From 4bf572f736ebc0a1bafff84239b945fe6bc9d5cd Mon Sep 17 00:00:00 2001
From: Sam Serrano <sserrano@pivotal.io>
Date: Wed, 27 Sep 2017 14:37:45 -0700
Subject: [PATCH] Adding tuning tests for new SSL properties in my.cnf
 [#151419854]

Signed-off-by: Nitya Dhanushkodi <ndhanushkodi@pivotal.io>
---
 assets/tuning/everything_disabled.json |  4 +++-
 assets/tuning/everything_enabled.json  |  4 +++-
 assets/tuning/everything_enabled.yml   | 27 ++++++++++++++++++++++++++
 3 files changed, 33 insertions(+), 2 deletions(-)

diff --git a/assets/tuning/everything_disabled.json b/assets/tuning/everything_disabled.json
index b7161f5..8e4d1ef 100644
--- a/assets/tuning/everything_disabled.json
+++ b/assets/tuning/everything_disabled.json
@@ -7,5 +7,7 @@
   "server_audit_excl_users": "",
   "log_bin": "OFF",
   "expire_logs_days": "0",
-  "wsrep_on": "OFF"
+  "wsrep_on": "OFF",
+  "ssl_cert": "",
+  "ssl_key": ""
 }
diff --git a/assets/tuning/everything_enabled.json b/assets/tuning/everything_enabled.json
index a797dde..a018f69 100644
--- a/assets/tuning/everything_enabled.json
+++ b/assets/tuning/everything_enabled.json
@@ -29,5 +29,7 @@
   "wsrep_log_conflicts": "OFF",
   "log_queries_not_using_indexes": "ON",
   "event_scheduler": "ON",
-  "local_infile": "ON"
+  "local_infile": "ON",
+  "ssl_cert": "/etc/mysql/server-cert.pem",
+  "ssl_key": "/etc/mysql/server-key.pem"
 }
diff --git a/assets/tuning/everything_enabled.yml b/assets/tuning/everything_enabled.yml
index b55203f..7fb7c30 100644
--- a/assets/tuning/everything_enabled.yml
+++ b/assets/tuning/everything_enabled.yml
@@ -122,3 +122,30 @@
 - type: replace
   path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/enable_galera?
   value: true
+
+- type: replace
+  path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/tls?/server_certificate
+  value: ((cf_mysql_mysql_tls_server_certificate.certificate))
+
+- type: replace
+  path: /instance_groups/name=mysql/jobs/name=mysql/properties/cf_mysql/mysql/tls?/server_key
+  value: ((cf_mysql_mysql_tls_server_certificate.private_key))
+
+- type: replace
+  path: /variables/-
+  value:
+    name: cf_mysql_mysql_tls_ca_certificate
+    type: certificate
+    options:
+      is_ca: true
+      common_name: cf-mysql-ca
+
+- type: replace
+  path: /variables/-
+  value:
+    name: cf_mysql_mysql_tls_server_certificate
+    type: certificate
+    options:
+      common_name: cf-mysql-certificate
+      ca: cf_mysql_mysql_tls_ca_certificate
+