Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update condition to enable Web MQTT/STOMP TLS ports #1735

Merged
merged 1 commit into from
Sep 26, 2024
Merged

Update condition to enable Web MQTT/STOMP TLS ports #1735

merged 1 commit into from
Sep 26, 2024
+11 −13

Conversation

Zerpet
Copy link
Collaborator

@Zerpet Zerpet commented Sep 26, 2024
edited
Loading

This closes #1677

Note to reviewers: remember to look at the commits in this PR and consider if they can be squashed

Summary Of Changes

There was a condition that CA bundle secret name must be provided. This
was encapsulated in the function MutualTLSEnabled(). After this
commit, the only condition to enable Web MQTT/STOMP TLS ports is to have a
secret name in the tls attribute of the spec.

Local Testing

Please ensure you run the unit, integration and system tests before approving the PR.

To run the unit and integration tests:

$ make unit-tests integration-tests

You will need to target a k8s cluster and have the operator deployed for running the system tests.

For example, for a Kubernetes context named dev-bunny:

$ kubectx dev-bunny
$ make destroy deploy-dev
# wait for operator to be deployed
$ make system-tests

@Zerpet
Fix: Enable TLS MQTT/STOMP WS ports
376cecf 
There was a condition that CA bundle secret name must be provided. This
was encapsulated in the function `MutualTLSEnabled()`. After this
commit, the only condition to enable MQTT/STOMP TLS ports is to have a
secret name in the tls attribute of the spec.
@Zerpet Zerpet self-assigned this Sep 26, 2024
@Zerpet Zerpet added this to the v2.11.0 milestone Sep 26, 2024
@Zerpet Zerpet changed the title Update condition to enable MQTT/STOMP TLS ports Update condition to enable Web MQTT/STOMP TLS ports Sep 26, 2024
@Zerpet Zerpet merged commit 9ac497a into main Sep 26, 2024
17 checks passed
@Zerpet Zerpet deleted the fix/cluster-operator-1677 branch September 26, 2024 17:11
Zerpet added a commit that referenced this pull request Oct 11, 2024
@Zerpet
Remove ineffective test
ba02159 
This test became ineffective after #1735. We want to enable Web
MQTT/STOMP TLS regardless of whether a CA bundle certificate is
provided. This test was asserting that we enable web stomp/mqqt tls when
the CA bundle is set; however, by not setting the CA bundle, the test
passes anyway. This is not correct, making the test ineffective.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mkuratczyk mkuratczyk mkuratczyk approved these changes

@MirahImage MirahImage MirahImage approved these changes

Assignees

@Zerpet Zerpet

Labels
None yet
Projects
None yet
Milestone
v2.11.0
Development

Successfully merging this pull request may close these issues.

rabbitmq_web_mqtt/rabbitmq_web_stomp plugins do not enable ssl ports
3 participants
@Zerpet @mkuratczyk @MirahImage