Add Cloud SQL configs for nomulus tool (#288)

We will use a different user for nomulus tool to connect to Cloud SQL. This PR added corresponding configurations for that.
2025-07-09 20:53:26 +02:00 · 2019-09-27 15:58:18 -04:00 · 2019-09-27 15:58:18 -04:00 · 36ab0cb45c
commit 36ab0cb45c
parent 34da498958
15 changed files with 81 additions and 4 deletions
--- a/core/src/test/java/google/registry/keyring/kms/KmsKeyringTest.java
+++ b/core/src/test/java/google/registry/keyring/kms/KmsKeyringTest.java
@ -55,6 +55,15 @@ public class KmsKeyringTest {
    assertThat(cloudSqlPassword).isEqualTo("cloud-sql-password-stringmoo");
  }

+  @Test
+  public void test_getToolsCloudSqlPassword() throws Exception {
+    saveCleartextSecret("tools-cloud-sql-password-string");
+
+    String toolsCloudSqlPassword = keyring.getToolsCloudSqlPassword();
+
+    assertThat(toolsCloudSqlPassword).isEqualTo("tools-cloud-sql-password-stringmoo");
+  }
+
  @Test
  public void test_getRdeSigningKey() throws Exception {
    saveKeyPairSecret("rde-signing-public", "rde-signing-private");
--- a/core/src/test/java/google/registry/keyring/kms/KmsUpdaterTest.java
+++ b/core/src/test/java/google/registry/keyring/kms/KmsUpdaterTest.java
@ -99,6 +99,16 @@ public class KmsUpdaterTest {
        "cloud-sql-password-string", "cloud-sql-password-string/foo", getCiphertext("value1"));
  }

+  @Test
+  public void test_setToolsCloudSqlPassword() {
+    updater.setToolsCloudSqlPassword("value1").update();
+
+    verifySecretAndSecretRevisionWritten(
+        "tools-cloud-sql-password-string",
+        "tools-cloud-sql-password-string/foo",
+        getCiphertext("value1"));
+  }
+
  @Test
  public void test_setIcannReportingPassword() {
    updater.setIcannReportingPassword("value1").update();
--- a/core/src/test/java/google/registry/testing/FakeKeyringModule.java
+++ b/core/src/test/java/google/registry/testing/FakeKeyringModule.java
@ -57,6 +57,7 @@ public final class FakeKeyringModule {
  private static final String MARKSDB_SMDRL_LOGIN_AND_PASSWORD = "smdrl:yolo";
  private static final String JSON_CREDENTIAL = "json123";
  private static final String CLOUD_SQL_PASSWORD = "cloudsqlpw";
+  private static final String TOOLS_CLOUD_SQL_PASSWORD = "toolscloudsqlpw";

  @Provides
  public Keyring get() {
@ -86,6 +87,11 @@ public final class FakeKeyringModule {
        return CLOUD_SQL_PASSWORD;
      }

+      @Override
+      public String getToolsCloudSqlPassword() {
+        return TOOLS_CLOUD_SQL_PASSWORD;
+      }
+
      @Override
      public PGPPublicKey getRdeStagingEncryptionKey() {
        return rdeStagingKey.getPublicKey();