Complete SQLx Test Migration (Phases 2-4)

mise.toml

@@ -7,7 +7,7 @@
 #     "./tests/mise.tls.toml",
 # ]
 [task_config]
-includes = ["tasks", "tasks/postgres.toml", "tasks/rust.toml"]
+includes = ["tasks", "tasks/postgres.toml", "tasks/rust.toml", "tasks/test.toml"]
 
 [env]
 POSTGRES_DB = "cipherstash"

tasks/test-legacy.sh

@@ -0,0 +1,78 @@
+#!/usr/bin/env bash
+#MISE description="Run legacy SQL tests (inline test files)"
+#MISE alias="test"
+#USAGE flag "--test <test>" help="Specific test file pattern to run" default="false"
+#USAGE flag "--postgres <version>" help="PostgreSQL version to test against" default="17" {
+#USAGE   choices "14" "15" "16" "17"
+#USAGE }
+#USAGE flag "--skip-build" help="Skip build step (use existing release)" default="false"
+
+#!/bin/bash
+
+set -euo pipefail
+
+POSTGRES_VERSION=${usage_postgres}
+
+connection_url=postgresql://${POSTGRES_USER:-$USER}:${POSTGRES_PASSWORD}@${POSTGRES_HOST}:${POSTGRES_PORT}/${POSTGRES_DB}
+container_name=postgres-${POSTGRES_VERSION}
+
+fail_if_postgres_not_running () {
+  containers=$(docker ps --filter "name=^${container_name}$" --quiet)
+  if [ -z "${containers}" ]; then
+    echo "error: Docker container for PostgreSQL is not running"
+    echo "error: Try running 'mise run postgres:up ${container_name}' to start the container"
+    exit 65
+  fi
+}
+
+run_test () {
+  echo
+  echo '###############################################'
+  echo "# Running Test: ${1}"
+  echo '###############################################'
+  echo
+
+  cat $1 | docker exec -i ${container_name} psql --variable ON_ERROR_STOP=1 $connection_url -f-
+}
+
+# Setup
+fail_if_postgres_not_running
+
+# Build (optional)
+if [ "$usage_skip_build" = "false" ]; then
+  mise run build --force
+fi
+
+mise run reset --force --postgres ${POSTGRES_VERSION}
+
+echo
+echo '###############################################'
+echo '# Installing release/cipherstash-encrypt.sql'
+echo '###############################################'
+echo
+
+# Install
+cat release/cipherstash-encrypt.sql | docker exec -i ${container_name} psql ${connection_url} -f-
+
+
+cat tests/test_helpers.sql | docker exec -i ${container_name} psql ${connection_url} -f-
+cat tests/ore.sql | docker exec -i ${container_name} psql ${connection_url} -f-
+cat tests/ste_vec.sql | docker exec -i ${container_name} psql ${connection_url} -f-
+
+
+if [ $usage_test = "false" ]; then
+  find src -type f -path "*_test.sql" | while read -r sql_file; do
+    echo $sql_file
+    run_test $sql_file
+  done
+else
+  find src -type f -path "*$usage_test*" | while read -r sql_file; do
+    run_test $sql_file
+  done
+fi
+
+echo
+echo '###############################################'
+echo "# ✅ALL TESTS PASSED "
+echo '###############################################'
+echo

tasks/test.toml

@@ -0,0 +1,60 @@
+# Test tasks for EQL
+# Combines legacy SQL tests and modern SQLx Rust tests
+
+["test:all"]
+description = "Run ALL tests: legacy SQL + SQLx (full test suite)"
+depends = ["build"]
+run = """
+#!/bin/bash
+set -euo pipefail
+
+POSTGRES_VERSION="${POSTGRES_VERSION:-17}"
+
+echo "=========================================="
+echo "Running Complete EQL Test Suite"
+echo "PostgreSQL Version: $POSTGRES_VERSION"
+echo "=========================================="
+echo ""
+
+# Ensure PostgreSQL is running
+echo "→ Starting PostgreSQL $POSTGRES_VERSION..."
+mise run postgres:up postgres-${POSTGRES_VERSION} --extra-args "--detach --wait"
+
+# Run legacy SQL tests
+echo ""
+echo "=========================================="
+echo "1/2: Running Legacy SQL Tests"
+echo "=========================================="
+mise run test:legacy --skip-build --postgres ${POSTGRES_VERSION}
+
+# Run SQLx Rust tests
+echo ""
+echo "=========================================="
+echo "2/2: Running SQLx Rust Tests"
+echo "=========================================="
+mise run test:sqlx
+
+echo ""
+echo "=========================================="
+echo "✅ ALL TESTS PASSED"
+echo "=========================================="
+echo ""
+echo "Summary:"
+echo "  ✓ Legacy SQL tests"
+echo "  ✓ SQLx Rust tests"
+echo ""
+"""
+
+["test:legacy"]
+description = "Run legacy SQL tests (inline test files)"
+alias = "test"
+sources = ["src/**/*_test.sql", "tests/*.sql"]
+run = "{{config_root}}/tasks/test-legacy.sh"
+
+["test:quick"]
+description = "Quick test (skip build, use existing)"
+depends = []
+run = """
+echo "Running quick tests (using existing build)..."
+mise run test:legacy --skip-build
+"""

tests/sqlx/src/helpers.rs

@@ -0,0 +1,51 @@
+//! Test helper functions for EQL tests
+//!
+//! Common utilities for working with encrypted data in tests.
+
+use anyhow::{Context, Result};
+use sqlx::{PgPool, Row};
+
+/// Fetch ORE encrypted value from pre-seeded ore table
+///
+/// The ore table is created by migration `002_install_ore_data.sql`
+/// and contains 99 pre-seeded records (ids 1-99) for testing.
+pub async fn get_ore_encrypted(pool: &PgPool, id: i32) -> Result<String> {
+    let sql = format!("SELECT e::text FROM ore WHERE id = {}", id);
+    let row = sqlx::query(&sql)
+        .fetch_one(pool)
+        .await
+        .with_context(|| format!("fetching ore encrypted value for id={}", id))?;
+
+    let result: Option<String> = row
+        .try_get(0)
+        .with_context(|| format!("extracting text column for id={}", id))?;
+
+    result.with_context(|| format!("ore table returned NULL for id={}", id))
+}
+
+/// Extract encrypted term from encrypted table by selector
+///
+/// Extracts a field from the first record in the encrypted table using
+/// the provided selector hash. Used for containment operator tests.
+///
+/// # Arguments
+/// * `pool` - Database connection pool
+/// * `selector` - Selector hash for the field to extract (e.g., from Selectors constants)
+///
+/// # Example
+/// ```
+/// let term = get_encrypted_term(&pool, Selectors::HELLO).await?;
+/// ```
+pub async fn get_encrypted_term(pool: &PgPool, selector: &str) -> Result<String> {
+    let sql = format!("SELECT (e -> '{}')::text FROM encrypted LIMIT 1", selector);
+    let row = sqlx::query(&sql)
+        .fetch_one(pool)
+        .await
+        .with_context(|| format!("extracting encrypted term for selector={}", selector))?;
+
+    let result: Option<String> = row
+        .try_get(0)
+        .with_context(|| format!("getting text column for selector={}", selector))?;
+
+    result.with_context(|| format!("encrypted term extraction returned NULL for selector={}", selector))
+}

tests/sqlx/src/lib.rs

@@ -5,10 +5,12 @@
 use sqlx::PgPool;
 
 pub mod assertions;
+pub mod helpers;
 pub mod index_types;
 pub mod selectors;
 
 pub use assertions::QueryAssertion;
+pub use helpers::{get_encrypted_term, get_ore_encrypted};
 pub use index_types as IndexTypes;
 pub use selectors::Selectors;