github.com/percona/percona-xtradb-cluster-operator@v1.14.0/e2e-tests/users/run (about) 1 #!/bin/bash 2 3 set -o errexit 4 5 test_dir=$(realpath $(dirname $0)) 6 . ${test_dir}/../functions 7 8 set_debug 9 10 is_password_updated() { 11 local username=$1 12 local uri=$2 13 run_mysql "SELECT User_attributes FROM mysql.user WHERE user='${username}'" "${uri}" | grep additional_password 14 } 15 16 is_old_password_discarded() { 17 local username=$1 18 local uri=$2 19 run_mysql "SELECT User_attributes FROM mysql.user WHERE user='${username}'" "${uri}" | grep NULL 20 } 21 22 wait_for_password_propagation() { 23 local secret=$1 24 local user=$2 25 local max_retry="${3:-240}" 26 local root_pass=$(getSecretData "${secret}" "root") 27 28 if [[ $IMAGE_PXC =~ 5\.7 ]]; then 29 echo "Skipping dual password feature doesn't work for 5.7. PXC 5.7 doesn't support it!" 30 return 31 fi 32 retry=0 33 until is_password_updated "${user}" "-h ${cluster}-pxc -uroot -p'${root_pass}'"; do 34 echo "waiting for password update" 35 sleep 1 36 let retry+=1 37 if [[ $retry -ge $max_retry ]]; then 38 echo max retry count $retry reached. something went wrong with operator or kubernetes cluster 39 exit 1 40 fi 41 done 42 43 retry=0 44 until is_old_password_discarded "${user}" "-h ${cluster}-pxc -uroot -p'${root_pass}'"; do 45 echo "waiting for password propagation" 46 sleep 1 47 let retry+=1 48 if [[ $retry -ge $max_retry ]]; then 49 echo max retry count $retry reached. something went wrong with operator or kubernetes cluster 50 exit 1 51 fi 52 done 53 } 54 55 create_infra $namespace 56 57 desc 'create PXC cluster' 58 59 newpass="test-password" 60 newpassencrypted=$(echo -n "$newpass" | base64) 61 62 cluster="some-name" 63 spinup_pxc "$cluster" "$conf_dir/$cluster.yml" 64 65 desc 'test root' 66 patch_secret "my-cluster-secrets" "root" "$newpassencrypted" 67 sleep 15 68 compare_mysql_cmd "select-4" "SHOW TABLES;" "-h $cluster-proxysql -uroot -p'$newpass'" 69 70 desc 'test proxyadmin' 71 kubectl_bin patch pxc some-name --type=merge -p="{\"spec\":{\"proxysql\":{\"size\":3}}}" 72 sleep 15 73 wait_cluster_consistency "$cluster" 3 3 74 patch_secret "my-cluster-secrets" "proxyadmin" "$newpassencrypted" 75 sleep 15 76 wait_cluster_consistency "$cluster" 3 3 77 compare_mysql_cmd_local "select-2" "SHOW TABLES;" "-h127.0.0.1 -P6032 -uproxyadmin -p'$newpass'" "$cluster-proxysql-0" "" 'proxysql' 78 compare_mysql_cmd_local "select-2" "SHOW TABLES;" "-h127.0.0.1 -P6032 -uproxyadmin -p'$newpass'" "$cluster-proxysql-1" "" 'proxysql' 79 compare_mysql_cmd_local "select-2" "SHOW TABLES;" "-h127.0.0.1 -P6032 -uproxyadmin -p'$newpass'" "$cluster-proxysql-2" "" 'proxysql' 80 81 desc 'test xtrabackup' 82 kubectl_bin patch pxc some-name --type=merge -p="{\"spec\":{\"proxysql\":{\"size\":2}}}" 83 patch_secret "my-cluster-secrets" "xtrabackup" "$newpassencrypted" 84 sleep 15 85 wait_cluster_consistency "$cluster" 3 2 86 compare_mysql_cmd_local "select-3" "SHOW DATABASES;" "-h 127.0.0.1 -uxtrabackup -p'$newpass'" "$cluster-pxc-0" "" 'pxc' 87 88 desc 'test monitor' 89 patch_secret "my-cluster-secrets" "monitor" "$newpassencrypted" 90 wait_for_password_propagation "my-cluster-secrets" "monitor" 91 wait_cluster_consistency "$cluster" 3 2 92 sleep 10 # give some time for proxy-admin --syncusers 93 compare_mysql_cmd "select-4" "SHOW TABLES;" "-h $cluster-proxysql -umonitor -p'$newpass'" 94 95 desc 'test operator' 96 patch_secret "my-cluster-secrets" "operator" "$newpassencrypted" 97 sleep 15 98 wait_cluster_consistency "$cluster" 3 2 99 sleep 10 # give some time for proxy-admin --syncusers 100 compare_mysql_cmd "select-4" "SHOW TABLES;" "-h $cluster-proxysql -uoperator -p'$newpass'" 101 102 desc 'change secret name' 103 kubectl_bin patch pxc $cluster --type merge --patch '{"spec": {"secretsName":"my-cluster-secrets-2"}}' 104 sleep 30 105 wait_cluster_consistency "$cluster" 3 2 106 107 desc 'test new operator' 108 newpass="test-password2" 109 newpassencrypted=$(echo -n "$newpass" | base64) 110 patch_secret "my-cluster-secrets-2" "operator" "$newpassencrypted" 111 sleep 15 112 wait_cluster_consistency "$cluster" 3 2 113 114 sleep 20 # give some time for proxy-admin --syncusers 115 116 compare_mysql_cmd "select-4" "SHOW TABLES;" "-h $cluster-proxysql -uoperator -p'$newpass'" 117 118 newpass=$(getSecretData "my-cluster-secrets-2" "root") 119 desc 'test new users sync' 120 run_mysql \ 121 "CREATE USER 'testsync'@'%' IDENTIFIED BY '$newpass';" \ 122 "-h $cluster-pxc -uroot -p'$newpass'" 123 sleep 40 124 compare_mysql_cmd "select-4" "SHOW TABLES;" "-h $cluster-proxysql -utestsync -p'$newpass'" 125 126 pass=$(getSecretData "internal-some-name" "operator") 127 desc 'check secret without operator' 128 kubectl_bin apply \ 129 -f "$test_dir/conf/secrets.yml" 130 sleep 15 131 compare_mysql_cmd "select-4" "SHOW TABLES;" "-h $cluster-proxysql -uoperator -p'$pass'" 132 133 newpass="test-password2" 134 newpassencrypted=$(echo -n "$newpass" | base64) 135 apply_config "$test_dir/conf/some-name.yml" 136 sleep 15 137 wait_cluster_consistency "$cluster" 3 3 138 patch_secret "my-cluster-secrets" "monitor" "$newpassencrypted" 139 sleep 15 140 wait_cluster_consistency "$cluster" 3 3 141 compare_mysql_cmd "select-3" "SHOW DATABASES;" "-h $cluster-haproxy -umonitor -p'$newpass'" 142 143 destroy "${namespace}" 144 desc "test passed"