[tls] cleanup CreateDatabaseClientConfig

The functionality is moved to the mariadb-operator in
openstack-k8s-operators/mariadb-operator#190

Jira: OSPRH-4547

modules/common/tls/tls.go

@@ -22,7 +22,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"strings"
 	"time"
 
 	"github.com/openstack-k8s-operators/lib-common/modules/common/env"
@@ -436,35 +435,3 @@ func (c *Ca) CreateVolume() corev1.Volume {
 
 	return volume
 }
-
-// CreateDatabaseClientConfig - connection flags for the MySQL client
-// Configures TLS connections for clients that use TLS certificates
-// returns a string of mysql config statements
-// With the serviceID it is possible to control which certificate
-// to be use if there are multiple mounted to the deployment.
-func (s *Service) CreateDatabaseClientConfig(serviceID string) string {
-	conn := []string{}
-
-	if serviceID != "" || (s.CertMount != nil && s.KeyMount != nil) {
-		certPath := s.getCertMountPath(serviceID)
-		keyPath := s.getKeyMountPath(serviceID)
-
-		conn = append(conn,
-			fmt.Sprintf("ssl-cert=%s", certPath),
-			fmt.Sprintf("ssl-key=%s", keyPath),
-		)
-	}
-
-	// Client uses a CA certificate
-	caPath := DownstreamTLSCABundlePath
-	if s.CaMount != nil {
-		caPath = *s.CaMount
-	}
-	conn = append(conn, fmt.Sprintf("ssl-ca=%s", caPath))
-
-	if len(conn) > 0 {
-		conn = append([]string{"ssl=1"}, conn...)
-	}
-
-	return strings.Join(conn, "\n")
-}

modules/common/tls/tls_test.go

@@ -343,64 +343,3 @@ func TestCaCreateVolume(t *testing.T) {
 		})
 	}
 }
-
-func TestCreateDatabaseClientConfig(t *testing.T) {
-	tests := []struct {
-		name         string
-		service      Service
-		serviceID    string
-		wantStmts    []string
-		excludeStmts []string
-	}{
-		{
-			name:         "Only CA Secret",
-			service:      Service{},
-			serviceID:    "",
-			wantStmts:    []string{"ssl=1", "ssl-ca=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"},
-			excludeStmts: []string{"ssl-cert=", "ssl-key="},
-		},
-		{
-			name:         "TLS Secret specified",
-			service:      Service{SecretName: "test-tls-secret"},
-			serviceID:    "foo",
-			wantStmts:    []string{"ssl=1", "ssl-cert=/var/lib/config-data/tls/certs/foo.crt", "ssl-key=/var/lib/config-data/tls/private/foo.key", "ssl-ca=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"},
-			excludeStmts: []string{},
-		},
-		{
-			name:         "TLS and CA custom mount",
-			service:      Service{SecretName: "test-tls-secret", CaMount: ptr.To("/some/path/ca.crt")},
-			serviceID:    "foo",
-			wantStmts:    []string{"ssl=1", "ssl-cert=/var/lib/config-data/tls/certs/foo.crt", "ssl-key=/var/lib/config-data/tls/private/foo.key", "ssl-ca=/some/path/ca.crt"},
-			excludeStmts: []string{},
-		},
-		{
-			name:         "TLS custom mount",
-			service:      Service{SecretName: "test-tls-secret", CertMount: ptr.To("/some/path/cert.crt"), KeyMount: ptr.To("/some/path/cert.key")},
-			serviceID:    "",
-			wantStmts:    []string{"ssl=1", "ssl-cert=/some/path/cert.crt", "ssl-key=/some/path/cert.key", "ssl-ca=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"},
-			excludeStmts: []string{},
-		},
-		{
-			name:         "TLS custom mount AND CA custom mount",
-			service:      Service{SecretName: "test-tls-secret", CertMount: ptr.To("/some/path/cert.crt"), KeyMount: ptr.To("/some/path/cert.key"), CaMount: ptr.To("/some/path/ca.crt")},
-			serviceID:    "",
-			wantStmts:    []string{"ssl=1", "ssl-cert=/some/path/cert.crt", "ssl-key=/some/path/cert.key", "ssl-ca=/some/path/ca.crt"},
-			excludeStmts: []string{},
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			g := NewWithT(t)
-
-			configStr := tt.service.CreateDatabaseClientConfig(tt.serviceID)
-
-			for _, stmt := range tt.wantStmts {
-				g.Expect(configStr).To(ContainSubstring(stmt))
-			}
-			for _, stmt := range tt.excludeStmts {
-				g.Expect(configStr).ToNot(ContainSubstring(stmt))
-			}
-		})
-	}
-}