-
Notifications
You must be signed in to change notification settings - Fork 191
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Add users types. * update crds * Implement user upsert and initial e2e tests added. * Implement * Add cr example. * Update e2e test * Update cr example. * Update e2e tests. * Fix and log * Log * Fix pass change check. * Fix exec * Fix exec args. * Update e2e * exec * Call exec properly. * Fix queries * Fix user changed check. * Log and cleanup * fix * Cleanup * update e2e test. * Update e2e * Fix import * Update e2e tests. * Update * update test * Update tests * Update tests. * Log * Get users with grants. * Update test secrets * Log * Update * Update user.grants. * log * Fix user.grants. * Fix * update * Generate password secret * Fix panic * Log * Fix * Fix * Update e2e * Update e2e tests. * Cleanup * Add to e2e tests. * Update e2e test. * Update e2e test. * Fix e2e test. * Update upsertQuery logic. * Refactor * Fix userSecretName * Refactor * bump k8s version to 1.28 * Update pkg/controller/pxc/users_custom.go Co-authored-by: Andrii Dema <[email protected]> * Refactor * Fix e2e test. * Add additional check. * Fix user generated pass for new users. * Update getting and checking users are chenged. * Update userChanged check algorithm. * Unit test fix. * Update e2e tests. * Fix e2e test. * Update e2e test. * Minor refactor. * Return secret for generated user pass. * Fix SQL injection potential issue. * Fix db.Exec * Fix exec. * Refactor * refactor --------- Co-authored-by: Andrii Dema <[email protected]> Co-authored-by: Viacheslav Sarzhan <[email protected]>
- Loading branch information
3 people
authored
Nov 25, 2024
1 parent
b2aa815
commit 5fa7bf2
Showing
32 changed files
with
1,380 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| 100500 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| user-five % |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| GRANT USAGE ON *.* TO `user-five`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db1`.* TO `user-five`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db2`.* TO `user-five`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db3`.* TO `user-five`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| user-four % |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| GRANT USAGE ON *.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE ON `db1`.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE ON `db2`.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE ON `db3`.* TO `user-four`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| GRANT USAGE ON *.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db1`.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db2`.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db3`.* TO `user-four`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| GRANT USAGE ON *.* TO `user-four`@`%` | ||
| GRANT SELECT, INSERT, UPDATE, DELETE ON `db1`.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db2`.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE, DELETE ON `db3`.* TO `user-four`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| GRANT USAGE ON *.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE ON `db1`.* TO `user-four`@`%` | ||
| GRANT SELECT, UPDATE ON `db2`.* TO `user-four`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,2 @@ | ||
| user-one % | ||
| user-one 127.0.0.1 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| GRANT USAGE ON *.* TO `user-one`@`127.0.0.1` | ||
| GRANT SELECT, INSERT ON `db1`.* TO `user-one`@`127.0.0.1` | ||
| GRANT SELECT, INSERT ON `db2`.* TO `user-one`@`127.0.0.1` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| GRANT USAGE ON *.* TO `user-one`@`%` | ||
| GRANT SELECT, INSERT ON `db1`.* TO `user-one`@`%` | ||
| GRANT SELECT, INSERT ON `db2`.* TO `user-one`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| user-three % |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| GRANT USAGE ON *.* TO `user-three`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| user-two % |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| GRANT INSERT, UPDATE ON *.* TO `user-two`@`%` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,124 @@ | ||
| apiVersion: pxc.percona.com/v1-6-0 | ||
| kind: PerconaXtraDBCluster | ||
| metadata: | ||
| name: some-name | ||
| finalizers: | ||
| - percona.com/delete-pxc-pods-in-order | ||
| spec: | ||
| secretsName: my-cluster-secrets | ||
| vaultSecretName: some-name-vault | ||
| pause: false | ||
|
|
||
| users: | ||
| - name: user-one | ||
| dbs: | ||
| - db1 | ||
| - db2 | ||
| hosts: | ||
| - '%' | ||
| - '127.0.0.1' | ||
| grants: | ||
| - SELECT | ||
| - INSERT | ||
| passwordSecretRef: | ||
| name: user-secrets | ||
| key: pwd-key-one | ||
| - name: user-two | ||
| hosts: | ||
| - '%' | ||
| grants: | ||
| - INSERT | ||
| - UPDATE | ||
| passwordSecretRef: | ||
| name: user-secrets # will use default user password key | ||
| - name: user-three # will use generated password | ||
|
|
||
| pxc: | ||
| size: 3 | ||
| image: -pxc | ||
| resources: | ||
| requests: | ||
| memory: 0.1G | ||
| cpu: 100m | ||
| limits: | ||
| memory: "1G" | ||
| cpu: "1" | ||
| volumeSpec: | ||
| persistentVolumeClaim: | ||
| resources: | ||
| requests: | ||
| storage: 2Gi | ||
| affinity: | ||
| antiAffinityTopologyKey: "kubernetes.io/hostname" | ||
| podDisruptionBudget: | ||
| maxUnavailable: 1 | ||
| haproxy: | ||
| enabled: true | ||
| size: 3 | ||
| image: -haproxy | ||
| affinity: | ||
| antiAffinityTopologyKey: "kubernetes.io/hostname" | ||
| tolerations: | ||
| - key: "node.alpha.kubernetes.io/unreachable" | ||
| operator: "Exists" | ||
| effect: "NoExecute" | ||
| tolerationSeconds: 6000 | ||
| podDisruptionBudget: | ||
| maxUnavailable: 2 | ||
| proxysql: | ||
| enabled: false | ||
| size: 2 | ||
| image: -proxysql | ||
| resources: | ||
| requests: | ||
| memory: 0.1G | ||
| cpu: 100m | ||
| limits: | ||
| memory: 1G | ||
| cpu: 700m | ||
| volumeSpec: | ||
| persistentVolumeClaim: | ||
| resources: | ||
| requests: | ||
| storage: 2Gi | ||
| affinity: | ||
| antiAffinityTopologyKey: "kubernetes.io/hostname" | ||
| podDisruptionBudget: | ||
| maxUnavailable: 1 | ||
| pmm: | ||
| enabled: false | ||
| image: perconalab/pmm-client:1.17.1 | ||
| serverHost: monitoring-service | ||
| serverUser: pmm | ||
| backup: | ||
| image: -backup | ||
| serviceAccountName: default | ||
| storages: | ||
| pvc: | ||
| type: filesystem | ||
| volume: | ||
| persistentVolumeClaim: | ||
| accessModes: [ "ReadWriteOnce" ] | ||
| resources: | ||
| requests: | ||
| storage: 1Gi | ||
| aws-s3: | ||
| type: s3 | ||
| s3: | ||
| region: us-east-1 | ||
| bucket: operator-testing | ||
| credentialsSecret: aws-s3-secret | ||
| minio: | ||
| type: s3 | ||
| s3: | ||
| credentialsSecret: minio-secret | ||
| region: us-east-1 | ||
| bucket: operator-testing | ||
| endpointUrl: http://minio-service:9000/ | ||
| gcp-cs: | ||
| type: s3 | ||
| s3: | ||
| credentialsSecret: gcp-cs-secret | ||
| region: us-east-1 | ||
| bucket: operator-testing | ||
| endpointUrl: https://storage.googleapis.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| apiVersion: v1 | ||
| kind: Secret | ||
| metadata: | ||
| name: user-secrets | ||
| type: Opaque | ||
| stringData: | ||
| pwd-key-one: testpass | ||
| pwd-key-two: testpass2 | ||
| password: testpass3 | ||
| # --- | ||
| # apiVersion: v1 | ||
| # kind: Secret | ||
| # metadata: | ||
| # name: user-secrets-two | ||
| # type: Opaque | ||
| # stringData: | ||
| # pwd-key: testpass | ||
| # password: testpass |
Oops, something went wrong.