Merge "rabbitmq: Make helm test work with TLS"
This commit is contained in:
commit
facd41d0f7
@ -15,6 +15,6 @@ apiVersion: v1
|
|||||||
appVersion: v3.7.26
|
appVersion: v3.7.26
|
||||||
description: OpenStack-Helm RabbitMQ
|
description: OpenStack-Helm RabbitMQ
|
||||||
name: rabbitmq
|
name: rabbitmq
|
||||||
version: 0.1.7
|
version: 0.1.8
|
||||||
home: https://github.com/rabbitmq/rabbitmq-server
|
home: https://github.com/rabbitmq/rabbitmq-server
|
||||||
...
|
...
|
||||||
|
@ -32,12 +32,27 @@ set -x
|
|||||||
|
|
||||||
function rabbitmqadmin_authed () {
|
function rabbitmqadmin_authed () {
|
||||||
set +x
|
set +x
|
||||||
rabbitmqadmin \
|
if [ -n "$RABBITMQ_X509" ]
|
||||||
--host="${RABBIT_HOSTNAME}" \
|
then
|
||||||
--port="${RABBIT_PORT}" \
|
rabbitmqadmin \
|
||||||
--username="${RABBITMQ_ADMIN_USERNAME}" \
|
--ssl \
|
||||||
--password="${RABBITMQ_ADMIN_PASSWORD}" \
|
--ssl-disable-hostname-verification \
|
||||||
$@
|
--ssl-ca-cert-file="/etc/rabbitmq/certs/ca.crt" \
|
||||||
|
--ssl-cert-file="/etc/rabbitmq/certs/tls.crt" \
|
||||||
|
--ssl-key-file="/etc/rabbitmq/certs/tls.key" \
|
||||||
|
--host="${RABBIT_HOSTNAME}" \
|
||||||
|
--port="${RABBIT_PORT}" \
|
||||||
|
--username="${RABBITMQ_ADMIN_USERNAME}" \
|
||||||
|
--password="${RABBITMQ_ADMIN_PASSWORD}" \
|
||||||
|
${@}
|
||||||
|
else
|
||||||
|
rabbitmqadmin \
|
||||||
|
--host="${RABBIT_HOSTNAME}" \
|
||||||
|
--port="${RABBIT_PORT}" \
|
||||||
|
--username="${RABBITMQ_ADMIN_USERNAME}" \
|
||||||
|
--password="${RABBITMQ_ADMIN_PASSWORD}" \
|
||||||
|
$@
|
||||||
|
fi
|
||||||
set -x
|
set -x
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -51,6 +51,10 @@ spec:
|
|||||||
value: {{ tuple "oslo_messaging" "internal" "user" "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | quote }}
|
value: {{ tuple "oslo_messaging" "internal" "user" "http" $envAll | include "helm-toolkit.endpoints.authenticated_endpoint_uri_lookup" | quote }}
|
||||||
- name: RABBIT_REPLICA_COUNT
|
- name: RABBIT_REPLICA_COUNT
|
||||||
value: {{ $envAll.Values.pod.replicas.server | quote }}
|
value: {{ $envAll.Values.pod.replicas.server | quote }}
|
||||||
|
{{- if $envAll.Values.manifests.certificates }}
|
||||||
|
- name: RABBITMQ_X509
|
||||||
|
value: "REQUIRE X509"
|
||||||
|
{{- end }}
|
||||||
command:
|
command:
|
||||||
- /tmp/rabbitmq-test.sh
|
- /tmp/rabbitmq-test.sh
|
||||||
volumeMounts:
|
volumeMounts:
|
||||||
@ -60,6 +64,7 @@ spec:
|
|||||||
mountPath: /tmp/rabbitmq-test.sh
|
mountPath: /tmp/rabbitmq-test.sh
|
||||||
subPath: rabbitmq-test.sh
|
subPath: rabbitmq-test.sh
|
||||||
readOnly: true
|
readOnly: true
|
||||||
|
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.oslo_messaging.server.internal "path" "/etc/rabbitmq/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 8 }}
|
||||||
volumes:
|
volumes:
|
||||||
- name: pod-tmp
|
- name: pod-tmp
|
||||||
emptyDir: {}
|
emptyDir: {}
|
||||||
@ -67,4 +72,5 @@ spec:
|
|||||||
configMap:
|
configMap:
|
||||||
name: {{ printf "%s-%s" $envAll.Release.Name "rabbitmq-bin" | quote }}
|
name: {{ printf "%s-%s" $envAll.Release.Name "rabbitmq-bin" | quote }}
|
||||||
defaultMode: 0555
|
defaultMode: 0555
|
||||||
|
{{- dict "enabled" .Values.manifests.certificates "name" .Values.secrets.tls.oslo_messaging.server.internal | include "helm-toolkit.snippets.tls_volume" | indent 4 }}
|
||||||
{{- end }}
|
{{- end }}
|
||||||
|
@ -7,4 +7,5 @@ rabbitmq:
|
|||||||
- 0.1.5 Update Rabbitmq exporter version
|
- 0.1.5 Update Rabbitmq exporter version
|
||||||
- 0.1.6 Disallow privilege escalation in rabbitmq server container
|
- 0.1.6 Disallow privilege escalation in rabbitmq server container
|
||||||
- 0.1.7 Adding TLS logic to rabbitmq
|
- 0.1.7 Adding TLS logic to rabbitmq
|
||||||
|
- 0.1.8 Make helm test work with TLS
|
||||||
...
|
...
|
||||||
|
Loading…
Reference in New Issue
Block a user