testcontainers-go icon indicating copy to clipboard operation
testcontainers-go copied to clipboard

Published 20 hours ago verified publisher icon testcontainers

feat:SSL for postgres

Open bearrito opened this issue 10 months ago • 8 comments

What does this PR do?

Enables SSL for postgres

The main thing to recognize when reviewing this is that the secret material must be owned by the postgres user. The docker file copy api doesn't allowfor setting a user when copying. The only way I could think was to take wrap the entrypoint script with one that does what we want.

Why is it important?

User ran into issue trying to use SSL. It's not obviously supported (able) due to file permissions.

Related issues

Link related issues below. Insert the issue link or reference after the word "Closes" if merging this should automatically close it.

  • Closes #2404

How to test this PR

Unit tests will work when complete.

bearrito avatar Apr 08 '24 18:04 bearrito

Deploy Preview for testcontainers-go ready!

Name Link
Latest commit 53d9a1ac70e954800b79f24feb2ee407570f5db5
Latest deploy log https://app.netlify.com/sites/testcontainers-go/deploys/662bd087d8a39a0008d6b1c4
Deploy Preview https://deploy-preview-2473--testcontainers-go.netlify.app
Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

netlify[bot] avatar Apr 08 '24 18:04 netlify[bot]

@bearrito could you please take a look at https://github.com/testcontainers/testcontainers-go/pull/2478? I'm adding helper code to deal with TLS certificates in order to simplify the story for the client code. Wdyt?

mdelapenya avatar Apr 10 '24 14:04 mdelapenya

@mdelapenya That makes a lot of sense. Much cleaner.

Do you want me to wait until that's done then base this on top of that?

bearrito avatar Apr 10 '24 15:04 bearrito

@bearrito I went ahead and extracted the TLS cert generation to a separate go package, which makes more sense: https://github.com/mdelapenya/tlscert

Please take a look and use it as you need here!

mdelapenya avatar Apr 11 '24 16:04 mdelapenya

@mdelapenya Updated to use your package.

bearrito avatar Apr 11 '24 19:04 bearrito

@mdelapenya Update so that the entrypoint is coupled with the ssl settings. What about doing something similar for the conf file?

bearrito avatar Apr 12 '24 13:04 bearrito

@mdelapenya added docs.

bearrito avatar Apr 24 '24 13:04 bearrito

@mdelapenya Anything else on this? I'm going on holiday and am closing out my open pr's

bearrito avatar May 23 '24 13:05 bearrito