-
-
Notifications
You must be signed in to change notification settings - Fork 512
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(wait): tls strategy #2896
feat(wait): tls strategy #2896
Conversation
✅ Deploy Preview for testcontainers-go ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Extract TLS certificate wait strategy into a dedicated wait type so it can be reused. Use embed to simplify wait test loading of certs.
95f93fa
to
0bf53e2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks! I added some comments, not blockers, but want to discuss them before accepting it.
Also, do you foresee any usage for this strategy in the existing modules? Elasticsearch, Cockroachdb, and more use TLS certs.
|
||
// ForTLSCert returns a CertStrategy that will add a Certificate to the [tls.Config] | ||
// constructed from PEM formatted certificate key file pair in the container. | ||
func ForTLSCert(certPEMFile, keyPEMFile string) *TLSStrategy { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
question: do you think it would be interesting to provide a way for consumers to forget about generating certs and the library build them on the fly? Something like wait.ForTLSTestCert
? The library would generate the file under the hood.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep love that idea, something for a follow up PR.
Great stuff, yes this is extracted from the cockroachdb PR but it could be used with any module where TLS is needed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Last minute review of the docs site, and I found the new page is not discoverable.
Because this is a new page, we need to add it to the mkdocs.yml descriptor:
Please see https://deploy-preview-2896--testcontainers-go.netlify.app/features/wait/introduction/
This is not automated, although there is room for improving that.
Improve docs adding more snippets as suggested by review.
Yep spotted that adding the changes you requested, had a assumed it was automated, something to mention in the contributing guide. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, only the mkdocs is missing, but other than that, it's ready
Added docs link to mkdocs.yml for generation.
Clarify why a cert should not be included in a production image.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
* main: fix: container binds syntax (testcontainers#2899) refactor(cockroachdb): to use request driven options (testcontainers#2883) chore(deps): bump actions/setup-go from 5.0.0 to 5.1.0 (testcontainers#2904) chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.0 (testcontainers#2903) chore(deps): bump test-summary/action from 2.3 to 2.4 (testcontainers#2902) feat(wait): strategy walk (testcontainers#2895) feat(wait): tls strategy (testcontainers#2896)
* main: (234 commits) chore(ci): add Github labels based on PR title (testcontainers#2914) chore(gha): Use official setup-docker-action (testcontainers#2913) chore(ci): enforce conventional commits syntax in PR titles (testcontainers#2911) feat(nats): WithConfigFile - pass a configuration file to nats server (testcontainers#2905) chore: enable implicit default logger only in testing with -v (testcontainers#2877) fix: container binds syntax (testcontainers#2899) refactor(cockroachdb): to use request driven options (testcontainers#2883) chore(deps): bump actions/setup-go from 5.0.0 to 5.1.0 (testcontainers#2904) chore(deps): bump ossf/scorecard-action from 2.3.1 to 2.4.0 (testcontainers#2903) chore(deps): bump test-summary/action from 2.3 to 2.4 (testcontainers#2902) feat(wait): strategy walk (testcontainers#2895) feat(wait): tls strategy (testcontainers#2896) docs: better contribution guidelines (testcontainers#2893) fix(influxdb): Respect custom waitStrategy (testcontainers#2845) fix: only upload to sonar on ubuntu-latest (testcontainers#2891) fix: build artifact name properly (testcontainers#2890) fix: do not run sonar upload when ryuk is disabled (testcontainers#2889) fix: update GH actions for uploading/downloading artifacts (testcontainers#2888) feat(ci): Enable master moby with rootless (testcontainers#2880) fix(redpanda): temporary file use ...
Extract TLS certificate wait strategy into a dedicated wait type so it can be reused.
Use embed to simplify wait test loading of certs.