Examples with ServiceAccount - com.google.storage.v2.ServiceAccount

Example 6 with ServiceAccount

use of com.google.storage.v2.ServiceAccount in project yakc by manusa.

the class AuthIT method retrieveSecretForServiceAccount.

private Secret retrieveSecretForServiceAccount() throws IOException {
    final ServiceAccount sa = KC.create(CoreV1Api.class).listNamespacedServiceAccount(NAMESPACE).stream().findFirst().orElseThrow(() -> new AssertionError("No Service Account found"));
    final String secretName = sa.getSecrets() == null ? null : sa.getSecrets().stream().findFirst().map(ObjectReference::getName).orElse(null);
    if (secretName != null) {
        return KC.create(CoreV1Api.class).listNamespacedSecret(NAMESPACE).stream().filter(s -> s.getType().equals("kubernetes.io/service-account-token")).filter(s -> s.getMetadata().getName().equals(secretName)).findAny().orElseThrow(() -> new AssertionError(String.format("Secret %s doesn't exist", secretName)));
    } else {
        // https://kubernetes.io/docs/concepts/configuration/secret/#service-account-token-secrets
        final Secret serviceAccountTokenSecret = Secret.builder().metadata(ObjectMeta.builder().name(sa.getMetadata().getName() + "-token").putInAnnotations("kubernetes.io/service-account.name", sa.getMetadata().getName()).build()).type("kubernetes.io/service-account-token").putInStringData("token", "my-secret-token").build();
        return KC.create(CoreV1Api.class).createNamespacedSecret(NAMESPACE, serviceAccountTokenSecret).get();
    }
}

Also used : Node(com.marcnuri.yakc.model.io.k8s.api.core.v1.Node) KC(com.marcnuri.yakc.KubernetesClientExtension.KC) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) ServiceAccount(com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount) IOException(java.io.IOException) Secret(com.marcnuri.yakc.model.io.k8s.api.core.v1.Secret) Test(org.junit.jupiter.api.Test) CoreV1Api(com.marcnuri.yakc.api.core.v1.CoreV1Api) ObjectMeta(com.marcnuri.yakc.model.io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta) Configuration(com.marcnuri.yakc.config.Configuration) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) BeforeAll(org.junit.jupiter.api.BeforeAll) ObjectReference(com.marcnuri.yakc.model.io.k8s.api.core.v1.ObjectReference) Secret(com.marcnuri.yakc.model.io.k8s.api.core.v1.Secret) ServiceAccount(com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount) ObjectReference(com.marcnuri.yakc.model.io.k8s.api.core.v1.ObjectReference)

Example 7 with ServiceAccount

use of com.google.storage.v2.ServiceAccount in project yakc by manusa.

the class ServiceAccountIT method deleteNamespacedServiceAccount.

@Test
@DisplayName("deleteNamespacedServiceAccount, should delete existing ServiceAccount")
void deleteNamespacedServiceAccount() throws IOException {
    // When
    final ServiceAccount result = KC.create(CoreV1Api.class).deleteNamespacedServiceAccount(serviceAccountName, NAMESPACE, DeleteOptions.builder().propagationPolicy("Background").build()).get();
    // Then
    assertThat(result).isNotNull().extracting(ServiceAccount::getMetadata).hasFieldOrPropertyWithValue("name", serviceAccountName);
}

Also used : ServiceAccount(com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Example 8 with ServiceAccount

use of com.google.storage.v2.ServiceAccount in project yakc by manusa.

the class ServiceAccountIT method readNamespacedServiceAccount.

@Test
@DisplayName("readNamespacedServiceAccount, should read newly created ServiceAccount")
void readNamespacedServiceAccount() throws IOException {
    // When
    final ServiceAccount serviceAccountFromServer = KC.create(CoreV1Api.class).readNamespacedServiceAccount(serviceAccountName, NAMESPACE).get();
    // Then
    assertThat(serviceAccountFromServer).isNotNull().hasFieldOrPropertyWithValue("metadata.name", serviceAccountName).extracting(ServiceAccount::getSecrets).asList().hasSizeGreaterThanOrEqualTo(1).element(0).hasFieldOrPropertyWithValue("name", "doesnt-exist");
}

Also used : ServiceAccount(com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount) Test(org.junit.jupiter.api.Test) DisplayName(org.junit.jupiter.api.DisplayName)

Aggregations

ServiceAccount (com.google.storage.v2.ServiceAccount)4 StorageClient (com.google.storage.v2.StorageClient)4 ServiceAccount (com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount)3 Test (org.junit.jupiter.api.Test)3 GetServiceAccountRequest (com.google.storage.v2.GetServiceAccountRequest)2 DisplayName (org.junit.jupiter.api.DisplayName)2 ProjectName (com.google.storage.v2.ProjectName)1 KC (com.marcnuri.yakc.KubernetesClientExtension.KC)1 CoreV1Api (com.marcnuri.yakc.api.core.v1.CoreV1Api)1 Configuration (com.marcnuri.yakc.config.Configuration)1 Node (com.marcnuri.yakc.model.io.k8s.api.core.v1.Node)1 ObjectReference (com.marcnuri.yakc.model.io.k8s.api.core.v1.ObjectReference)1 Secret (com.marcnuri.yakc.model.io.k8s.api.core.v1.Secret)1 ObjectMeta (com.marcnuri.yakc.model.io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)1 Quantity (io.fabric8.kubernetes.api.model.Quantity)1 IOException (java.io.IOException)1 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1 ServiceAccount (org.bf2.operator.resources.v1alpha1.ServiceAccount)1 BeforeAll (org.junit.jupiter.api.BeforeAll)1 ExtendWith (org.junit.jupiter.api.extension.ExtendWith)1