[database] Add TLS support for database connections#159
Conversation
…ease-image-integration-test. Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
| // is ready to accept connections. | ||
| // It repeatedly executes `pg_isready` until the command | ||
| // returns a successful exit code (0) or the timeout is reached. | ||
| func (dc *DatabaseContainer) EnsurePostgresNodeReadiness(t *testing.T, port string) { |
There was a problem hiding this comment.
YugabyteDB should support pg_isready
There was a problem hiding this comment.
It is, but not naturally. We need to export the path to its postgres tools. It's easier to monitor its readiness by its logs.
| func (dc *DatabaseContainer) ReadPasswordFromContainer(t *testing.T, filePath string) string { | ||
| t.Helper() | ||
| output, exitCode := dc.ExecuteCommand(t, []string{"cat", filePath}) | ||
| require.Zero(t, exitCode) |
There was a problem hiding this comment.
major: If the file doesn't exist, it fails the test.
But if it exists, and doesn't contain the password, it won't fail the tests.
This inconsistency is not justified.
Please fix or add a comment to justify this.
There was a problem hiding this comment.
We use this method only when a secured YugabyteDB node is started. If the file doesn’t exist, the test should fail. If the file exists but doesn’t contain a password, we fall back to the default password.
I'll add the above to the function's comment.
There was a problem hiding this comment.
But if we try the default password for the secured test, it will not work, right? So, isn't it best to fail the test?
There was a problem hiding this comment.
Actually, I’m not sure how the database behaves in that case, but for consistency, we’ll fail the test in this scenario as well.
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
Signed-off-by: Dean Amar <Dean.Amar@ibm.com>
2 participants
Type of change
Description
Related issues