James Andariese
2a9b3551f8
* adds a server cert from the mtls CA for mtls clients * adds gost as a tls offload for non-mtls clients to work around https://github.com/eclipse/mosquitto/issues/1839 * adds wildcard-tls through external secrets and removes template operator version * removes non-working websockets listener * fixes tests to work with mtls and non-mtls
23 lines
829 B
Bash
23 lines
829 B
Bash
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
TEST=test-$(date +%s)-$RANDOM
|
|
|
|
trap "rm $TEST-*" EXIT
|
|
|
|
./extract-mtls-ca.sh > $TEST-ca.pem
|
|
./extract-mtls-cert.sh > $TEST-user.crt
|
|
./extract-mtls-key.sh > $TEST-user.key
|
|
./extract-mtls-ca.sh > $TEST-user.pem
|
|
./extract-mtls-cert.sh >> $TEST-user.pem
|
|
./extract-mtls-key.sh >> $TEST-user.pem
|
|
|
|
eval "$(kubectl get secret -o json mosquitto-users | jq -r '.data|to_entries[0] | @sh "USERNAME=\(.key)\nPASSWORD=\(@base64d "\(.value)")\n"')"
|
|
|
|
mosquitto_pub -h 172.16.17.83 -p 1883 -u "$USERNAME" -P "$PASSWORD" -t tests/1 -m success --debug
|
|
mosquitto_pub -L mqtts://172.16.17.83:8883/tests/2 -m success --cert $TEST-user.crt --key $TEST-user.key --keyform pem --cafile $TEST-ca.pem --debug
|
|
mosquitto_pub -L mqtts://mqtt.strudelline.net:1884/tests/3 -u "$USERNAME" -P "$PASSWORD" -m success --debug
|
|
|
|
echo test passed
|