github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/tls-issue-cert-manager/run (about)

     1  #!/bin/bash
     2  
     3  set -o errexit
     4  
     5  test_dir=$(realpath $(dirname $0))
     6  . ${test_dir}/../functions
     7  
     8  set_debug
     9  
    10  check_verify_identity() {
    11  	local host="$1"
    12  
    13  	local command="exit"
    14  	local args="--ssl-ca=/etc/mysql/ssl-internal/ca.crt --ssl-mode=VERIFY_IDENTITY --protocol=tcp -uroot -proot_password --host=$host"
    15  
    16  	kubectl_bin exec "$cluster-pxc-0" -- \
    17  		bash -c "printf '%s\n' \"${command}\" | mysql -sN $args"
    18  }
    19  
    20  main() {
    21  	create_infra $namespace
    22  	cluster="some-name-tls-issue"
    23  
    24  	desc 'deploy cert manager'
    25  	deploy_cert_manager
    26  
    27  	desc 'create pxc cluster'
    28  	spinup_pxc "$cluster" "$test_dir/conf/$cluster.yml" 3 10 "$conf_dir/secrets_without_tls.yml" "$test_dir/conf/client.yml"
    29  	wait_cluster_consistency "$cluster" 3 2
    30  
    31  	desc 'check if certificates issued with certmanager'
    32  	tlsSecretsShouldExist "$cluster-ssl"
    33  
    34  	desc 'check if CA issuer created'
    35  	compare_kubectl issuer/$cluster-pxc-ca-issuer
    36  
    37  	desc 'check if issuer created'
    38  	compare_kubectl issuer/$cluster-pxc-issuer
    39  
    40  	desc 'check if certificate issued'
    41  	compare_kubectl certificate/$cluster-ssl
    42  
    43  	apply_config "$test_dir/conf/$cluster-haproxy.yml"
    44  	wait_for_running "$cluster-haproxy" 1
    45  	wait_cluster_consistency "$cluster" 3 2
    46  
    47  	desc 'check ssl-internal certificate using PXC'
    48  	check_verify_identity "$cluster-pxc"
    49  	desc 'check ssl-internal certificate using HAProxy'
    50  	check_verify_identity "$cluster-haproxy"
    51  
    52  	destroy $namespace
    53  	desc "test passed"
    54  }
    55  
    56  main