| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132 |
- # Copyright Materialize, Inc. and contributors. All rights reserved.
- #
- # Use of this software is governed by the Business Source License
- # included in the LICENSE file at the root of this repository.
- #
- # As of the Change Date specified in that file, in accordance with
- # the Business Source License, use of this software will be governed
- # by the Apache License, Version 2.0.
- # Setup SQL Server state.
- $ postgres-execute connection=postgres://mz_system:materialize@${testdrive.materialize-internal-sql-addr}
- ALTER SYSTEM SET enable_sql_server_source = true;
- > CREATE SECRET ssl_ca AS '${arg.ssl-ca}'
- > CREATE SECRET alt_ssl_ca AS '${arg.alt-ssl-ca}'
- > CREATE SECRET IF NOT EXISTS sql_server_pass AS '${arg.default-sql-server-password}'
- # Create a table that has CDC enabled.
- $ sql-server-connect name=sql-server
- server=tcp:sql-server,1433;IntegratedSecurity=true;TrustServerCertificate=true;User ID=${arg.default-sql-server-user};Password=${arg.default-sql-server-password}
- $ sql-server-execute name=sql-server
- DROP DATABASE IF EXISTS test_ssl;
- CREATE DATABASE test_ssl;
- USE test_ssl;
- EXEC sys.sp_cdc_enable_db;
- ALTER DATABASE test_ssl SET ALLOW_SNAPSHOT_ISOLATION ON;
- CREATE TABLE t1_pk (key_col VARCHAR(20) PRIMARY KEY, val_col VARCHAR(1024));
- EXEC sys.sp_cdc_enable_table @source_schema = 'dbo', @source_name = 't1_pk', @role_name = 'SA', @supports_net_changes = 0;
- INSERT INTO t1_pk VALUES ('a', 'hello world'), ('b', 'foobar'), ('c', 'anotha one');
- CREATE TABLE t2_no_cdc (key_col VARCHAR(20) PRIMARY KEY, val_col VARCHAR(1024));
- CREATE TABLE t3_text (value VARCHAR(100));
- EXEC sys.sp_cdc_enable_table @source_schema = 'dbo', @source_name = 't3_text', @role_name = 'SA', @supports_net_changes = 0;
- # Exercise Materialize.
- # Test SSL MODE disabled.
- > CREATE CONNECTION no_ssl_connection TO SQL SERVER (
- HOST 'sql-server',
- PORT 1433,
- DATABASE test_ssl,
- USER '${arg.default-sql-server-user}',
- PASSWORD = SECRET sql_server_pass,
- SSL MODE disabled
- );
- > VALIDATE CONNECTION no_ssl_connection;
- > SELECT name, type from mz_connections WHERE name = 'no_ssl_connection';
- name type
- ---------------------------------------
- no_ssl_connection sql-server
- > DROP CONNECTION no_ssl_connection;
- # Test SSL MODE required.
- > CREATE CONNECTION required_ssl_connection TO SQL SERVER (
- HOST 'sql-server',
- PORT 1433,
- DATABASE test_ssl,
- USER '${arg.default-sql-server-user}',
- PASSWORD = SECRET sql_server_pass,
- SSL MODE required
- );
- > VALIDATE CONNECTION required_ssl_connection;
- > SELECT name, type from mz_connections WHERE name = 'required_ssl_connection';
- name type
- ---------------------------------------
- required_ssl_connection sql-server
- > DROP CONNECTION required_ssl_connection;
- # Test SSL MODE verify_ca.''
- # verify_ca requires a CA
- ! CREATE CONNECTION missing_ca TO SQL SERVER (
- HOST 'sql-server',
- PORT 1433,
- DATABASE test_ssl,
- USER '${arg.default-sql-server-user}',
- PASSWORD SECRET sql_server_pass,
- SSL MODE verify_ca
- );
- contains:invalid CONNECTION: SSL MODE 'verify_ca' requires SSL CERTIFICATE AUTHORITY
- # verify_ca fails with incorrect CA
- ! CREATE CONNECTION invalid_ca TO SQL SERVER (
- HOST 'sql-server',
- PORT 1433,
- DATABASE test_ssl,
- USER '${arg.default-sql-server-user}',
- PASSWORD SECRET sql_server_pass,
- SSL MODE verify_ca,
- SSL CERTIFICATE AUTHORITY SECRET alt_ssl_ca
- );
- contains:certificate verify failed
- > SELECT count(*) from mz_connections WHERE name = 'invalid_ca';
- 0
- # verify_ca works with correct CA
- > CREATE CONNECTION verify_ca_ssl_connection TO SQL SERVER (
- HOST 'sql-server',
- PORT 1433,
- DATABASE test_ssl,
- USER '${arg.default-sql-server-user}',
- PASSWORD SECRET sql_server_pass,
- SSL MODE verify_ca,
- SSL CERTIFICATE AUTHORITY SECRET ssl_ca
- );
- > VALIDATE CONNECTION verify_ca_ssl_connection;
- > SELECT name, type from mz_connections WHERE name = 'verify_ca_ssl_connection';
- name type
- ---------------------------------------
- verify_ca_ssl_connection sql-server
- > DROP CONNECTION verify_ca_ssl_connection;
|
