[misc] Adding travis testing

server tested :
* all MariaDB version 5.5 -> 10.4
* MySQL 5.5, 5.6 and 5.7
* maxscale

python 2.7, 3.6 and 3.8

.travis.yml

@@ -0,0 +1,69 @@
+sudo: true
+language: python
+dist: bionic
+
+services:
+- docker
+
+addons:
+  hosts:
+  - mariadb.example.com
+
+before_install:
+- chmod +x .travis/script.sh
+- sudo apt-get install software-properties-common
+- sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
+- sudo add-apt-repository 'deb [arch=amd64,arm64,ppc64el] http://mirrors.accretive-networks.net/mariadb/repo/10.4/ubuntu bionic main'
+- sudo apt-get remove --purge mysql*
+- sudo apt update
+- sudo apt-get install -f libmariadb3 libmariadb-dev libssl1.1
+- sudo apt-get install -f
+
+install:
+  - wget -qO- 'https://github.com/tianon/pgp-happy-eyeballs/raw/master/hack-my-builds.sh' | bash
+  # generate SSL certificates
+  - mkdir tmp
+  - chmod +x .travis/gen-ssl.sh
+  - chmod +x .travis/build/build.sh
+  - chmod +x .travis/build/docker-entrypoint.sh
+  - chmod 777 .travis/build/
+  - .travis/gen-ssl.sh mariadb.example.com tmp
+  - export PROJ_PATH=`pwd`
+  - export SSLCERT=$PROJ_PATH/tmp
+  - export TEST_SSL_CA_FILE=$SSLCERT/server.crt
+  - export TEST_SSL_CLIENT_KEY_FILE=$SSLCERT/client.key
+  - export TEST_SSL_CLIENT_CERT_FILE=$SSLCERT/client.crt
+  - export TEST_SSL_CLIENT_KEYSTORE_FILE=$SSLCERT/client-keystore.p12
+
+env:
+  global:
+  - TEST_PORT=3305
+  - TEST_HOST=mariadb.example.com
+
+
+matrix:
+  include:
+  - python: "2.7"
+    env: DB=mariadb:10.4
+  - python: "3.6"
+    env: DB=mariadb:10.4
+  - python: "3.8"
+    env: DB=mariadb:10.4
+  - env: DB=mariadb:10.4 MAXSCALE_VERSION=2.2.9 TEST_PORT=4007 TEST_USER=bob TEXT_DATABASE=test2 SKIP_LEAK=1
+  - env: DB=mariadb:5.5
+  - env: DB=mariadb:10.0
+  - env: DB=mariadb:10.1
+  - env: DB=mariadb:10.2
+  - env: DB=mariadb:10.3
+  - env: DB=mysql:5.5
+  - env: DB=mysql:5.6
+  - env: DB=mysql:5.7
+
+notifications:
+  email: false
+
+script:
+- python setup.py build
+- python setup.py install
+- npm install nyc -g
+- .travis/script.sh

.travis/build/Dockerfile

@@ -0,0 +1,99 @@
+# vim:set ft=dockerfile:
+FROM ubuntu:bionic
+
+# add our user and group first to make sure their IDs get assigned consistently, regardless of whatever dependencies get added
+RUN groupadd -r mysql && useradd -r -g mysql mysql
+
+# https://bugs.debian.org/830696 (apt uses gpgv by default in newer releases, rather than gpg)
+RUN set -ex; \
+	apt-get update; \
+	if ! which gpg; then \
+		apt-get install -y --no-install-recommends gnupg; \
+	fi; \
+# Ubuntu includes "gnupg" (not "gnupg2", but still 2.x), but not dirmngr, and gnupg 2.x requires dirmngr
+# so, if we're not running gnupg 1.x, explicitly install dirmngr too
+	if ! gpg --version | grep -q '^gpg (GnuPG) 1\.'; then \
+		 apt-get install -y --no-install-recommends dirmngr; \
+	fi; \
+	rm -rf /var/lib/apt/lists/*
+
+# add gosu for easy step-down from root
+ENV GOSU_VERSION 1.10
+RUN set -ex; \
+	\
+	fetchDeps=' \
+		ca-certificates \
+		wget \
+	'; \
+	apt-get update; \
+	apt-get install -y --no-install-recommends $fetchDeps; \
+	rm -rf /var/lib/apt/lists/*; \
+	\
+	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+	\
+# verify the signature
+	export GNUPGHOME="$(mktemp -d)"; \
+	gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+	command -v gpgconf > /dev/null && gpgconf --kill all || :; \
+	rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+	\
+	chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+	gosu nobody true; \
+	\
+	apt-get purge -y --auto-remove $fetchDeps
+
+RUN mkdir /docker-entrypoint-initdb.d
+
+# install "pwgen" for randomizing passwords
+# install "apt-transport-https" for Percona's repo (switched to https-only)
+RUN apt-get update && apt-get install -y --no-install-recommends \
+		apt-transport-https ca-certificates \
+		tzdata \
+		pwgen \
+	&& rm -rf /var/lib/apt/lists/*
+
+RUN { \
+		echo "mariadb-server-10.4" mysql-server/root_password password 'unused'; \
+		echo "mariadb-server-10.4" mysql-server/root_password_again password 'unused'; \
+	} | debconf-set-selections
+
+RUN apt-get update -y
+RUN apt-get install -y software-properties-common wget
+RUN apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 0xcbcb082a1bb943db
+RUN apt-key adv --recv-keys --keyserver ha.pool.sks-keyservers.net F1656F24C74CD1D8
+RUN echo 'deb http://yum.mariadb.org/galera/repo/deb bionic main' > /etc/apt/sources.list.d/galera-test-repo.list
+RUN apt-get update -y
+
+RUN apt-get install -y curl libdbi-perl rsync socat galera3 libnuma1 libaio1 zlib1g-dev libreadline5 libjemalloc1 libsnappy1v5 libcrack2
+
+COPY *.deb /root/
+RUN chmod 777 /root/*
+
+RUN dpkg --install /root/mysql-common*
+RUN dpkg --install /root/mariadb-common*
+RUN dpkg -R --unpack /root/
+RUN apt-get install -f -y
+
+RUN rm -rf /var/lib/apt/lists/* \
+    	&& sed -ri 's/^user\s/#&/' /etc/mysql/my.cnf /etc/mysql/conf.d/* \
+    	&& rm -rf /var/lib/mysql && mkdir -p /var/lib/mysql /var/run/mysqld \
+    	&& chown -R mysql:mysql /var/lib/mysql /var/run/mysqld \
+    	&& chmod 777 /var/run/mysqld \
+    	&& find /etc/mysql/ -name '*.cnf' -print0 \
+    		| xargs -0 grep -lZE '^(bind-address|log)' \
+    		| xargs -rt -0 sed -Ei 's/^(bind-address|log)/#&/' \
+    	&& echo '[mysqld]\nskip-host-cache\nskip-name-resolve' > /etc/mysql/conf.d/docker.cnf
+
+VOLUME /var/lib/mysql
+
+COPY docker-entrypoint.sh /usr/local/bin/
+RUN ln -s usr/local/bin/docker-entrypoint.sh / # backwards compat
+ENTRYPOINT ["docker-entrypoint.sh"]
+
+EXPOSE 3306
+CMD ["mysqld"]
+

.travis/build/build.sh

@@ -0,0 +1,33 @@
+#!/usr/bin/env bash
+
+echo "**************************************************************************"
+echo "* searching for last complete build"
+echo "**************************************************************************"
+
+wget -q -o /dev/null index.html http://hasky.askmonty.org/archive/10.4/
+grep -o ">build-[0-9]*" index.html | grep -o "[0-9]*" | tac | while read -r line ; do
+
+  curl -s --head http://hasky.askmonty.org/archive/10.4/build-$line/kvm-deb-bionic-amd64/md5sums.txt | head -n 1 | grep "HTTP/1.[01] [23].." > /dev/null
+  if [ $? = "0" ]; then
+    echo "**************************************************************************"
+    echo "* Processing $line"
+    echo "**************************************************************************"
+    wget -q -o /dev/null -O $line.html  http://hasky.askmonty.org/archive/10.4/build-$line/kvm-deb-bionic-amd64/debs/binary/
+    grep -o ">[^\"]*\.deb" $line.html | grep -o "[^>]*\.deb" | while read -r file ; do
+        if  [[ "$file" =~ ^mariadb-plugin.* ]] ;
+        then
+          echo "skipped file: $file"
+        else
+          echo "download file: $file"
+          wget -q -o /dev/null -O .travis/build/$file http://hasky.askmonty.org/archive/10.4/build-$line/kvm-deb-bionic-amd64/debs/binary/$file
+        fi
+    done
+
+    exit
+  else
+    echo "skip build $line"
+  fi
+done
+
+
+

.travis/build/docker-entrypoint.sh

@@ -0,0 +1,196 @@
+#!/bin/bash
+set -eo pipefail
+shopt -s nullglob
+
+# if command starts with an option, prepend mysqld
+if [ "${1:0:1}" = '-' ]; then
+	set -- mysqld "$@"
+fi
+
+# skip setup if they want an option that stops mysqld
+wantHelp=
+for arg; do
+	case "$arg" in
+		-'?'|--help|--print-defaults|-V|--version)
+			wantHelp=1
+			break
+			;;
+	esac
+done
+
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	local val="$def"
+	if [ "${!var:-}" ]; then
+		val="${!var}"
+	elif [ "${!fileVar:-}" ]; then
+		val="$(< "${!fileVar}")"
+	fi
+	export "$var"="$val"
+	unset "$fileVar"
+}
+
+_check_config() {
+	toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" )
+	if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
+		cat >&2 <<-EOM
+			ERROR: mysqld failed while attempting to check config
+			command was: "${toRun[*]}"
+			$errors
+		EOM
+		exit 1
+	fi
+}
+
+# Fetch value from server config
+# We use mysqld --verbose --help instead of my_print_defaults because the
+# latter only show values present in config files, and not server defaults
+_get_config() {
+	local conf="$1"; shift
+	"$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \
+		| awk '$1 == "'"$conf"'" && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
+	# match "datadir      /some/path with/spaces in/it here" but not "--xyz=abc\n     datadir (xyz)"
+}
+
+# allow the container to be started with `--user`
+if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then
+	_check_config "$@"
+	DATADIR="$(_get_config 'datadir' "$@")"
+	mkdir -p "$DATADIR"
+	find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
+	exec gosu mysql "$BASH_SOURCE" "$@"
+fi
+
+if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
+	# still need to check config, container may have started with --user
+	_check_config "$@"
+	# Get config
+	DATADIR="$(_get_config 'datadir' "$@")"
+
+	if [ ! -d "$DATADIR/mysql" ]; then
+		file_env 'MYSQL_ROOT_PASSWORD'
+		if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
+			echo >&2 'error: database is uninitialized and password option is not specified '
+			echo >&2 '  You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
+			exit 1
+		fi
+
+		mkdir -p "$DATADIR"
+
+		echo 'Initializing database'
+		installArgs=( --datadir="$DATADIR" --rpm )
+		if { mysql_install_db --help || :; } | grep -q -- '--auth-root-authentication-method'; then
+			# beginning in 10.4.3, install_db uses "socket" which only allows system user root to connect, switch back to "normal" to allow mysql root without a password
+			# see https://github.com/MariaDB/server/commit/b9f3f06857ac6f9105dc65caae19782f09b47fb3
+			# (this flag doesn't exist in 10.0 and below)
+			installArgs+=( --auth-root-authentication-method=normal )
+		fi
+		# "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
+		mysql_install_db "${installArgs[@]}" "${@:2}"
+		echo 'Database initialized'
+
+		SOCKET="$(_get_config 'socket' "$@")"
+		"$@" --skip-networking --socket="${SOCKET}" &
+		pid="$!"
+
+		mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" )
+
+		for i in {30..0}; do
+			if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then
+				break
+			fi
+			echo 'MySQL init process in progress...'
+			sleep 1
+		done
+		if [ "$i" = 0 ]; then
+			echo >&2 'MySQL init process failed.'
+			exit 1
+		fi
+
+		if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
+			# sed is for https://bugs.mysql.com/bug.php?id=20545
+			mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql
+		fi
+
+		if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
+			export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
+			echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
+		fi
+
+		rootCreate=
+		# default root to listen for connections from anywhere
+		file_env 'MYSQL_ROOT_HOST' '%'
+		if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then
+			# no, we don't care if read finds a terminating character in this heredoc
+			# https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
+			read -r -d '' rootCreate <<-EOSQL || true
+				CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
+				GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
+			EOSQL
+		fi
+
+		"${mysql[@]}" <<-EOSQL
+			-- What's done in this file shouldn't be replicated
+			--  or products like mysql-fabric won't work
+			SET @@SESSION.SQL_LOG_BIN=0;
+			DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ;
+			SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ;
+			GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ;
+			${rootCreate}
+			DROP DATABASE IF EXISTS test ;
+			FLUSH PRIVILEGES ;
+		EOSQL
+
+		if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then
+			mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
+		fi
+
+		file_env 'MYSQL_DATABASE'
+		if [ "$MYSQL_DATABASE" ]; then
+			echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}"
+			mysql+=( "$MYSQL_DATABASE" )
+		fi
+
+		file_env 'MYSQL_USER'
+		file_env 'MYSQL_PASSWORD'
+		if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
+			echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}"
+
+			if [ "$MYSQL_DATABASE" ]; then
+				echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}"
+			fi
+		fi
+
+		echo
+		for f in /docker-entrypoint-initdb.d/*; do
+			case "$f" in
+				*.sh)     echo "$0: running $f"; . "$f" ;;
+				*.sql)    echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;;
+				*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;;
+				*)        echo "$0: ignoring $f" ;;
+			esac
+			echo
+		done
+
+		if ! kill -s TERM "$pid" || ! wait "$pid"; then
+			echo >&2 'MySQL init process failed.'
+			exit 1
+		fi
+
+		echo
+		echo 'MySQL init process done. Ready for start up.'
+		echo
+	fi
+fi
+
+exec "$@"

.travis/docker-compose.yml

@@ -0,0 +1,17 @@
+version: '2'
+services:
+  db:
+    image: $DB
+    command: --innodb-log-file-size=400m --max-allowed-packet=40m  --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --ssl-ca=/etc/sslcert/ca.crt --ssl-cert=/etc/sslcert/server.crt --ssl-key=/etc/sslcert/server.key --bind-address=0.0.0.0 $ADDITIONAL_CONF
+    ports:
+      - 3305:3306
+    volumes:
+      - $SSLCERT:/etc/sslcert
+      - $ENTRYPOINT:/pam
+    environment:
+      MYSQL_DATABASE: testp
+      MYSQL_ALLOW_EMPTY_PASSWORD: 1
+      MYSQL_ROOT_PASSWORD:
+
+
+

.travis/entrypoint/dbinit.sql

@@ -0,0 +1,11 @@
+CREATE USER 'bob'@'%';
+GRANT ALL ON *.* TO 'bob'@'%' with grant option;
+
+CREATE USER 'boby'@'%' identified by 'heyPassw0@rd';
+GRANT ALL ON *.* TO 'boby'@'%' with grant option;
+
+INSTALL PLUGIN pam SONAME 'auth_pam';
+
+FLUSH PRIVILEGES;
+
+CREATE DATABASE test2;

.travis/entrypoint/pam.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+tee /etc/pam.d/mariadb << EOF
+auth required pam_unix.so audit
+auth required pam_unix.so audit
+account required pam_unix.so audit
+EOF
+
+useradd testPam
+chpasswd  << EOF
+testPam:myPwd
+EOF
+
+usermod -a -G shadow mysql
+
+echo "pam configuration done"

.travis/gen-ssl.sh

@@ -0,0 +1,128 @@
+#!/bin/bash
+set -e
+
+log () {
+  echo "$@" 1>&2
+}
+
+print_error () {
+  echo "$@" 1>&2
+  exit 1
+}
+
+print_usage () {
+  print_error "Usage: gen-ssl-cert-key <fqdn> <output-dir>"
+}
+
+gen_cert_subject () {
+  local fqdn="$1"
+  [[ "${fqdn}" != "" ]] || print_error "FQDN cannot be blank"
+  echo "/C=XX/ST=X/O=X/localityName=X/CN=${fqdn}/organizationalUnitName=X/emailAddress=X/"
+}
+
+main () {
+  local fqdn="$1"
+  local sslDir="$2"
+  [[ "${fqdn}" != "" ]] || print_usage
+  [[ -d "${sslDir}" ]] || print_error "Directory does not exist: ${sslDir}"
+
+  local caCertFile="${sslDir}/ca.crt"
+  local caKeyFile="${sslDir}/ca.key"
+  local certFile="${sslDir}/server.crt"
+  local keyFile="${sslDir}/server.key"
+  local csrFile="${sslDir}/csrFile.key"
+  local clientCertFile="${sslDir}/client.crt"
+  local clientKeyFile="${sslDir}/client.key"
+  local clientKeystoreFile="${sslDir}/client-keystore.p12"
+  local pcks12FullKeystoreFile="${sslDir}/fullclient-keystore.p12"
+  local clientReqFile="${sslDir}/clientReqFile.key"
+
+  log "Generating CA key"
+  openssl genrsa -out "${caKeyFile}" 2048
+
+  log "Generating CA certificate"
+  openssl req \
+    -sha1 \
+    -new \
+    -x509 \
+    -nodes \
+    -days 3650 \
+    -subj "$(gen_cert_subject ca.example.com)" \
+    -key "${caKeyFile}" \
+    -out "${caCertFile}"
+
+  log "Generating private key"
+  openssl genrsa -out "${keyFile}" 2048
+
+  log "Generating certificate signing request"
+  openssl req \
+    -new \
+    -batch \
+    -sha1 \
+    -subj "$(gen_cert_subject "$fqdn")" \
+    -set_serial 01 \
+    -key "${keyFile}" \
+    -out "${csrFile}" \
+    -nodes
+
+  log "Generating X509 certificate"
+  openssl x509 \
+    -req \
+    -sha1 \
+    -set_serial 01 \
+    -CA "${caCertFile}" \
+    -CAkey "${caKeyFile}" \
+    -days 3650 \
+    -in "${csrFile}" \
+    -signkey "${keyFile}" \
+    -out "${certFile}"
+
+  log "Generating client certificate"
+  openssl req \
+    -batch \
+    -newkey rsa:2048 \
+    -days 3600 \
+    -subj "$(gen_cert_subject "$fqdn")" \
+    -nodes \
+    -keyout "${clientKeyFile}" \
+    -out "${clientReqFile}"
+
+  openssl x509 \
+    -req \
+    -in "${clientReqFile}" \
+    -days 3600 \
+    -CA "${caCertFile}" \
+    -CAkey "${caKeyFile}" \
+    -set_serial 01 \
+    -out "${clientCertFile}"
+
+  # Now generate a keystore with the client cert & key
+  log "Generating client keystore"
+  openssl pkcs12 \
+    -export \
+    -in "${clientCertFile}" \
+    -inkey "${clientKeyFile}" \
+    -out "${clientKeystoreFile}" \
+    -name "mysqlAlias" \
+    -passout pass:kspass
+
+  # Now generate a full keystore with the client cert & key + trust certificates
+  log "Generating full client keystore"
+  openssl pkcs12 \
+    -export \
+    -in "${clientCertFile}" \
+    -inkey "${clientKeyFile}" \
+    -out "${pcks12FullKeystoreFile}" \
+    -name "mysqlAlias" \
+    -passout pass:kspass
+
+  # Clean up CSR file:
+  rm "$csrFile"
+  rm "$clientReqFile"
+
+  log "Generated key file and certificate in: ${sslDir}"
+  ls -l "${sslDir}"
+}
+
+main "$@"
+

.travis/maxscale-compose.yml

@@ -0,0 +1,25 @@
+version: '2.1'
+services:
+  maxscale:
+    depends_on:
+      - db
+    ports:
+      - 4006:4006
+      - 4007:4007
+      - 4008:4008
+    build:
+      context: .
+      dockerfile: maxscale/Dockerfile
+      args:
+        MAXSCALE_VERSION: $MAXSCALE_VERSION
+  db:
+    image: $DB
+    command: --max-connections=500 --max-allowed-packet=40m --innodb-log-file-size=400m --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci --ssl-ca=/etc/sslcert/ca.crt --ssl-cert=/etc/sslcert/server.crt --ssl-key=/etc/sslcert/server.key --bind-address=0.0.0.0
+    ports:
+      - 3305:3306
+    volumes:
+      - $SSLCERT:/etc/sslcert
+      - $ENTRYPOINT:/docker-entrypoint-initdb.d
+    environment:
+      MYSQL_DATABASE: testp
+      MYSQL_ALLOW_EMPTY_PASSWORD: 1

.travis/maxscale/Dockerfile

@@ -0,0 +1,24 @@
+FROM centos:7
+
+ARG MAXSCALE_VERSION
+ENV MAXSCALE_VERSION ${MAXSCALE_VERSION:-2.2.9}
+
+COPY maxscale/mariadb.repo /etc/yum.repos.d/
+
+RUN rpm --import https://yum.mariadb.org/RPM-GPG-KEY-MariaDB \
+    && yum -y install https://downloads.mariadb.com/MaxScale/${MAXSCALE_VERSION}/centos/7/x86_64/maxscale-${MAXSCALE_VERSION}-1.centos.7.x86_64.rpm \
+    && yum -y update
+
+RUN yum -y install maxscale-${MAXSCALE_VERSION} MariaDB-client \
+    && yum clean all \
+    && rm -rf /tmp/*
+
+COPY maxscale/docker-entrypoint.sh /
+RUN chmod 777 /etc/maxscale.cnf
+COPY maxscale/maxscale.cnf /etc/
+RUN chmod 777 /docker-entrypoint.sh
+
+
+EXPOSE 4006 4007 4008
+
+ENTRYPOINT ["/docker-entrypoint.sh"]

.travis/maxscale/docker-entrypoint.sh

@@ -0,0 +1,35 @@
+#!/usr/bin/env bash
+
+set -e
+
+echo 'creating configuration done'
+
+sleep 15
+
+#################################################################################################
+# wait for db availability for 60s
+#################################################################################################
+mysql=( mysql --protocol=tcp -ubob -hdb --port=3306 )
+for i in {60..0}; do
+    if echo 'use test2' | "${mysql[@]}" &> /dev/null; then
+        break
+    fi
+    echo 'DB init process in progress...'
+    sleep 1
+done
+
+echo 'use test2' | "${mysql[@]}"
+if [ "$i" = 0 ]; then
+    echo 'DB init process failed.'
+    exit 1
+fi
+
+echo 'maxscale launching ...'
+
+tail -n 500 /etc/maxscale.cnf
+
+/usr/bin/maxscale --user=root --nodaemon
+
+cd /var/log/maxscale
+ls -lrt
+tail -n 500 /var/log/maxscale/maxscale.log

.travis/maxscale/mariadb.repo

@@ -0,0 +1,7 @@
+# MariaDB 10.3 CentOS repository list - created 2018-11-09 14:50 UTC
+# http://downloads.mariadb.org/mariadb/repositories/
+[mariadb]
+name = MariaDB
+baseurl = http://yum.mariadb.org/10.3/centos7-amd64
+gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
+gpgcheck=1

.travis/maxscale/maxscale.cnf

@@ -0,0 +1,125 @@
+# MaxScale documentation on GitHub:
+# https://github.com/mariadb-corporation/MaxScale/blob/2.1/Documentation/Documentation-Contents.md
+
+# Global parameters
+#
+# Complete list of configuration options:
+# https://github.com/mariadb-corporation/MaxScale/blob/2.1/Documentation/Getting-Started/Configuration-Guide.md
+
+
+[maxscale]
+threads=2
+log_messages=1
+log_trace=1
+log_debug=1
+
+# Server definitions
+#
+# Set the address of the server to the network
+# address of a MySQL server.
+#
+
+[server1]
+type=server
+address=db
+port=3306
+protocol=MariaDBBackend
+authenticator_options=skip_authentication=true
+router_options=master
+
+# Monitor for the servers
+#
+# This will keep MaxScale aware of the state of the servers.
+# MySQL Monitor documentation:
+# https://github.com/mariadb-corporation/MaxScale/blob/2.1/Documentation/Monitors/MySQL-Monitor.md
+
+[MySQLMonitor]
+type=monitor
+module=mariadbmon
+servers=server1
+user=boby
+passwd=heyPassw0@rd
+monitor_interval=10000
+
+# Service definitions
+#
+# Service Definition for a read-only service and
+# a read/write splitting service.
+#
+
+# ReadConnRoute documentation:
+# https://github.com/mariadb-corporation/MaxScale/blob/2.1/Documentation/Routers/ReadConnRoute.md
+
+[Read-OnlyService]
+enable_root_user=1
+version_string=10.4.99-MariaDB-maxScale
+type=service
+router=readconnroute
+servers=server1
+user=boby
+passwd=heyPassw0@rd
+router_options=slave
+localhost_match_wildcard_host=1
+
+[Read-WriteService]
+enable_root_user=1
+version_string=10.4.99-MariaDB-maxScale
+type=service
+router=readwritesplit
+servers=server1
+user=boby
+passwd=heyPassw0@rd
+localhost_match_wildcard_host=1
+
+[WriteService]
+type=service
+router=readconnroute
+servers=server1
+user=boby
+passwd=heyPassw0@rd
+router_options=master
+localhost_match_wildcard_host=1
+version_string=10.4.99-MariaDB-maxScale
+
+
+# This service enables the use of the MaxAdmin interface
+# MaxScale administration guide:
+# https://github.com/mariadb-corporation/MaxScale/blob/2.1/Documentation/Reference/MaxAdmin.mda
+
+[MaxAdminService]
+enable_root_user=1
+version_string=10.4.99-MariaDB-maxScale
+type=service
+router=cli
+
+# Listener definitions for the services
+#
+# These listeners represent the ports the
+# services will listen on.
+#
+[WriteListener]
+type=listener
+service=WriteService
+protocol=MariaDBClient
+port=4007
+#socket=/var/lib/maxscale/writeconn.sock
+
+[Read-OnlyListener]
+type=listener
+service=Read-OnlyService
+protocol=MariaDBClient
+port=4008
+#socket=/var/lib/maxscale/readconn.sock
+
+[Read-WriteListener]
+type=listener
+service=Read-WriteService
+protocol=MariaDBClient
+port=4006
+#socket=/var/lib/maxscale/rwsplit.sock
+
+[MaxAdminListener]
+type=listener
+service=MaxAdminService
+protocol=maxscaled
+socket=/tmp/maxadmin.sock

.travis/script.sh

@@ -0,0 +1,57 @@
+#!/bin/bash
+
+set -x
+set -e
+
+###################################################################################################################
+# test different type of configuration
+###################################################################################################################
+mysql=( mysql --protocol=tcp -ubob -h127.0.0.1 --port=3305 )
+
+if [ "$DB" = "build" ] ; then
+  .travis/build/build.sh
+  docker build -t build:latest --label build .travis/build/
+fi
+
+export ENTRYPOINT=$PROJ_PATH/.travis/entrypoint
+if [ -n "$MAXSCALE_VERSION" ] ; then
+  ###################################################################################################################
+  # launch Maxscale with one server
+  ###################################################################################################################
+  export COMPOSE_FILE=.travis/maxscale-compose.yml
+  export ENTRYPOINT=$PROJ_PATH/.travis/sql
+  docker-compose -f ${COMPOSE_FILE} build
+  docker-compose -f ${COMPOSE_FILE} up -d
+  mysql=( mysql --protocol=tcp -ubob -h127.0.0.1 --port=4007 )
+else
+  docker-compose -f .travis/docker-compose.yml up -d
+fi
+
+for i in {60..0}; do
+    if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then
+        break
+    fi
+    echo 'data server still not active'
+    sleep 1
+done
+
+if [ -z "$MAXSCALE_VERSION" ] ; then
+  docker-compose -f .travis/docker-compose.yml exec -u root db bash /pam/pam.sh
+  sleep 1
+  docker-compose -f .travis/docker-compose.yml stop db
+  sleep 1
+  docker-compose -f .travis/docker-compose.yml up -d
+  docker-compose -f .travis/docker-compose.yml logs db
+
+  for i in {60..0}; do
+    if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then
+        break
+    fi
+    echo 'data server still not active'
+    sleep 1
+  done
+
+fi
+
+python -m unittest discover -v
+

.travis/sql/dbinit.sql

@@ -0,0 +1,9 @@
+CREATE USER 'bob'@'%';
+GRANT ALL ON *.* TO 'bob'@'%' with grant option;
+
+CREATE USER 'boby'@'%' identified by 'heyPassw0@rd';
+GRANT ALL ON *.* TO 'boby'@'%' with grant option;
+
+FLUSH PRIVILEGES;
+
+CREATE DATABASE test2;