Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(certificate_builder): Add ssl factory entrypoint for cqlshrc #10509

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(certificate_builder): Add ssl factory entrypoint for cqlshrc #10509

wants to merge 1 commit into from

Conversation

k0machi
Copy link
Contributor

@k0machi k0machi commented Mar 27, 2025
edited
Loading

This commit allows scylla-doctor to use correct certificates when
checking CQLsh liveliness.

Fixes #10490

Testing

PR pre-checks (self review)

  • I added the relevant backport labels
  • I didn't leave commented-out/debugging code

Reminders

  • Add New configuration option and document them (in sdcm/sct_config.py)
  • Add unit tests to cover my changes (under unit-test/ folder)
  • Update the Readme/doc folder relevant to this change (if needed)

@k0machi k0machi self-assigned this Mar 27, 2025
@k0machi k0machi requested review from fruch and soyacz March 27, 2025 13:53
@k0machi k0machi force-pushed the fips-scylla-doctor-use-ssl branch from de9eaa5 to 19e09cd Compare March 27, 2025 14:57
@fruch
Copy link
Contributor

fruch commented Mar 27, 2025

@k0machi

17:04:19    File "/tmp/jenkins/workspace/scylla-staging/alexey/artifacts-ubuntu2004-fips-test/scylla-cluster-tests/sdcm/provision/scylla_yaml/certificate_builder.py", line 37, in update_cqlshrc
17:04:19      config['connection']['ssl'] = True
17:04:19    File "/usr/local/lib/python3.10/configparser.py", line 1263, in __setitem__
17:04:19      self._parser._validate_value_types(option=key, value=value)
17:04:19    File "/usr/local/lib/python3.10/configparser.py", line 1190, in _validate_value_types
17:04:19      raise TypeError("option values must be strings")
17:04:19  TypeError: option values must be strings

@k0machi k0machi force-pushed the fips-scylla-doctor-use-ssl branch from 19e09cd to f6c8b41 Compare March 27, 2025 16:39
@k0machi @fruch
fix(certificate_builder): Add ssl factory entrypoint for cqlshrc
56f0ff9 
This commit allows scylla-doctor to use correct certificates when
checking CQLsh liveliness.

Fixes scylladb#10490
@fruch fruch force-pushed the fips-scylla-doctor-use-ssl branch from f6c8b41 to 56f0ff9 Compare March 27, 2025 17:43
@soyacz
Copy link
Contributor

soyacz commented Mar 28, 2025

still test failed - is it related to this one?

@fruch
Copy link
Contributor

fruch commented Mar 30, 2025

still test failed - is it related to this one?

yes, scylla-doctor still fails to run cqlsh

@k0machi
Copy link
Contributor Author

k0machi commented Mar 31, 2025

still test failed - is it related to this one?

yes, scylla-doctor still fails to run cqlsh

I'll check the generated config - maybe something is wrong there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fruch fruch Awaiting requested review from fruch

@soyacz soyacz Awaiting requested review from soyacz

At least 2 approving reviews are required to merge this pull request.

Assignees

@k0machi k0machi

Labels
backport/6.2 backport/2024.2 Need backport to 2024.2 backport/2025.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Client-side encryption parameters should be stored inside .cqlshrc as well
3 participants
@k0machi @fruch @soyacz