rabbitmq: Make helm test work with TLS
Update helm test pod and script to use TLS certificates. Change-Id: Ic599014227ad63303bdc2758862f02dcefec66c7
This commit is contained in:
parent
948e07e151
commit
2a11071e8b
@ -15,6 +15,6 @@ apiVersion: v1
|
||||
appVersion: v3.7.26
|
||||
description: OpenStack-Helm RabbitMQ
|
||||
name: rabbitmq
|
||||
version: 0.1.7
|
||||
version: 0.1.8
|
||||
home: https://github.com/rabbitmq/rabbitmq-server
|
||||
...
|
||||
|
@ -32,12 +32,27 @@ set -x
|
||||
|
||||
function rabbitmqadmin_authed () {
|
||||
set +x
|
||||
if [ -n "$RABBITMQ_X509" ]
|
||||
then
|
||||
rabbitmqadmin \
|
||||
--ssl \
|
||||
--ssl-disable-hostname-verification \
|
||||
--ssl-ca-cert-file="/etc/rabbitmq/certs/ca.crt" \
|
||||
--ssl-cert-file="/etc/rabbitmq/certs/tls.crt" \
|
||||
--ssl-key-file="/etc/rabbitmq/certs/tls.key" \
|
||||
--host="${RABBIT_HOSTNAME}" \
|
||||
--port="${RABBIT_PORT}" \
|
||||
--username="${RABBITMQ_ADMIN_USERNAME}" \
|
||||
--password="${RABBITMQ_ADMIN_PASSWORD}" \
|
||||
${@}
|
||||
else
|
||||
rabbitmqadmin \
|
||||
--host="${RABBIT_HOSTNAME}" \
|
||||
--port="${RABBIT_PORT}" \
|
||||
--username="${RABBITMQ_ADMIN_USERNAME}" \
|
||||
--password="${RABBITMQ_ADMIN_PASSWORD}" \
|
||||
$@
|
||||
fi
|
||||
set -x
|
||||
}
|
||||
|
||||
|
@ -51,6 +51,10 @@ spec:
|
||||
value: {{ tuple "oslo_messaging" "internal" "user" "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | quote }}
|
||||
- name: RABBIT_REPLICA_COUNT
|
||||
value: {{ $envAll.Values.pod.replicas.server | quote }}
|
||||
{{- if $envAll.Values.manifests.certificates }}
|
||||
- name: RABBITMQ_X509
|
||||
value: "REQUIRE X509"
|
||||
{{- end }}
|
||||
command:
|
||||
- /tmp/rabbitmq-test.sh
|
||||
volumeMounts:
|
||||
@ -60,6 +64,7 @@ spec:
|
||||
mountPath: /tmp/rabbitmq-test.sh
|
||||
subPath: rabbitmq-test.sh
|
||||
readOnly: true
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.oslo_messaging.server.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||
volumes:
|
||||
- name: pod-tmp
|
||||
emptyDir: {}
|
||||
@ -67,4 +72,5 @@ spec:
|
||||
configMap:
|
||||
name: {{ printf "%s-%s" $envAll.Release.Name "rabbitmq-bin" | quote }}
|
||||
defaultMode: 0555
|
||||
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.oslo_messaging.server.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
|
||||
{{- end }}
|
||||
|
@ -7,4 +7,5 @@ rabbitmq:
|
||||
- 0.1.5 Update Rabbitmq exporter version
|
||||
- 0.1.6 Disallow privilege escalation in rabbitmq server container
|
||||
- 0.1.7 Adding TLS logic to rabbitmq
|
||||
- 0.1.8 Make helm test work with TLS
|
||||
...
|
||||
|
Loading…
Reference in New Issue
Block a user