mirror of
https://github.com/percona/percona-toolkit.git
synced 2025-09-19 02:05:23 +00:00
PT-2299 - collect openssl x509 certificate information for each secret
- Added missed secrets for PXC, MySQL and MongoDB
This commit is contained in:
Sveta Smirnova
@@ -179,6 +179,16 @@ func New(location, namespace, resource string, kubeconfig string, forwardport st
|
||||
resource: "pxc",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
sslSecret{
|
||||
secret: "{{ .Name }}-ssl-internal",
|
||||
resource: "pxc",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
sslSecret{
|
||||
secret: "{{ .Name }}-ca-cert",
|
||||
resource: "pxc",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
)
|
||||
case "ps":
|
||||
sslSecrets = append(sslSecrets,
|
||||
@@ -187,6 +197,11 @@ func New(location, namespace, resource string, kubeconfig string, forwardport st
|
||||
resource: "ps",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
sslSecret{
|
||||
secret: "{{ .Name }}-ca-cert",
|
||||
resource: "pxc",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
)
|
||||
case "psmdb":
|
||||
sslSecrets = append(sslSecrets,
|
||||
@@ -195,6 +210,16 @@ func New(location, namespace, resource string, kubeconfig string, forwardport st
|
||||
resource: "psmdb",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
sslSecret{
|
||||
secret: "{{ .Name }}-ssl-internal",
|
||||
resource: "pxc",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
sslSecret{
|
||||
secret: "{{ .Name }}-ca-cert",
|
||||
resource: "pxc",
|
||||
dataNames: []string{"ca.crt", "tls.crt"},
|
||||
},
|
||||
)
|
||||
}
|
||||
d.resources = resources
|
||||
|
||||
@@ -229,14 +229,26 @@ func TestSSLResourceOption(t *testing.T) {
|
||||
name: "auto pxc",
|
||||
resource: "auto",
|
||||
cmds: [][]string{
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
},
|
||||
want: []string{
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
},
|
||||
kubeconfig: os.Getenv("KUBECONFIG_PXC"),
|
||||
},
|
||||
@@ -244,14 +256,20 @@ func TestSSLResourceOption(t *testing.T) {
|
||||
name: "auto ps",
|
||||
resource: "auto",
|
||||
cmds: [][]string{
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
},
|
||||
want: []string{
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
},
|
||||
kubeconfig: os.Getenv("KUBECONFIG_PS"),
|
||||
},
|
||||
@@ -259,14 +277,26 @@ func TestSSLResourceOption(t *testing.T) {
|
||||
name: "auto psmdb",
|
||||
resource: "auto",
|
||||
cmds: [][]string{
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||
},
|
||||
want: []string{
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
"ca.crt",
|
||||
"Certificate",
|
||||
"tls.crt",
|
||||
},
|
||||
kubeconfig: os.Getenv("KUBECONFIG_PSMDB"),
|
||||
},
|
||||
@@ -274,8 +304,8 @@ func TestSSLResourceOption(t *testing.T) {
|
||||
name: "auto pg",
|
||||
resource: "auto",
|
||||
cmds: [][]string{
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl-ca"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl-ca"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-ca"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-ca"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-keypair"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-keypair"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo.tls"},
|
||||
@@ -295,9 +325,9 @@ func TestSSLResourceOption(t *testing.T) {
|
||||
name: "auto pgv2",
|
||||
resource: "auto",
|
||||
cmds: [][]string{
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*cluster-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*cluster-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*cluster-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-cluster-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-cluster-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-cluster-cert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o root.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo-root-cacert"},
|
||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo-root-cacert"},
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user