2020-03-09 20:59:02 +00:00
|
|
|
#!/bin/bash
|
2023-03-28 22:48:58 +00:00
|
|
|
# Copyright (c) HashiCorp, Inc.
|
2023-08-11 13:12:13 +00:00
|
|
|
# SPDX-License-Identifier: BUSL-1.1
|
2023-03-28 22:48:58 +00:00
|
|
|
|
2020-03-09 20:59:02 +00:00
|
|
|
|
|
|
|
# initialize the outputs for each dc
|
|
|
|
for dc in primary secondary; do
|
|
|
|
rm -rf "workdir/${dc}/tls"
|
|
|
|
mkdir -p "workdir/${dc}/tls"
|
|
|
|
done
|
|
|
|
|
|
|
|
container="consul-envoy-integ-tls-init--${CASE_NAME}"
|
|
|
|
|
|
|
|
scriptlet="
|
|
|
|
mkdir /out ;
|
|
|
|
cd /out ;
|
|
|
|
consul tls ca create ;
|
|
|
|
consul tls cert create -dc=primary -server -node=pri ;
|
|
|
|
consul tls cert create -dc=secondary -server -node=sec
|
|
|
|
"
|
|
|
|
|
|
|
|
docker rm -f "$container" &>/dev/null || true
|
2022-08-29 23:13:49 +00:00
|
|
|
docker run -i --net=none --name="$container" consul:local sh -c "${scriptlet}"
|
2020-03-09 20:59:02 +00:00
|
|
|
|
|
|
|
# primary
|
|
|
|
for f in \
|
|
|
|
consul-agent-ca.pem \
|
|
|
|
primary-server-consul-0-key.pem \
|
|
|
|
primary-server-consul-0.pem \
|
|
|
|
; do
|
|
|
|
docker cp "${container}:/out/$f" workdir/primary/tls
|
|
|
|
done
|
|
|
|
|
|
|
|
# secondary
|
|
|
|
for f in \
|
|
|
|
consul-agent-ca.pem \
|
|
|
|
secondary-server-consul-0-key.pem \
|
|
|
|
secondary-server-consul-0.pem \
|
|
|
|
; do
|
|
|
|
docker cp "${container}:/out/$f" workdir/secondary/tls
|
|
|
|
done
|
|
|
|
|
2021-12-24 00:00:02 +00:00
|
|
|
# Private keys have 600 perms but tests are run as another user
|
|
|
|
chmod 666 workdir/primary/tls/primary-server-consul-0-key.pem
|
|
|
|
chmod 666 workdir/secondary/tls/secondary-server-consul-0-key.pem
|
|
|
|
|
2020-03-09 20:59:02 +00:00
|
|
|
docker rm -f "$container" >/dev/null || true
|