Skip to content

Commit

Permalink
fix: various fixes and remove certs
Browse files Browse the repository at this point in the history
Various fixes and remove the ability to configure certs using the
default generated ones instead.
  • Loading branch information
stevenh committed Nov 8, 2024
1 parent c1ad565 commit fbfb05c
Show file tree
Hide file tree
Showing 10 changed files with 201 additions and 403 deletions.
4 changes: 2 additions & 2 deletions docs/features/tls.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,6 @@ The example will also create a client that will connect to the server using the
demonstrating how to use the generated certificate to communicate with a service.

<!--codeinclude-->
[Create a self-signed certificate](../../modules/cockroachdb/certs.go) inside_block:exampleSelfSignedCert
[Sign a self-signed certificate](../../modules/cockroachdb/certs.go) inside_block:exampleSignSelfSignedCert
[Create a self-signed certificate](../../modules/rabbitmq/examples_test.go) inside_block:exampleSelfSignedCert
[Sign a self-signed certificate](../../modules/rabbitmq/examples_test.go) inside_block:exampleSignSelfSignedCert
<!--/codeinclude-->
33 changes: 25 additions & 8 deletions docs/modules/cockroachdb.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ The Testcontainers module for CockroachDB.

Please run the following command to add the CockroachDB module to your Go dependencies:

```
```shell
go get github.com/testcontainers/testcontainers-go/modules/cockroachdb
```

Expand Down Expand Up @@ -54,23 +54,33 @@ E.g. `Run(context.Background(), "cockroachdb/cockroach:latest-v23.1")`.

Set the database that is created & dialled with `cockroachdb.WithDatabase`.

#### Password authentication
#### User and Password

You can configured the container to create a user with a password by setting `cockroachdb.WithUser` and `cockroachdb.WithPassword`.

Disable insecure mode and connect with password authentication by setting `cockroachdb.WithUser` and `cockroachdb.WithPassword`.
`cockroachdb.WithPassword` is incompatible with `cockroachdb.WithInsecure`.

#### Store size

Control the maximum amount of memory used for storage, by default this is 100% but can be changed by provided a valid option to `WithStoreSize`. Checkout https://www.cockroachlabs.com/docs/stable/cockroach-start#store for the full range of options available.

#### TLS authentication

`cockroachdb.WithTLS` lets you provide the CA certificate along with the certicate and key for the node & clients to connect with.
Internally CockroachDB requires a client certificate for the user to connect with.
`cockroachdb.WithInsecure` lets you disable the use of TLS on connections.

`cockroachdb.WithInsecure` is incompatible with `cockroachdb.WithPassword`.

#### Initialization Scripts

`cockroachdb.WithInitScripts` adds the given scripts to those automatically run when the container starts.
These will be ignored if data exists in the `/cockroach/cockroach-data` directory within the container.

A helper `cockroachdb.NewTLSConfig` exists to generate all of this for you.
`cockroachdb.WithNoClusterDefaults` disables the default cluster settings script.

!!!warning
When TLS is enabled there's a very small, unlikely chance that the underlying driver can panic when registering the driver as part of waiting for CockroachDB to be ready to accept connections. If this is repeatedly happening please open an issue.
Without this option Cockroach containers run `data/cluster-defaults.sql` on startup
which configures the settings recommended by Cockroach Labs for
[local testing clusters](https://www.cockroachlabs.com/docs/stable/local-testing)
unless data exists in the `/cockroach/cockroach-data` directory within the container.

### Container Methods

Expand All @@ -87,3 +97,10 @@ Same as `ConnectionString` but any error to generate the address will raise a pa
#### TLSConfig

Returns `*tls.Config` setup to allow you to dial your client over TLS, if enabled, else this will error with `cockroachdb.ErrTLSNotEnabled`.

!!!info
The `TLSConfig()` function is deprecated and will be removed in the next major release of _Testcontainers for Go_.

#### ConnectionConfig

Returns `*pgx.ConnConfig` which can be passed to `pgx.ConnectConfig` to open a new connection.
129 changes: 0 additions & 129 deletions modules/cockroachdb/certs.go

This file was deleted.

Loading

0 comments on commit fbfb05c

Please sign in to comment.