent rights owned or freely
+# licensable by each licensor hereunder covering either (i) the unmodified
+# Software as contributed to or provided by such licensor, or (ii) the Larger
+# Works (as defined below), to deal in both
+#
+# (a) the Software, and
+# (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+# one is included with the Software (each a "Larger Work" to which the Software
+# is contributed by such licensors),
+#
+# without restriction, including without limitation the rights to copy, create
+# derivative works of, display, perform, and distribute the Software and make,
+# use, sell, offer for sale, import, export, have made, and have sold the
+# Software and the Larger Work(s), and to sublicense the foregoing rights on
+# either these or other terms.
+#
+# This license is subject to the following condition:
+# The above copyright notice and either this complete permission notice or at
+# a minimum a reference to the UPL must be included in all copies or
+# substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+################################################################################
+
+# An example of a connection properties file that configures Oracle JDBC to
+# obtain a TLS wallet and SEPS credentials from GCP Secret Manager.
+#
+# This file can be located by Oracle JDBC using the "oracle.jdbc.config.file"
+# connection property. For details, see:
+# https://docs.oracle.com/en/database/oracle/oracle-database/23/jajdb/oracle/jdbc/OracleConnection.html#CONNECTION_PROPERTY_CONFIG_FILE
+
+# Configures the GCP Secret Manager TLS (TCPS) File Provider. The secret version name is
+# configured as an environment variable or JVM system property named "GCP_TLS_WALLET_SECRET_VERSION":
+oracle.jdbc.provider.tlsConfiguration=ojdbc-provider-gcp-secretmanager-tls
+oracle.jdbc.provider.tlsConfiguration.secretVersionName=${GCP_TLS_WALLET_SECRET_VERSION}
+
+# Configures the GCP Secret Manager TLS File Password Provider. The password for the
+# file is optional and can be configured as an environment variable or JVM
+# system property named "GCP_TLS_FILE_PASSWORD":
+oracle.jdbc.provider.tlsConfiguration.walletPassword=${GCP_TLS_FILE_PASSWORD}
+
+# Specifies the file type (SSO, PKCS12, or PEM). This determines how the file is processed.
+# This can be configured as an environment variable or JVM system property named "GCP_TLS_FILE_TYPE":
+oracle.jdbc.provider.tlsConfiguration.type=${GCP_TLS_FILE_TYPE}
+
+# Configures the GCP Secret Manager SEPS (Secure External Password Store) Provider.
+# The secret version name is configured as an environment variable or JVM system property
+# named "GCP_SEPS_WALLET_SECRET_VERSION":
+oracle.jdbc.provider.username=ojdbc-provider-gcp-secretmanager-seps
+oracle.jdbc.provider.password=ojdbc-provider-gcp-secretmanager-seps
+
+# Configures the secret version name for SEPS.
+oracle.jdbc.provider.username.secretVersionName=${GCP_SEPS_WALLET_SECRET_VERSION}
+oracle.jdbc.provider.password.secretVersionName=${GCP_SEPS_WALLET_SECRET_VERSION}
+
+# Optional password for SEPS Wallet stored in GCP Secret Manager
+oracle.jdbc.provider.username.walletPassword=${GCP_SEPS_WALLET_PASSWORD}
+oracle.jdbc.provider.password.walletPassword=${GCP_SEPS_WALLET_PASSWORD}
+
+# Optional connection string index for SEPS Wallet
+# This determines which set of credentials (username/password) to use from the SEPS Wallet
+oracle.jdbc.provider.username.connectionStringIndex=${GCP_SEPS_CONNECTION_STRING_INDEX}
+oracle.jdbc.provider.password.connectionStringIndex=${GCP_SEPS_CONNECTION_STRING_INDEX}

ojdbc-provider-gcp/example-test.properties

@@ -0,0 +1,133 @@
+################################################################################
+# Copyright (c) 2024 Oracle and/or its affiliates.
+#
+# The Universal Permissive License (UPL), Version 1.0
+#
+# Subject to the condition set forth below, permission is hereby granted to any
+# person obtaining a copy of this software, associated documentation and/or data
+# (collectively the "Software"), free of charge and under any and all copyright
+# rights in the Software, and any and all patent rights owned or freely
+# licensable by each licensor hereunder covering either (i) the unmodified
+# Software as contributed to or provided by such licensor, or (ii) the Larger
+# Works (as defined below), to deal in both
+#
+# (a) the Software, and
+# (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+# one is included with the Software (each a "Larger Work" to which the Software
+# is contributed by such licensors),
+#
+# without restriction, including without limitation the rights to copy, create
+# derivative works of, display, perform, and distribute the Software and make,
+# use, sell, offer for sale, import, export, have made, and have sold the
+# Software and the Larger Work(s), and to sublicense the foregoing rights on
+# either these or other terms.
+#
+# This license is subject to the following condition:
+# The above copyright notice and either this complete permission notice or at
+# a minimum a reference to the UPL must be included in all copies or
+# substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+################################################################################
+
+# This file provides examples of properties that configure tests for GCP in this
+# module.
+#
+# QUICK GUIDE TO RUNNING TESTS:
+#   1. Create a copy of this file named "test.properties":
+#      cp example-test.properties test.properties
+#   2. In test.properties, replace example values with real values (the file is
+#      .gitignore'd, so sensitive info won't be checked in to the repo)
+#   3. Comment out any lines for which a value can not be provided (tests are
+#      skipped if no value is configured).
+#   4. mvn clean verify
+#
+# CONFIGURING TEST PROPERTIES
+#   Test properties are read from a properties file by the TestProperties class.
+#   The TestProperties class can be found in:
+#   ojdbc-provider-common/src/testFixtures/java/oracle/jdbc/provider/TestProperties.java
+#   The default behavior of TestProperties is to read a file named
+#   "test.properties" in the current directory. A non-default location may be
+#   specified as a JVM system property:
+#   mvn clean verify -Doracle.jdbc.provider.TestProperties=/path/to/my-test.properties
+#
+# MAINTAINING THIS FILE
+#   Project maintainers should add an example to this file anytime they write a
+#   test which requires a new property. Not doing so will inflict pain and
+#   suffering upon our fellow programmers, and will also lead to increased
+#   maintenance costs.
+
+# IGNORING UNCONFIGURED PROPERTIES
+#   No test should cause a build failure due to an unconfigured property.
+#   Using JUnit terminology: A test should "abort" rather than "fail" when a
+#   property is not configured. This means that the test does not pass, but it
+#   does not cause the build to fail either.
+#   Methods of the TestProperties class will automatically abort a test if a
+#   property is not configured. The org.junit.jupiter.api.Assumptions class may
+#   also be used directly to abort a test.
+#
+#   There is NO environment in which ALL tests can be run. Some tests may
+#   require authentication and configurations for GCP, while others may require
+#   Azure or OCI setups; these environments are mutually exclusive.
+#
+#   This flexibility ensures that developers can work on specific modules without
+#   needing to configure all cloud environments. For instance, a developer working
+#   on GCP provider features should not be required to configure OCI or Azure
+#   environments in order to run tests for their changes.
+
+# The URL of the GCP Object Storage
+GCP_OBJECT_STORAGE_URL=https://storage.googleapis.com/example-bucket
+
+# The version name of a secret stored in GCP Secret Manager for configuration
+SECRET_VERSION_NAME_CONFIG=projects/project-id/secrets/my-secret/versions/1
+
+# Secret version name for Username in GCP Secret Manager
+GCP_SECRET_MANAGER_USERNAME_SECRET_VERSION=projects/project-id/secrets/username-secret/versions/1
+
+# Secret version name for Password in GCP Secret Manager
+GCP_SECRET_MANAGER_PASSWORD_SECRET_VERSION=projects/project-id/secrets/password-secret/versions/1
+
+# PKCS12 TLS Wallet Secret stored in GCP Secret Manager
+GCP_PKCS12_TLS_WALLET_SECRET_VERSION_NAME=projects/project-id/secrets/pkcs12-wallet-secret/versions/1
+
+# Password for the PKCS12 Wallet stored in GCP Secret Manager
+GCP_PKCS12_TLS_WALLET_PASSWORD=***********
+
+# SSO TLS Wallet Secret stored in GCP Secret Manager
+GCP_SSO_TLS_WALLET_SECRET_VERSION_NAME=projects/project-id/secrets/sso-wallet-secret/versions/1
+
+# PEM TLS Wallet Secret stored in GCP Secret Manager
+GCP_PEM_TLS_WALLET_SECRET_VERSION_NAME=projects/project-id/secrets/pem-wallet-secret/versions/1
+
+# Password for the PEM Wallet stored in GCP Secret Manager
+GCP_PEM_TLS_WALLET_PASSWORD=************
+
+# Corrupted TLS Wallet Secret stored in GCP Secret Manager for negative test cases
+GCP_CORRUPTED_TLS_WALLET_SECRET_VERSION_NAME=projects/project-id/secrets/corrupted-wallet-secret/versions/1
+
+# PKCS12 SEPS Secret stored in GCP Secret Manager
+GCP_PKCS12_SEPS_SECRET_VERSION_NAME=projects/project-id/secrets/pkcs12-seps-secret/versions/1
+
+# Password for the PKCS12 SEPS Wallet stored in GCP Secret Manager
+GCP_PKCS12_SEPS_WALLET_PASSWORD=************
+
+# Optional index to select credentials from the SEPS wallet
+GCP_SEPS_CONNECTION_STRING_INDEX=1
+
+# SSO SEPS Secret stored in GCP Secret Manager
+GCP_SSO_SEPS_SECRET_VERSION_NAME=projects/project-id/secrets/sso-seps-secret/versions/1
+
+# Corrupted SEPS Wallet Secret stored in GCP Secret Manager for negative test cases
+GCP_CORRUPTED_SEPS_WALLET_SECRET_VERSION_NAME=projects/project-id/secrets/corrupted-seps-secret/versions/1
+
+# Secret version name for tnsnames.ora file in GCP Secret Manager
+GCP_SECRET_MANAGER_TNS_NAMES_SECRET_VERSION=projects/project-id/secrets/tnsnames-ora-secret/versions/1
+
+# Alias to retrieve specific connection string from tnsnames.ora in GCP Secret Manager
+GCP_SECRET_MANAGER_TNS_ALIAS_SECRET_NAME=your_tns_alias

ojdbc-provider-gcp/example-vault.properties

@@ -0,0 +1,65 @@
+################################################################################
+# Copyright (c) 2024 Oracle and/or its affiliates.
+#
+# The Universal Permissive License (UPL), Version 1.0
+#
+# Subject to the condition set forth below, permission is hereby granted to any
+# person obtaining a copy of this software, associated documentation and/or data
+# (collectively the "Software"), free of charge and under any and all copyright
+# rights in the Software, and any and all patent rights owned or freely
+# licensable by each licensor hereunder covering either (i) the unmodified
+# Software as contributed to or provided by such licensor, or (ii) the Larger
+# Works (as defined below), to deal in both
+#
+# (a) the Software, and
+# (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+# one is included with the Software (each a "Larger Work" to which the Software
+# is contributed by such licensors),
+#
+# without restriction, including without limitation the rights to copy, create
+# derivative works of, display, perform, and distribute the Software and make,
+# use, sell, offer for sale, import, export, have made, and have sold the
+# Software and the Larger Work(s), and to sublicense the foregoing rights on
+# either these or other terms.
+#
+# This license is subject to the following condition:
+# The above copyright notice and either this complete permission notice or at
+# a minimum a reference to the UPL must be included in all copies or
+# substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+# SOFTWARE.
+################################################################################
+
+# An example of a connection properties file that configures Oracle JDBC to
+# obtain a username and password from OCI's Vault Service.
+#
+# This file can be located by Oracle JDBC using the "oracle.jdbc.config.file"
+# connection property. For details, see:
+# https://docs.oracle.com/en/database/oracle/oracle-database/23/jajdb/oracle/jdbc/OracleConnection.html#CONNECTION_PROPERTY_CONFIG_FILE
+
+# Configures the GCP Vault Secret Username Provider. The resurce name of the 
+# username secret is configured as an environment variable or JVM system 
+# property named "USERNAME_SECRET_VERSION_NAME":
+oracle.jdbc.provider.username=ojdbc-provider-gcp-secretmanager-username
+oracle.jdbc.provider.username.secretVersionName=${USERNAME_SECRET_VERSION_NAME}
+
+# Configures the OCI Vault Secret Password Provider. The resource name of the 
+# password secret is configured as an environment variable or JVM system 
+# property named "PASSWORD_SECRET_VERSION_NAME":
+oracle.jdbc.provider.password=ojdbc-provider-gcp-secretmanager-password
+oracle.jdbc.provider.password.secretVersionName=${PASSWORD_SECRET_VERSION_NAME}
+
+# Configures the GCP Secret Manager Connection String Provider. The secret version name and
+# tns alias are configured as environment variables or JVM system properties
+# named "GCP_SECRET_VERSION_NAME" and "TNS_ALIAS".
+oracle.jdbc.provider.connectionString=ojdbc-provider-gcp-secretmanager-tnsnames
+oracle.jdbc.provider.connectionString.secretVersionName=${GCP_SECRET_VERSION_NAME}
+oracle.jdbc.provider.connectionString.tnsAlias=${TNS_ALIAS}
+
+