Examples with CreatedDiskEncryptionSet com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet used on opensource projects

Search in sources :

Example 11 with CreatedDiskEncryptionSet

use of com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet in project cloudbreak by hortonworks.

the class AzureEncryptionResourcesTest method testCreateDiskEncryptionSetShouldReturnNewlyCreatedDiskEncryptionSetIfNotAlreadyExists.

@Test
public void testCreateDiskEncryptionSetShouldReturnNewlyCreatedDiskEncryptionSetIfNotAlreadyExists() {
    DiskEncryptionSetCreationRequest requestedSet = new DiskEncryptionSetCreationRequest.Builder().withId("uniqueId").withCloudContext(cloudContext).withCloudCredential(cloudCredential).withDiskEncryptionSetResourceGroupName("dummyResourceGroup").withEncryptionKeyResourceGroupName("dummyResourceGroup").withTags(new HashMap<>()).withEncryptionKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").build();
    EncryptionSetIdentity identity = new EncryptionSetIdentity().withType(DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED);
    ReflectionTestUtils.setField(identity, "principalId", DES_PRINCIPAL_ID);
    DiskEncryptionSetInner des = (DiskEncryptionSetInner) new DiskEncryptionSetInner().withEncryptionType(DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY).withActiveKey(new KeyForDiskEncryptionSet().withKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").withSourceVault(new SourceVault().withId("/subscriptions/dummySubs/resourceGroups/dummyResourceGroup/providers/Microsoft.KeyVault/vaults/dummyVaultName"))).withIdentity(identity).withLocation("dummyRegion").withTags(new HashMap<>());
    ReflectionTestUtils.setField(des, "id", DES_RESOURCE_ID);
    Subscription subscription = mock(Subscription.class);
    when(persistenceNotifier.notifyAllocation(any(CloudResource.class), eq(cloudContext))).thenReturn(new ResourcePersisted());
    when(subscription.subscriptionId()).thenReturn("dummySubscriptionId");
    when(azureUtils.generateDesNameByNameAndId(any(String.class), any(String.class))).thenReturn("dummyEnvName-DES-uniqueId");
    when(azureClientService.createAuthenticatedContext(cloudContext, cloudCredential)).thenReturn(authenticatedContext);
    when(authenticatedContext.getParameter(AzureClient.class)).thenReturn(azureClient);
    when(azureClient.getCurrentSubscription()).thenReturn(subscription);
    when(azureClient.getDiskEncryptionSetByName(any(String.class), any(String.class))).thenReturn(null);
    when(azureClient.createDiskEncryptionSet(any(String.class), any(String.class), any(String.class), any(String.class), any(String.class), any(Map.class))).thenReturn(des);
    when(azureClient.keyVaultExists("dummyResourceGroup", "dummyVaultName")).thenReturn(Boolean.TRUE);
    when(azureClient.checkKeyVaultAccessPolicyForServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID)).thenReturn(true);
    initRetry();
    // Return the same DES instance to simulate that the poller checker task instantly completed
    when(diskEncryptionSetCreationPoller.startPolling(eq(authenticatedContext), any(DiskEncryptionSetCreationCheckerContext.class), eq(des))).thenReturn(des);
    CreatedDiskEncryptionSet createdDes = underTest.createDiskEncryptionSet(requestedSet);
    assertEquals(createdDes.getDiskEncryptionSetLocation(), "dummyRegion");
    assertEquals(createdDes.getDiskEncryptionSetResourceGroupName(), "dummyResourceGroup");
    verify(azureClient).grantKeyVaultAccessPolicyToServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verify(azureClient).checkKeyVaultAccessPolicyForServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verifyPersistedCloudResource();
}
Also used : SourceVault(com.microsoft.azure.management.compute.SourceVault) KeyForDiskEncryptionSet(com.microsoft.azure.management.compute.KeyForDiskEncryptionSet) HashMap(java.util.HashMap) ResourcePersisted(com.sequenceiq.cloudbreak.cloud.notification.model.ResourcePersisted) CreatedDiskEncryptionSet(com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet) DiskEncryptionSetCreationCheckerContext(com.sequenceiq.cloudbreak.cloud.azure.task.diskencryptionset.DiskEncryptionSetCreationCheckerContext) EncryptionSetIdentity(com.microsoft.azure.management.compute.EncryptionSetIdentity) DiskEncryptionSetInner(com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner) CloudResource(com.sequenceiq.cloudbreak.cloud.model.CloudResource) Subscription(com.microsoft.azure.management.resources.Subscription) Map(java.util.Map) HashMap(java.util.HashMap) DiskEncryptionSetCreationRequest(com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 12 with CreatedDiskEncryptionSet

use of com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet in project cloudbreak by hortonworks.

the class AzureEncryptionResourcesTest method testCreateDiskEncryptionSetShouldReturnExistingDiskEncryptionSetWithoutPolling.

@Test
public void testCreateDiskEncryptionSetShouldReturnExistingDiskEncryptionSetWithoutPolling() {
    DiskEncryptionSetCreationRequest requestedSet = new DiskEncryptionSetCreationRequest.Builder().withId("uniqueId").withCloudContext(cloudContext).withCloudCredential(cloudCredential).withDiskEncryptionSetResourceGroupName("dummyResourceGroup").withEncryptionKeyResourceGroupName("dummyResourceGroup").withTags(new HashMap<>()).withEncryptionKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").build();
    EncryptionSetIdentity identity = new EncryptionSetIdentity().withType(DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED);
    ReflectionTestUtils.setField(identity, "principalId", DES_PRINCIPAL_ID);
    DiskEncryptionSetInner des = (DiskEncryptionSetInner) new DiskEncryptionSetInner().withEncryptionType(DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY).withActiveKey(new KeyForDiskEncryptionSet().withKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").withSourceVault(new SourceVault().withId("/subscriptions/dummySubs/resourceGroups/dummyResourceGroup/providers/Microsoft.KeyVault/vaults/dummyVaultName"))).withIdentity(identity).withLocation("dummyRegion").withTags(new HashMap<>());
    ReflectionTestUtils.setField(des, "id", DES_RESOURCE_ID);
    Subscription subscription = mock(Subscription.class);
    when(persistenceNotifier.notifyAllocation(any(CloudResource.class), eq(cloudContext))).thenReturn(new ResourcePersisted());
    when(subscription.subscriptionId()).thenReturn("dummySubscriptionId");
    when(azureUtils.generateDesNameByNameAndId(any(String.class), any(String.class))).thenReturn("dummyEnvName-DES-uniqueId");
    when(azureClientService.createAuthenticatedContext(cloudContext, cloudCredential)).thenReturn(authenticatedContext);
    when(authenticatedContext.getParameter(AzureClient.class)).thenReturn(azureClient);
    when(azureClient.getCurrentSubscription()).thenReturn(subscription);
    when(azureClient.getDiskEncryptionSetByName(any(String.class), any(String.class))).thenReturn(des);
    when(azureClient.keyVaultExists("dummyResourceGroup", "dummyVaultName")).thenReturn(Boolean.TRUE);
    when(azureClient.checkKeyVaultAccessPolicyForServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID)).thenReturn(true);
    initRetry();
    // Return the same DES instance to simulate that the poller checker task instantly completed
    when(diskEncryptionSetCreationPoller.startPolling(eq(authenticatedContext), any(DiskEncryptionSetCreationCheckerContext.class), eq(des))).thenReturn(des);
    CreatedDiskEncryptionSet createdDes = underTest.createDiskEncryptionSet(requestedSet);
    assertEquals(createdDes.getDiskEncryptionSetLocation(), "dummyRegion");
    assertEquals(createdDes.getDiskEncryptionSetResourceGroupName(), "dummyResourceGroup");
    assertThat(createdDes.getDiskEncryptionSetId()).isEqualTo(DES_RESOURCE_ID);
    verify(azureClient, never()).createDiskEncryptionSet(any(String.class), any(String.class), any(String.class), any(String.class), any(String.class), any(Map.class));
    verify(azureClient).grantKeyVaultAccessPolicyToServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verify(azureClient).checkKeyVaultAccessPolicyForServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verifyPersistedCloudResource();
}
Also used : SourceVault(com.microsoft.azure.management.compute.SourceVault) KeyForDiskEncryptionSet(com.microsoft.azure.management.compute.KeyForDiskEncryptionSet) HashMap(java.util.HashMap) ResourcePersisted(com.sequenceiq.cloudbreak.cloud.notification.model.ResourcePersisted) CreatedDiskEncryptionSet(com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet) DiskEncryptionSetCreationCheckerContext(com.sequenceiq.cloudbreak.cloud.azure.task.diskencryptionset.DiskEncryptionSetCreationCheckerContext) EncryptionSetIdentity(com.microsoft.azure.management.compute.EncryptionSetIdentity) DiskEncryptionSetInner(com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner) CloudResource(com.sequenceiq.cloudbreak.cloud.model.CloudResource) Subscription(com.microsoft.azure.management.resources.Subscription) Map(java.util.Map) HashMap(java.util.HashMap) DiskEncryptionSetCreationRequest(com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 13 with CreatedDiskEncryptionSet

use of com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet in project cloudbreak by hortonworks.

the class AzureEncryptionResources method getOrCreateDiskEncryptionSetOnCloud.

private CreatedDiskEncryptionSet getOrCreateDiskEncryptionSetOnCloud(AuthenticatedContext authenticatedContext, AzureClient azureClient, String desResourceGroupName, String sourceVaultId, DiskEncryptionSetCreationRequest diskEncryptionSetCreationRequest, boolean singleResourceGroup) {
    CloudContext cloudContext = diskEncryptionSetCreationRequest.getCloudContext();
    String region = cloudContext.getLocation().getRegion().getRegionName();
    Map<String, String> tags = diskEncryptionSetCreationRequest.getTags();
    String diskEncryptionSetName = azureUtils.generateDesNameByNameAndId(String.format("%s-DES-", cloudContext.getName()), diskEncryptionSetCreationRequest.getId());
    LOGGER.info("Checking if Disk Encryption Set \"{}\" exists", diskEncryptionSetName);
    DiskEncryptionSetInner createdSet = azureClient.getDiskEncryptionSetByName(desResourceGroupName, diskEncryptionSetName);
    if (createdSet == null) {
        if (!singleResourceGroup) {
            LOGGER.info("Check and create resource group \"{}\" for disk encryption set", desResourceGroupName);
            checkAndCreateDesResourceGroupByName(cloudContext, azureClient, desResourceGroupName, region, tags);
        }
        LOGGER.info("Creating Disk Encryption Set \"{}\" in resource group \"{}\"", diskEncryptionSetName, desResourceGroupName);
        createdSet = azureClient.createDiskEncryptionSet(diskEncryptionSetName, diskEncryptionSetCreationRequest.getEncryptionKeyUrl(), region, desResourceGroupName, sourceVaultId, tags);
    } else {
        LOGGER.info("Disk Encryption Set \"{}\" already exists, proceeding with the same", diskEncryptionSetName);
    }
    createdSet = pollDiskEncryptionSetCreation(authenticatedContext, desResourceGroupName, diskEncryptionSetName, createdSet);
    // Neither of createdSet, createdSet.id() or createdSet.identity().principalId() can be null at this point; polling will fail otherwise
    CloudResource desCloudResource = CloudResource.builder().name(diskEncryptionSetName).type(AZURE_DISK_ENCRYPTION_SET).reference(createdSet.id()).status(CommonStatus.CREATED).build();
    persistenceNotifier.notifyAllocation(desCloudResource, cloudContext);
    return new CreatedDiskEncryptionSet.Builder().withDiskEncryptionSetId(createdSet.id()).withDiskEncryptionSetPrincipalObjectId(createdSet.identity().principalId()).withDiskEncryptionSetLocation(createdSet.location()).withDiskEncryptionSetName(createdSet.name()).withTags(createdSet.getTags()).withDiskEncryptionSetResourceGroupName(desResourceGroupName).build();
}
Also used : CloudContext(com.sequenceiq.cloudbreak.cloud.context.CloudContext) CreatedDiskEncryptionSet(com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet) DiskEncryptionSetInner(com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner) CloudResource(com.sequenceiq.cloudbreak.cloud.model.CloudResource)

Aggregations

CreatedDiskEncryptionSet (com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet)13 Test (org.junit.jupiter.api.Test)9 DiskEncryptionSetInner (com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner)6 CloudResource (com.sequenceiq.cloudbreak.cloud.model.CloudResource)6 DiskEncryptionSetCreationRequest (com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest)6 EncryptionSetIdentity (com.microsoft.azure.management.compute.EncryptionSetIdentity)5 KeyForDiskEncryptionSet (com.microsoft.azure.management.compute.KeyForDiskEncryptionSet)5 SourceVault (com.microsoft.azure.management.compute.SourceVault)5 Subscription (com.microsoft.azure.management.resources.Subscription)5 DiskEncryptionSetCreationCheckerContext (com.sequenceiq.cloudbreak.cloud.azure.task.diskencryptionset.DiskEncryptionSetCreationCheckerContext)5 ResourcePersisted (com.sequenceiq.cloudbreak.cloud.notification.model.ResourcePersisted)5 AzureParameters (com.sequenceiq.environment.parameters.dao.domain.AzureParameters)5 HashMap (java.util.HashMap)5 Map (java.util.Map)5 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)5 EnvironmentDto (com.sequenceiq.environment.environment.dto.EnvironmentDto)4 Environment (com.sequenceiq.environment.environment.domain.Environment)3 UpdateAzureResourceEncryptionDto (com.sequenceiq.environment.environment.dto.UpdateAzureResourceEncryptionDto)2 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)2 ResourceGroup (com.microsoft.azure.management.resources.ResourceGroup)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial