It's really annoying to add a message after each check in a unit test.
Let's make this optional. If the message is omitted, "line %d" will be
used instead. Also, let's print the expression on failure because it
may be useful if exact sources are unavailable.

NO_DOC=refactoring
NO_CHANGELOG=refactoring

The ok/is/isnt macros expand to {} so they may be used without
a trailing semicolon. This is going to be fixed so let's add
missing semicolons.

NO_DOC=code cleanup
NO_CHANGELOG=code cleanup

There's no need to duplicate all unit test helpers for TAP compatible
tests. The only difference between them is that plan() prints the TAP
version so let's do just that.

NO_DOC=code cleanup
NO_CHANGELOG=code cleanup

The test checks, whether the instance notices leader hang during
sync. For that it stops server2 and generates some data on the
master (server1). The problem is, when connection to server3
flakes, server1 resigns and becomes read only due to fencing
enabled.

Let's disable fencing for this test, as we don't want automatic
leader resigning here.

Closes tarantool/tarantool-qa#325

NO_CHANGELOG=test
NO_DOC=test

Memory is leaked in the following scenario:
- MP_ERROR_STACK with 2 errors is passed to error_unpack_unsafe():
  1. A correct MP_MAP with MP_ERROR_* fields;
  2. Something unexpected, e.g. MP_INT;
- This first call to mp_decode_error_one() allocates memory for the first
  error in error_build_xc() -> `new ClientError()`;
- The second call to mp_decode_error_one() returns NULL, and
  error_unpack_unsafe() returns NULL too. Memory from the previous step
  is leaked.

Closes #8921

NO_DOC=bugfix

The patch introduces Lua module trigger, which allows to set, delete and
call triggers from event registry.

Closes #8656

NO_DOC=later

Future module trigger will allow user to call triggers from Lua. We have
function adapter to call an abstract function from any language, but
it's convenient to call Lua functions directly when they are called from
Lua, so let's add a method that allows to get underlying Lua function (or
another callable object).

NO_CHANGELOG=internal
NO_DOC=internal

The patch introduces new event subsystem. This subsystem is designed to
store user-defined triggers and has nothing in common with core triggers.

Each trigger has its own name and is represented by func_adapter.
Triggers are stored in events - named wrappers over rlist. Event objects
are opaque, hence rlist field should not be used directly - event
provides event_find_trigger, event_reset_triggers methods and
event_trigger_iterator. Iterator provides stable iteration and all the
non-deleted triggers will surely be traversed.

On way to the goal this patch also fixes include list in func_adapter.h.

Part of #8656

NO_CHANGELOG=internal
NO_DOC=internal

part_count was checked in index_def_check(), which was called too late.
Before that check:
1. `malloc(sizeof(*part_def) * part_count)` can fail for huge part_count;
2. key_def_new() can crash for zero part_count because of out of bound
   access in:

NO_WRAP
   - #1 key_def_contains_sequential_parts (def=0x5555561a2ef0) at src/box/tuple_extract_key.cc:26
   - #2 key_def_set_extract_func (key_def=0x5555561a2ef0) at src/box/tuple_extract_key.cc:442
   - #3 key_def_set_func (def=0x5555561a2ef0) at src/box/key_def.c:162
   - #4 key_def_new (parts=0x7fffc4001350, part_count=0, for_func_index=false) at src/box/key_def.c:320
NO_WRAP

Closes #8688

NO_DOC=bugfix

box.ctl.demote() used not to do anything with election_mode='off'
if the synchro queue didn't belong to the caller in the same term
as the election state.

The reason could be that if the synchro queue term is "outdated",
there is no guarantee that some other instance doesn't own it in
the latest term right now.

The "problem" is that this could be workarounded easily by just
calling promote + demote together.

There isn't much sense in fixing it for the off-mode because the
only reasons off-mode exists are 1) for people who don't use
synchro at all, 2) who did use it and want to stop. Hence they
need demote just to disown the queue.

The patch "legalizes" the mentioned workaround by allowing to
perform demote in off-mode even if the synchro queue term is old.

Closes #6860

NO_DOC=bugfix

Module API documentation is described in Doxygen comments in C/C++ files
in src/ directory. No sense to run this job for other changes. The patch
changes paths in workflow accordingly.

NO_CHANGELOG=ci
NO_DOC=ci
NO_TEST=ci

Fuzzing is a heavyweight job, we can reduce a set of paths used for
triggering this job and therefore reduce an overall time of testing in
some cases.

The patch replaces `.github/workflows/**` to
`.github/workflows/fuzzing.yml` because workflows are independent and
changes in other workflows does not affect fuzzing at all and patch adds
Lua files (`**.lua`) to ignores because fuzzing focused on C/C++ code.

NO_CHANGELOG=ci
NO_DOC=ci
NO_TEST=ci

The function update_view_references is called when an SQL view
is created or dropped. The goal of this function is to modify
(increment or decrement) view_ref_count member of spaces that
the view references.

There were a several issues that deserves to be refactored:
* By design in case of error it left the job partially done, so
  some space references were modified while some other - not.
  Although there was no bug since special steps were made in case
  of error, this pattern is inconvenient and should be avoided.
* In case of error the failing space name was returned via special
  argument which is not flexible and even requires allocation.
* Another argument - suppress_error - has actually never
  suppressed any error because the only case when an error could
  occur is creation of a view, which used suppress_error = false.
* Fail of that function was not actually covered with tests.

So this commit:
* Makes the function to do all or nothing.
* Forces the function to set diag by itself in case of error.
* Removes suppress_error argument while adding several asserts.\
* Adds a small test that fulfills coverage.

NO_DOC=refactoring
NO_CHANGELOG=reafactoring

By design a newly created SrcList object contains one element
with NULL name. That was confusing and led to strange NULL checks
in a list that could not contain NULL names.

Fix it by clearing the list before usage.

NO_DOC=refactoring
NO_CHANGELOG=reafactoring
NO_TEST=refactoring

Since we panic on OOM now, no OOM error handling is needed now.
Fix both internals of the function and how it is used in alter.

NO_DOC=refactoring
NO_CHANGELOG=reafactoring
NO_TEST=refactoring

We have a few functions that decode MsgPack data assuming it was
previously checked with mp_check(). This means it's safe to expect
that MP_EXT contains valid data because we install a custom checker
for MP_EXT in msgpack_init. So let's replace errors with assertions,
removing the dead code.

NO_DOC=code cleanup
NO_TEST=code cleanup
NO_CHANGELOG=code cleanup

The new macro is like assert, but it evaluates the checked expression
even in the release mode.

NO_DOC=internal
NO_TEST=internal
NO_CHANGELOG=internal

NO_DOC=no code changes
NO_TEST=no code changes
NO_CHANGELOG=no code changes

The test gives some initial permissions for a newly created user. Then,
it synchronizes the permissions with ones that are given in the new
configuration format. The resulting permissions should be the same as
described in the configuration (plus defaults).

The code that grants the initial permissions has a typo in one of the
permission descriptions, so it is not granted (and this error is
silently ignored). It doesn't affect the test case successfulness,
because this permission is anyway expected to be revoked by the
synchronization.

The patch fixes the initial privilege granting code and makes the test
actually verifying that the given permission is revoked.

Part of #8967

NO_DOC=It is a fix of a test.
NO_CHANGELOG=see NO_DOC

They're failing on Tarantool EE, because pap-sha256 requires to setup a
secure connection. The test doesn't do that.

The test is to be updated later. Now, just disable these test cases.

Part of #8967

NO_DOC=A testing change.
NO_CHANGELOG=see NO_DOC

The hide/show prompt console functionality sometimes breaks the
`config-luatest/credentials_applier` test. The patch disables it for
affected test cases. See a comment in the test for details.

Part of #8967

NO_DOC=It is a fix of a test.
NO_CHANGELOG=see NO_DOC

It is needed to fix a problem in the
`config-luatest/credentials_applier` test. See the next commit.

NO_DOC=It is a testing helper improvement.
NO_CHANGELOG=see NO_DOC
NO_TEST=see NO_DOC

It was forgotten in commit 6712ab9a ("config: change default paths
to var/<...>"). Overlooked, because the test case is to be run only on
Tarantool EE.

Part of #8862

NO_DOC=It is a fix of a testing problem.
NO_CHANGELOG=see NO_DOC

The instance config schema was changed in commit 4bb1eb0e ("config:
remove hashes from credentials.password"), but an example of a config
for etcd was not updated.

The example is tested on Tarantool EE, so we should update it to fix the
testing failure.

Part of #8967

NO_DOC=It is a fix of the testing problem.
NO_CHANGELOG=see NO_DOC
NO_TEST=It is a fix of a test in fact.

Follow-up #9007

NO_DOC=Will be described when full support for vshard is introduced.
NO_CHANGELOG=Addition of an example.

This update pulls the following commits:

* Add mp_check_on_error callback
* Make test output TAP compatible

It also drops the msgpack test result file because the test was switched
to the TAP compatible format.

Needed for #7968

NO_DOC=internal
NO_CHANGELOG=internal

This patch introduces initial support for the vshard configuration.
There is still a lot to be done in both vshard and the config to be able
to run vshard naturally. Key support restrictions introduced in the
patch:
1) at the moment there are only two roles: storage and router;
2) the entire config is considered a configuration for one sharded
system;
3) the rebalancer is currently disabled;
4) The router can automatically find all masters, but once all masters
are found, any changes to the masters will be ignored until
vshard.router.cfg() is called manually.

Closes #9007

NO_DOC=Will be described when full support for vshard is introduced.

This patch introduces all sharding parameters except "weight".

Part of #9007

NO_DOC=Will be described when full support for vshard is introduced.

This patch moves the code that compiles iproto.advertise.peer to
instance_config. This will allow us to use this function for
iproto.advertise.sharding.

Part of #9007

NO_DOC=refactoring
NO_TEST=refactoring
NO_CHANGELOG=refactoring

It is convenient for development environments, when the configuration
file and the application sources reside in the same directory.

The same logic was recently implemented for the main script, see #8182.
The same problems appears in context of startup from a configuration
file, so it seems meaningful to adjust module search paths in this case
too.

Part of #8862

NO_DOC=This change is too minor to describe in the documentation issue
       https://github.com/tarantool/doc/issues/3544. I'll work with the
       documentation team regarding details of startup/reload flow and
       we'll determine what should go to the user documentation and what
       shouldn't.

The new default directory layout is the following.

```
+ var/
  + lib/
    + instance-001/
      - *.xlog
      - *.snap
      - *.vylog
  + log/
    + instance-001/
      - tarantool.log
  + run/
    + instance-001/
      - tarantool.control
      - tarantool.pid
```

Our guess is that it should be convenient for development environments,
when the application consists of several instances. The idea is borrowed
from the `cartridge-cli` and `tt` tools.

We plan to synchronize these defaults with the `tt` tool, to simplify
cases, when pure tarantool (without `tt`) should be run in the
directories layout created by `tt`. It should simplify debugging using
`gdb`, `strace` and other tools.

Also, it should reduce possible confusion for users of `cartridge-cli`
and `tt`.

Part of #8862

NO_DOC=https://github.com/tarantool/doc/issues/3544 already points to
       the actual instance config schema

The current working directory of a tarantool process is changed during
startup to `process.work_dir`.

The mkdir applier works before and after this point, so it should take
into account both situations.

Before first box.cfg() call (in the box_cfg applier) it should prepend
directories with `process.work_dir`. However, it shouldn't do that after
the current wordking directory change.

Part of #8862

NO_DOC=It is bugfix.

The `process.work_dir` option can be set in the configuration. All the
other directories/files has the before-box-cfg creation logic and it
seems meaningful to support it for `process.work_dir` too.

Part of #8862

NO_DOC=This change is too minor to describe in the documentation issue
       https://github.com/tarantool/doc/issues/3544. I'll work with the
       documentation team regarding details of startup/reload flow and
       we'll determine what should go to the user documentation and what
       shouldn't.

For example, if we want the logs to be in a separate `var/log`
directory, it is convenient to just configure it as `var/run/{{
instance_name }}.log` and let tarantool create the parent directory.

Part of #8862

NO_DOC=This change is too minor to describe in the documentation issue
       https://github.com/tarantool/doc/issues/3544. I'll work with the
       documentation team regarding details of startup/reload flow and
       we'll determine what should go to the user documentation and what
       shouldn't.

For example, if we want the console socket to be in a separate `var/run`
directory, it is convenient to just configure it as `var/run/{{
instance_name }}.control` and let tarantool create the parent directory.

Part of #8862

NO_DOC=This change is too minor to describe in the documentation issue
       https://github.com/tarantool/doc/issues/3544. I'll work with the
       documentation team regarding details of startup/reload flow and
       we'll determine what should go to the user documentation and what
       shouldn't.

Before this patch an attempt to set, say, `wal.dir` option to a
non-existent directory `foo` succeeds, while the same with `foo/bar`
directory fails.

The patch removes a race condition check, because `fio.mktree()`
performs the check on its own. See #4660 for details.

Part of #8862

NO_DOC=It is a bugfix.

We agreed that it is up to a user how to draw a line between one set of
instances that is considered as a separate cluster and another set of
instances that is assumed as a different cluster. This line is virtual
and there is no sense to impose restrictions until we add some certain
(and consistent) semantic to word 'cluster' in context of tarantool.

Part of #8862

NO_DOC=There is an existing documentation request
       https://github.com/tarantool/doc/issues/3544 and it doesn't
       describe such details. I'll work with the documentation team on
       demand on all the necessary details anyway.

Before this patch, user password could be set or updated only for
auth_type == 'chap-sha1'. Now password can be set, updated or removed
for any auth_type. Note that the password is changed only if necessary
to minimise db writes.

Part of #8967

NO_DOC=tarantool/doc#3544 links the most actual schema,
       no need to update the issue.

In the initial credentials schema, the hashes were supposed to give a
way to have passwords out of plain-text config file.
Later, it was decided to remove this feature, because this way of
authorisation is inferior to the one with auth service and tokens,
but the latter is out of scope for current config development.
This patch removes `credentials.password.{sha1,sha256}` and moves
plain password from `credentials.password.plain` to `credentials.password`.

Part of #8967

NO_DOC=tarantool/doc#3544 links the most actual schema,
       no need to update the issue.
NO_CHANGELOG=removed feature was not released yet

Before this patch, credentials applier used to just grant all privileges
and permissions with {if_not_exists = true}. It didn't allow removing a
permission, nor setting only new permissions.

Now credentials applier converts box configuration and desired config to
an intermediate representation, calculates diff for them and only after
that applies the diff.

Part of #8967

NO_DOC=yet