mirror of
https://github.com/percona/percona-toolkit.git
synced 2025-09-19 02:05:23 +00:00
PT-2299 - collect openssl x509 certificate information for each secret
- Added missed secrets for PXC, MySQL and MongoDB
This commit is contained in:
Sveta Smirnova
@@ -179,6 +179,16 @@ func New(location, namespace, resource string, kubeconfig string, forwardport st
|
|||||||
resource: "pxc",
|
resource: "pxc",
|
||||||
dataNames: []string{"ca.crt", "tls.crt"},
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
},
|
},
|
||||||
|
sslSecret{
|
||||||
|
secret: "{{ .Name }}-ssl-internal",
|
||||||
|
resource: "pxc",
|
||||||
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
|
},
|
||||||
|
sslSecret{
|
||||||
|
secret: "{{ .Name }}-ca-cert",
|
||||||
|
resource: "pxc",
|
||||||
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
|
},
|
||||||
)
|
)
|
||||||
case "ps":
|
case "ps":
|
||||||
sslSecrets = append(sslSecrets,
|
sslSecrets = append(sslSecrets,
|
||||||
@@ -187,6 +197,11 @@ func New(location, namespace, resource string, kubeconfig string, forwardport st
|
|||||||
resource: "ps",
|
resource: "ps",
|
||||||
dataNames: []string{"ca.crt", "tls.crt"},
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
},
|
},
|
||||||
|
sslSecret{
|
||||||
|
secret: "{{ .Name }}-ca-cert",
|
||||||
|
resource: "pxc",
|
||||||
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
|
},
|
||||||
)
|
)
|
||||||
case "psmdb":
|
case "psmdb":
|
||||||
sslSecrets = append(sslSecrets,
|
sslSecrets = append(sslSecrets,
|
||||||
@@ -195,6 +210,16 @@ func New(location, namespace, resource string, kubeconfig string, forwardport st
|
|||||||
resource: "psmdb",
|
resource: "psmdb",
|
||||||
dataNames: []string{"ca.crt", "tls.crt"},
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
},
|
},
|
||||||
|
sslSecret{
|
||||||
|
secret: "{{ .Name }}-ssl-internal",
|
||||||
|
resource: "pxc",
|
||||||
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
|
},
|
||||||
|
sslSecret{
|
||||||
|
secret: "{{ .Name }}-ca-cert",
|
||||||
|
resource: "pxc",
|
||||||
|
dataNames: []string{"ca.crt", "tls.crt"},
|
||||||
|
},
|
||||||
)
|
)
|
||||||
}
|
}
|
||||||
d.resources = resources
|
d.resources = resources
|
||||||
|
|||||||
@@ -229,14 +229,26 @@ func TestSSLResourceOption(t *testing.T) {
|
|||||||
name: "auto pxc",
|
name: "auto pxc",
|
||||||
resource: "auto",
|
resource: "auto",
|
||||||
cmds: [][]string{
|
cmds: [][]string{
|
||||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
},
|
},
|
||||||
want: []string{
|
want: []string{
|
||||||
"ca.crt",
|
"ca.crt",
|
||||||
"Certificate",
|
"Certificate",
|
||||||
"tls.crt",
|
"tls.crt",
|
||||||
|
"ca.crt",
|
||||||
|
"Certificate",
|
||||||
|
"tls.crt",
|
||||||
|
"ca.crt",
|
||||||
|
"Certificate",
|
||||||
|
"tls.crt",
|
||||||
},
|
},
|
||||||
kubeconfig: os.Getenv("KUBECONFIG_PXC"),
|
kubeconfig: os.Getenv("KUBECONFIG_PXC"),
|
||||||
},
|
},
|
||||||
@@ -244,14 +256,20 @@ func TestSSLResourceOption(t *testing.T) {
|
|||||||
name: "auto ps",
|
name: "auto ps",
|
||||||
resource: "auto",
|
resource: "auto",
|
||||||
cmds: [][]string{
|
cmds: [][]string{
|
||||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
},
|
},
|
||||||
want: []string{
|
want: []string{
|
||||||
"ca.crt",
|
"ca.crt",
|
||||||
"Certificate",
|
"Certificate",
|
||||||
"tls.crt",
|
"tls.crt",
|
||||||
|
"ca.crt",
|
||||||
|
"Certificate",
|
||||||
|
"tls.crt",
|
||||||
},
|
},
|
||||||
kubeconfig: os.Getenv("KUBECONFIG_PS"),
|
kubeconfig: os.Getenv("KUBECONFIG_PS"),
|
||||||
},
|
},
|
||||||
@@ -259,14 +277,26 @@ func TestSSLResourceOption(t *testing.T) {
|
|||||||
name: "auto psmdb",
|
name: "auto psmdb",
|
||||||
resource: "auto",
|
resource: "auto",
|
||||||
cmds: [][]string{
|
cmds: [][]string{
|
||||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl"},
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-internal"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ca-cert"},
|
||||||
},
|
},
|
||||||
want: []string{
|
want: []string{
|
||||||
"ca.crt",
|
"ca.crt",
|
||||||
"Certificate",
|
"Certificate",
|
||||||
"tls.crt",
|
"tls.crt",
|
||||||
|
"ca.crt",
|
||||||
|
"Certificate",
|
||||||
|
"tls.crt",
|
||||||
|
"ca.crt",
|
||||||
|
"Certificate",
|
||||||
|
"tls.crt",
|
||||||
},
|
},
|
||||||
kubeconfig: os.Getenv("KUBECONFIG_PSMDB"),
|
kubeconfig: os.Getenv("KUBECONFIG_PSMDB"),
|
||||||
},
|
},
|
||||||
@@ -274,8 +304,8 @@ func TestSSLResourceOption(t *testing.T) {
|
|||||||
name: "auto pg",
|
name: "auto pg",
|
||||||
resource: "auto",
|
resource: "auto",
|
||||||
cmds: [][]string{
|
cmds: [][]string{
|
||||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl-ca"},
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-ca"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*ssl-ca"},
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-ca"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-keypair"},
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-keypair"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-keypair"},
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-ssl-keypair"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo.tls"},
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo.tls"},
|
||||||
@@ -295,9 +325,9 @@ func TestSSLResourceOption(t *testing.T) {
|
|||||||
name: "auto pgv2",
|
name: "auto pgv2",
|
||||||
resource: "auto",
|
resource: "auto",
|
||||||
cmds: [][]string{
|
cmds: [][]string{
|
||||||
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*cluster-cert"},
|
{"tar", "--to-command", "grep -m 1 -o ca.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-cluster-cert"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*cluster-cert"},
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-cluster-cert"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*cluster-cert"},
|
{"tar", "--to-command", "grep -m 1 -o tls.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/*-cluster-cert"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o root.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo-root-cacert"},
|
{"tar", "--to-command", "grep -m 1 -o root.crt", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo-root-cacert"},
|
||||||
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo-root-cacert"},
|
{"tar", "--to-command", "grep -m 1 -o Certificate", "-xzf", "cluster-dump.tar.gz", "--wildcards", "cluster-dump/*/pgo-root-cacert"},
|
||||||
},
|
},
|
||||||
|
|||||||
Reference in New Issue
Block a user