github.com/pingcap/tiflow@v0.0.0-20240520035814-5bf52d54e205/tests/integration_tests/http_api_tls_with_user_auth/run.sh (about) 1 #!/bin/bash 2 3 set -eu 4 5 CUR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) 6 source $CUR/../_utils/test_prepare 7 WORK_DIR=$OUT_DIR/$TEST_NAME 8 CDC_BINARY=cdc.test 9 SINK_TYPE=$1 10 TLS_DIR=$(cd $CUR/../_certificates && pwd) 11 MAX_RETRIES=20 12 13 function run() { 14 # storage and kafka are the same as mysql 15 if [ "$SINK_TYPE" != "mysql" ]; then 16 return 17 fi 18 19 sudo python3 -m pip install -U requests==2.26.0 20 21 rm -rf $WORK_DIR && mkdir -p $WORK_DIR 22 23 start_tidb_cluster --workdir $WORK_DIR 24 start_tls_tidb_cluster --workdir $WORK_DIR --tlsdir $TLS_DIR 25 run_sql "CREATE USER 'ticdc'@'%' IDENTIFIED BY 'ticdc_secret';" ${TLS_TIDB_HOST} ${TLS_TIDB_PORT} \ 26 --ssl-ca=$TLS_DIR/ca.pem \ 27 --ssl-cert=$TLS_DIR/server.pem \ 28 --ssl-key=$TLS_DIR/server-key.pem 29 30 cd $WORK_DIR 31 32 echo " \ 33 [security] 34 ca-path = \"$TLS_DIR/ca.pem\" 35 cert-path = \"$TLS_DIR/server.pem\" 36 key-path = \"$TLS_DIR/server-key.pem\" 37 cert-allowed-cn = [\"fake_cn\"] 38 client-user-required = true 39 client-allowed-user=[\"ticdc\"] 40 " >$WORK_DIR/server.toml 41 42 run_cdc_server \ 43 --workdir $WORK_DIR \ 44 --binary $CDC_BINARY \ 45 --logsuffix "_${TEST_NAME}_tls1" \ 46 --pd "https://${TLS_PD_HOST}:${TLS_PD_PORT}" \ 47 --addr "127.0.0.1:8300" \ 48 --config "$WORK_DIR/server.toml" \ 49 --tlsdir "$TLS_DIR" \ 50 --cert-allowed-cn "client" # The common name of client.pem 51 52 sleep 2 53 54 run_cdc_server \ 55 --workdir $WORK_DIR \ 56 --binary $CDC_BINARY \ 57 --logsuffix "_${TEST_NAME}_tls2" \ 58 --pd "https://${TLS_PD_HOST}:${TLS_PD_PORT}" \ 59 --addr "127.0.0.1:8301" \ 60 --config "$WORK_DIR/server.toml" \ 61 --tlsdir "$TLS_DIR" \ 62 --cert-allowed-cn "client" # The common name of client.pem 63 64 # wait for cdc run 65 sleep 2 66 67 SINK_URI="mysql://normal:123456@127.0.0.1:3306/" 68 69 python3 $CUR/util/test_case.py check_health $TLS_DIR 70 python3 $CUR/util/test_case.py get_status $TLS_DIR 71 72 python3 $CUR/util/test_case.py create_changefeed $TLS_DIR "$SINK_URI" 73 # wait for all changefeed created 74 ensure $MAX_RETRIES check_changefeed_state "https://${TLS_PD_HOST}:${TLS_PD_PORT}" "changefeed-test1" "normal" "null" ${TLS_DIR} 75 ensure $MAX_RETRIES check_changefeed_state "https://${TLS_PD_HOST}:${TLS_PD_PORT}" "changefeed-test2" "normal" "null" ${TLS_DIR} 76 ensure $MAX_RETRIES check_changefeed_state "https://${TLS_PD_HOST}:${TLS_PD_PORT}" "changefeed-test3" "normal" "null" ${TLS_DIR} 77 ensure $MAX_RETRIES check_changefeed_state "https://${TLS_PD_HOST}:${TLS_PD_PORT}" "changefeed-test4" "normal" "null" ${TLS_DIR} 78 79 # test processor query with no attached tables 80 #TODO: comment this test temporary 81 #python $CUR/util/test_case.py get_processor $TLS_DIR 82 83 run_sql "CREATE table test.simple0(id int primary key, val int);" 84 run_sql "CREATE table test.\`simple-dash\`(id int primary key, val int);" 85 run_sql "CREATE table test.simple1(id int primary key, val int);" ${TLS_TIDB_HOST} ${TLS_TIDB_PORT} \ 86 --ssl-ca=$TLS_DIR/ca.pem \ 87 --ssl-cert=$TLS_DIR/server.pem \ 88 --ssl-key=$TLS_DIR/server-key.pem 89 run_sql "CREATE table test.simple2(id int primary key, val int);" ${TLS_TIDB_HOST} ${TLS_TIDB_PORT} \ 90 --ssl-ca=$TLS_DIR/ca.pem \ 91 --ssl-cert=$TLS_DIR/server.pem \ 92 --ssl-key=$TLS_DIR/server-key.pem 93 run_sql "INSERT INTO test.simple1(id, val) VALUES (1, 1);" ${TLS_TIDB_HOST} ${TLS_TIDB_PORT} \ 94 --ssl-ca=$TLS_DIR/ca.pem \ 95 --ssl-cert=$TLS_DIR/server.pem \ 96 --ssl-key=$TLS_DIR/server-key.pem 97 run_sql "INSERT INTO test.simple1(id, val) VALUES (2, 2);" ${TLS_TIDB_HOST} ${TLS_TIDB_PORT} \ 98 --ssl-ca=$TLS_DIR/ca.pem \ 99 --ssl-cert=$TLS_DIR/server.pem \ 100 --ssl-key=$TLS_DIR/server-key.pem 101 run_sql "CREATE table test.verify_table_eligible(id int primary key, val int);" ${TLS_TIDB_HOST} ${TLS_TIDB_PORT} \ 102 --ssl-ca=$TLS_DIR/ca.pem \ 103 --ssl-cert=$TLS_DIR/server.pem \ 104 --ssl-key=$TLS_DIR/server-key.pem 105 run_sql "CREATE table test.verify_table_ineligible(id int, val int);" ${TLS_TIDB_HOST} ${TLS_TIDB_PORT} \ 106 --ssl-ca=$TLS_DIR/ca.pem \ 107 --ssl-cert=$TLS_DIR/server.pem \ 108 --ssl-key=$TLS_DIR/server-key.pem 109 # wait for above sql done in the up source 110 sleep 2 111 112 check_table_exists test.simple1 ${DOWN_TIDB_HOST} ${DOWN_TIDB_PORT} 113 114 sequential_cases=( 115 "list_changefeed" 116 "get_changefeed" 117 "pause_changefeed" 118 "update_changefeed" 119 "resume_changefeed" 120 "rebalance_table" 121 "list_processor" 122 "get_processor" 123 "move_table" 124 "set_log_level" 125 "remove_changefeed" 126 "resign_owner" 127 "get_tso" 128 "verify_table" 129 "create_changefeed_v2" 130 "delete_changefeed_v2" 131 "unsafe_apis" 132 ) 133 134 for case in ${sequential_cases[@]}; do 135 echo "running $case" 136 python3 $CUR/util/test_case.py "$case" $TLS_DIR 137 sleep 1 138 done 139 140 cleanup_process $CDC_BINARY 141 } 142 143 trap stop_tidb_cluster EXIT 144 run $* 145 check_logs $WORK_DIR 146 echo "[$(date)] <<<<<< run test case $TEST_NAME success! >>>>>>"