sarex/iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix

Browse Source
This commit is contained in:
Kochetkov S 2026-04-15 15:13:52 +03:00
parent 02f1bdce6e
commit f51befff17
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
clusters/yc-k8s-test/infrastructure/patches/kafka.yaml
View File

@ -10,6 +10,7 @@ spec:
defaultInitContainers: defaultInitContainers:
prepareConfig: prepareConfig:
extraInit: | extraInit: |
set -euxo pipefail
perl -0pi -e 's/password="\s*([^"\n]+)"/password="$1"/g' /config/server.properties perl -0pi -e 's/password="\s*([^"\n]+)"/password="$1"/g' /config/server.properties
perl -0pi -e 's/user_controller_user="\s*([^"\n]+)"/user_controller_user="$1"/g' /config/server.properties perl -0pi -e 's/user_controller_user="\s*([^"\n]+)"/user_controller_user="$1"/g' /config/server.properties
perl -0pi -e 's/user_inter_broker_user="\s*([^"\n]+)"/user_inter_broker_user="$1"/g' /config/server.properties perl -0pi -e 's/user_inter_broker_user="\s*([^"\n]+)"/user_inter_broker_user="$1"/g' /config/server.properties
@ -21,6 +22,14 @@ spec:
openssl pkcs8 -topk8 -nocrypt -in /mounted-certs/tls.key -out /tmp/tls.key.pk8 openssl pkcs8 -topk8 -nocrypt -in /mounted-certs/tls.key -out /tmp/tls.key.pk8
# Валидация: key должен читаться
openssl pkey -in /tmp/tls.key.pk8 -text -noout >/dev/null
# Валидация: cert и key должны совпадать
openssl pkey -in /tmp/tls.key.pk8 -pubout -out /tmp/key.pub
openssl x509 -in /mounted-certs/tls.crt -pubkey -noout > /tmp/cert.pub
diff -u /tmp/key.pub /tmp/cert.pub >/dev/null
{ {
printf '\nssl.keystore.key=' printf '\nssl.keystore.key='
awk '{ sub(/\r$/, ""); printf "%s\\\\n", $0 }' /tmp/tls.key.pk8 awk '{ sub(/\r$/, ""); printf "%s\\\\n", $0 }' /tmp/tls.key.pk8