Examples with DiskEncryptionSetCreationRequest com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest used on opensource projects

Search in sources :

Example 1 with DiskEncryptionSetCreationRequest

use of com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest in project cloudbreak by hortonworks.

the class EnvironmentEncryptionServiceTest method testCreateEncryptionResourcesCreationRequestShouldReturnWithANewEncryptionResourcesCreationRequestWhenEncryptionKeyResourceGroupNameIsNotPresent.

@Test
void testCreateEncryptionResourcesCreationRequestShouldReturnWithANewEncryptionResourcesCreationRequestWhenEncryptionKeyResourceGroupNameIsNotPresent() {
    EnvironmentDto environmentDto = EnvironmentDto.builder().withResourceCrn(ENVIRONMENT_CRN).withId(ENVIRONMENT_ID).withName(ENVIRONMENT_NAME).withCloudPlatform(CLOUD_PLATFORM).withCredential(credential).withLocationDto(LocationDto.builder().withName(REGION).build()).withParameters(ParametersDto.builder().withAzureParameters(AzureParametersDto.builder().withEncryptionParameters(AzureResourceEncryptionParametersDto.builder().withEncryptionKeyUrl(KEY_URL).build()).withResourceGroup(AzureResourceGroupDto.builder().withResourceGroupUsagePattern(ResourceGroupUsagePattern.USE_SINGLE).withName(RESOURCE_GROUP_NAME).build()).build()).build()).withCreator(USER_NAME).withAccountId(ACCOUNT_ID).build();
    when(credentialToCloudCredentialConverter.convert(credential)).thenReturn(cloudCredential);
    Map<String, String> tags = Map.ofEntries(entry("tag1", "value1"), entry("tag2", "value2"));
    when(environmentTagProvider.getTags(environmentDto, ENVIRONMENT_CRN)).thenReturn(tags);
    DiskEncryptionSetCreationRequest creationRequest = underTest.createEncryptionResourcesCreationRequest(environmentDto);
    assertEquals(creationRequest.getEncryptionKeyUrl(), KEY_URL);
    assertEquals(creationRequest.getDiskEncryptionSetResourceGroupName(), RESOURCE_GROUP_NAME);
    assertEquals(creationRequest.getEncryptionKeyResourceGroupName(), RESOURCE_GROUP_NAME);
    verifyCloudContext(creationRequest.getCloudContext());
    assertThat(creationRequest.getCloudCredential()).isSameAs(cloudCredential);
    assertThat(creationRequest.getId()).isEqualTo("randomGeneratedResource");
    assertThat(creationRequest.getTags()).isSameAs(tags);
}
Also used : EnvironmentDto(com.sequenceiq.environment.environment.dto.EnvironmentDto) DiskEncryptionSetCreationRequest(com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest) Test(org.junit.jupiter.api.Test)

Example 2 with DiskEncryptionSetCreationRequest

use of com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest in project cloudbreak by hortonworks.

the class AzureEncryptionResourcesTest method testCreateDiskEncryptionSetThrowsExceptionWhenNotSingleResourceGroupAndVaultResourceGroupNameIsNotPresent.

@Test
public void testCreateDiskEncryptionSetThrowsExceptionWhenNotSingleResourceGroupAndVaultResourceGroupNameIsNotPresent() {
    DiskEncryptionSetCreationRequest requestedSet = new DiskEncryptionSetCreationRequest.Builder().withCloudCredential(cloudCredential).withCloudContext(cloudContext).withDiskEncryptionSetResourceGroupName(null).withTags(new HashMap<>()).withEncryptionKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").build();
    when(azureClientService.createAuthenticatedContext(cloudContext, cloudCredential)).thenReturn(authenticatedContext);
    when(authenticatedContext.getParameter(AzureClient.class)).thenReturn(azureClient);
    initExceptionConversion();
    verifyException(IllegalArgumentException.class, () -> underTest.createDiskEncryptionSet(requestedSet), "Encryption key resource group name should be present if resource group is not provided during environment creation. " + "At least one of --resource-group-name or --encryption-key-resource-group-name should be specified.");
}
Also used : DiskEncryptionSetCreationRequest(com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 3 with DiskEncryptionSetCreationRequest

use of com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest in project cloudbreak by hortonworks.

the class AzureEncryptionResourcesTest method testCreateDiskEncryptionSetShouldReturnNewlyCreatedDiskEncryptionSetIfNotAlreadyExistsAndCreateNewResourceGroupWhenIsNotSingleResourceGroup.

@Test
public void testCreateDiskEncryptionSetShouldReturnNewlyCreatedDiskEncryptionSetIfNotAlreadyExistsAndCreateNewResourceGroupWhenIsNotSingleResourceGroup() {
    DiskEncryptionSetCreationRequest requestedSet = new DiskEncryptionSetCreationRequest.Builder().withId("uniqueId").withCloudContext(cloudContext).withCloudCredential(cloudCredential).withEncryptionKeyResourceGroupName("dummyResourceGroup").withDiskEncryptionSetResourceGroupName(null).withTags(new HashMap<>()).withEncryptionKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").build();
    EncryptionSetIdentity identity = new EncryptionSetIdentity().withType(DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED);
    ReflectionTestUtils.setField(identity, "principalId", DES_PRINCIPAL_ID);
    DiskEncryptionSetInner des = (DiskEncryptionSetInner) new DiskEncryptionSetInner().withEncryptionType(DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY).withActiveKey(new KeyForDiskEncryptionSet().withKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").withSourceVault(new SourceVault().withId("/subscriptions/dummySubs/resourceGroups/dummyResourceGroup/providers/Microsoft.KeyVault/vaults/dummyVaultName"))).withIdentity(identity).withLocation("dummyRegion").withTags(new HashMap<>());
    ResourceGroup resourceGroup = mock(ResourceGroup.class);
    ReflectionTestUtils.setField(des, "id", DES_RESOURCE_ID);
    Subscription subscription = mock(Subscription.class);
    when(persistenceNotifier.notifyAllocation(any(CloudResource.class), eq(cloudContext))).thenReturn(new ResourcePersisted());
    when(subscription.subscriptionId()).thenReturn("dummySubscriptionId");
    when(azureUtils.generateDesNameByNameAndId(any(String.class), any(String.class))).thenReturn("dummyEnvName-DES-uniqueId");
    when(azureClientService.createAuthenticatedContext(cloudContext, cloudCredential)).thenReturn(authenticatedContext);
    when(authenticatedContext.getParameter(AzureClient.class)).thenReturn(azureClient);
    when(azureClient.getCurrentSubscription()).thenReturn(subscription);
    when(azureClient.getDiskEncryptionSetByName(any(String.class), any(String.class))).thenReturn(null);
    when(azureUtils.generateResourceGroupNameByNameAndId(any(String.class), any(String.class))).thenReturn("envName-CDP_DES-uniqueId");
    when(azureClient.resourceGroupExists(eq("envName-CDP_DES-uniqueId"))).thenReturn(Boolean.FALSE);
    when(azureClient.createResourceGroup(eq("envName-CDP_DES-uniqueId"), eq("dummyRegion"), any(HashMap.class))).thenReturn(resourceGroup);
    when(azureClient.createDiskEncryptionSet(any(String.class), any(String.class), any(String.class), any(String.class), any(String.class), any(Map.class))).thenReturn(des);
    when(azureClient.keyVaultExists("dummyResourceGroup", "dummyVaultName")).thenReturn(Boolean.TRUE);
    when(azureClient.checkKeyVaultAccessPolicyForServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID)).thenReturn(true);
    initRetry();
    // Return the same DES instance to simulate that the poller checker task instantly completed
    when(diskEncryptionSetCreationPoller.startPolling(eq(authenticatedContext), any(DiskEncryptionSetCreationCheckerContext.class), eq(des))).thenReturn(des);
    CreatedDiskEncryptionSet createdDes = underTest.createDiskEncryptionSet(requestedSet);
    assertEquals(createdDes.getDiskEncryptionSetLocation(), "dummyRegion");
    assertEquals(createdDes.getDiskEncryptionSetResourceGroupName(), "envName-CDP_DES-uniqueId");
    verify(azureClient).grantKeyVaultAccessPolicyToServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verify(azureClient).checkKeyVaultAccessPolicyForServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verify(azureClient).createResourceGroup(eq("envName-CDP_DES-uniqueId"), eq("dummyRegion"), any(HashMap.class));
    verifyPersistedResourceGroupAndDiskEncryptionSetCloudResource(resourceGroup.id());
}
Also used : SourceVault(com.microsoft.azure.management.compute.SourceVault) KeyForDiskEncryptionSet(com.microsoft.azure.management.compute.KeyForDiskEncryptionSet) HashMap(java.util.HashMap) ResourcePersisted(com.sequenceiq.cloudbreak.cloud.notification.model.ResourcePersisted) CreatedDiskEncryptionSet(com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet) DiskEncryptionSetCreationCheckerContext(com.sequenceiq.cloudbreak.cloud.azure.task.diskencryptionset.DiskEncryptionSetCreationCheckerContext) EncryptionSetIdentity(com.microsoft.azure.management.compute.EncryptionSetIdentity) DiskEncryptionSetInner(com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner) CloudResource(com.sequenceiq.cloudbreak.cloud.model.CloudResource) Subscription(com.microsoft.azure.management.resources.Subscription) Map(java.util.Map) HashMap(java.util.HashMap) ResourceGroup(com.microsoft.azure.management.resources.ResourceGroup) DiskEncryptionSetCreationRequest(com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 4 with DiskEncryptionSetCreationRequest

use of com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest in project cloudbreak by hortonworks.

the class AzureEncryptionResourcesTest method testCreateDiskEncryptionSetShouldThrowErrorWhenCheckKeyVaultAccessPolicyForServicePrincipalFails.

@Test
public void testCreateDiskEncryptionSetShouldThrowErrorWhenCheckKeyVaultAccessPolicyForServicePrincipalFails() {
    DiskEncryptionSetCreationRequest requestedSet = new DiskEncryptionSetCreationRequest.Builder().withId("uniqueId").withCloudContext(cloudContext).withCloudCredential(cloudCredential).withDiskEncryptionSetResourceGroupName("dummyResourceGroup").withEncryptionKeyResourceGroupName("dummyResourceGroup").withTags(new HashMap<>()).withEncryptionKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").build();
    EncryptionSetIdentity identity = new EncryptionSetIdentity().withType(DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED);
    ReflectionTestUtils.setField(identity, "principalId", DES_PRINCIPAL_ID);
    DiskEncryptionSetInner des = (DiskEncryptionSetInner) new DiskEncryptionSetInner().withEncryptionType(DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY).withActiveKey(new KeyForDiskEncryptionSet().withKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").withSourceVault(new SourceVault().withId("/subscriptions/dummySubs/resourceGroups/dummyResourceGroup/providers/Microsoft.KeyVault/vaults/dummyVaultName"))).withIdentity(identity).withLocation("dummyRegion").withTags(new HashMap<>());
    ReflectionTestUtils.setField(des, "id", DES_RESOURCE_ID);
    Subscription subscription = mock(Subscription.class);
    when(persistenceNotifier.notifyAllocation(any(CloudResource.class), eq(cloudContext))).thenReturn(new ResourcePersisted());
    when(subscription.subscriptionId()).thenReturn("dummySubscriptionId");
    when(azureUtils.generateDesNameByNameAndId(any(String.class), any(String.class))).thenReturn("dummyEnvName-DES-uniqueId");
    when(azureClientService.createAuthenticatedContext(cloudContext, cloudCredential)).thenReturn(authenticatedContext);
    when(authenticatedContext.getParameter(AzureClient.class)).thenReturn(azureClient);
    when(azureClient.getCurrentSubscription()).thenReturn(subscription);
    when(azureClient.getDiskEncryptionSetByName(any(String.class), any(String.class))).thenReturn(null);
    when(azureClient.createDiskEncryptionSet(any(String.class), any(String.class), any(String.class), any(String.class), any(String.class), any(Map.class))).thenReturn(des);
    when(azureClient.keyVaultExists("dummyResourceGroup", "dummyVaultName")).thenReturn(Boolean.TRUE);
    when(azureClient.checkKeyVaultAccessPolicyForServicePrincipal("dummyResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID)).thenReturn(false);
    initRetry();
    // Return the same DES instance to simulate that the poller checker task instantly completed
    when(diskEncryptionSetCreationPoller.startPolling(eq(authenticatedContext), any(DiskEncryptionSetCreationCheckerContext.class), eq(des))).thenReturn(des);
    initExceptionConversion();
    initActionFailedExceptionConversion();
    verifyActionFailedException(CloudConnectorException.class, () -> underTest.createDiskEncryptionSet(requestedSet), "Access policy has not been granted to object Id: desPrincipalId, Retrying ...");
    verifyPersistedCloudResource();
}
Also used : SourceVault(com.microsoft.azure.management.compute.SourceVault) KeyForDiskEncryptionSet(com.microsoft.azure.management.compute.KeyForDiskEncryptionSet) HashMap(java.util.HashMap) ResourcePersisted(com.sequenceiq.cloudbreak.cloud.notification.model.ResourcePersisted) DiskEncryptionSetCreationCheckerContext(com.sequenceiq.cloudbreak.cloud.azure.task.diskencryptionset.DiskEncryptionSetCreationCheckerContext) EncryptionSetIdentity(com.microsoft.azure.management.compute.EncryptionSetIdentity) DiskEncryptionSetInner(com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner) CloudResource(com.sequenceiq.cloudbreak.cloud.model.CloudResource) Subscription(com.microsoft.azure.management.resources.Subscription) Map(java.util.Map) HashMap(java.util.HashMap) DiskEncryptionSetCreationRequest(com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 5 with DiskEncryptionSetCreationRequest

use of com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest in project cloudbreak by hortonworks.

the class AzureEncryptionResourcesTest method testCreateDiskEncryptionSetShouldReturnNewlyCreatedDiskEncryptionSetWhenDesAndVaultResourceGroupAreDifferentAndDesNotAlreadyExists.

@Test
public void testCreateDiskEncryptionSetShouldReturnNewlyCreatedDiskEncryptionSetWhenDesAndVaultResourceGroupAreDifferentAndDesNotAlreadyExists() {
    DiskEncryptionSetCreationRequest requestedSet = new DiskEncryptionSetCreationRequest.Builder().withId("uniqueId").withCloudContext(cloudContext).withCloudCredential(cloudCredential).withDiskEncryptionSetResourceGroupName("dummyResourceGroup").withEncryptionKeyResourceGroupName("dummyVaultResourceGroup").withTags(new HashMap<>()).withEncryptionKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").build();
    EncryptionSetIdentity identity = new EncryptionSetIdentity().withType(DiskEncryptionSetIdentityType.SYSTEM_ASSIGNED);
    ReflectionTestUtils.setField(identity, "principalId", DES_PRINCIPAL_ID);
    DiskEncryptionSetInner des = (DiskEncryptionSetInner) new DiskEncryptionSetInner().withEncryptionType(DiskEncryptionSetType.ENCRYPTION_AT_REST_WITH_CUSTOMER_KEY).withActiveKey(new KeyForDiskEncryptionSet().withKeyUrl("https://dummyVaultName.vault.azure.net/keys/dummyKeyName/dummyKeyVersion").withSourceVault(new SourceVault().withId("/subscriptions/dummySubs/resourceGroups/dummyVaultResourceGroup/providers/Microsoft.KeyVault/vaults/dummyVaultName"))).withIdentity(identity).withLocation("dummyRegion").withTags(new HashMap<>());
    ReflectionTestUtils.setField(des, "id", DES_RESOURCE_ID);
    Subscription subscription = mock(Subscription.class);
    when(persistenceNotifier.notifyAllocation(any(CloudResource.class), eq(cloudContext))).thenReturn(new ResourcePersisted());
    when(subscription.subscriptionId()).thenReturn("dummySubscriptionId");
    when(azureUtils.generateDesNameByNameAndId(any(String.class), any(String.class))).thenReturn("dummyEnvName-DES-uniqueId");
    when(azureClientService.createAuthenticatedContext(cloudContext, cloudCredential)).thenReturn(authenticatedContext);
    when(authenticatedContext.getParameter(AzureClient.class)).thenReturn(azureClient);
    when(azureClient.getCurrentSubscription()).thenReturn(subscription);
    when(azureClient.getDiskEncryptionSetByName(any(String.class), any(String.class))).thenReturn(null);
    when(azureClient.createDiskEncryptionSet(any(String.class), any(String.class), any(String.class), any(String.class), any(String.class), any(Map.class))).thenReturn(des);
    when(azureClient.checkKeyVaultAccessPolicyForServicePrincipal("dummyVaultResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID)).thenReturn(true);
    initRetry();
    // Return the same DES instance to simulate that the poller checker task instantly completed
    when(diskEncryptionSetCreationPoller.startPolling(eq(authenticatedContext), any(DiskEncryptionSetCreationCheckerContext.class), eq(des))).thenReturn(des);
    when(azureClient.keyVaultExists("dummyVaultResourceGroup", "dummyVaultName")).thenReturn(Boolean.TRUE);
    CreatedDiskEncryptionSet createdDes = underTest.createDiskEncryptionSet(requestedSet);
    assertEquals(createdDes.getDiskEncryptionSetLocation(), "dummyRegion");
    assertEquals(createdDes.getDiskEncryptionSetResourceGroupName(), "dummyResourceGroup");
    verify(azureClient).grantKeyVaultAccessPolicyToServicePrincipal("dummyVaultResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verify(azureClient).checkKeyVaultAccessPolicyForServicePrincipal("dummyVaultResourceGroup", "dummyVaultName", DES_PRINCIPAL_ID);
    verifyPersistedCloudResource();
}
Also used : SourceVault(com.microsoft.azure.management.compute.SourceVault) KeyForDiskEncryptionSet(com.microsoft.azure.management.compute.KeyForDiskEncryptionSet) HashMap(java.util.HashMap) ResourcePersisted(com.sequenceiq.cloudbreak.cloud.notification.model.ResourcePersisted) CreatedDiskEncryptionSet(com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet) DiskEncryptionSetCreationCheckerContext(com.sequenceiq.cloudbreak.cloud.azure.task.diskencryptionset.DiskEncryptionSetCreationCheckerContext) EncryptionSetIdentity(com.microsoft.azure.management.compute.EncryptionSetIdentity) DiskEncryptionSetInner(com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner) CloudResource(com.sequenceiq.cloudbreak.cloud.model.CloudResource) Subscription(com.microsoft.azure.management.resources.Subscription) Map(java.util.Map) HashMap(java.util.HashMap) DiskEncryptionSetCreationRequest(com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest) Test(org.junit.jupiter.api.Test) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Aggregations

DiskEncryptionSetCreationRequest (com.sequenceiq.cloudbreak.cloud.model.encryption.DiskEncryptionSetCreationRequest)13 Test (org.junit.jupiter.api.Test)13 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)11 Subscription (com.microsoft.azure.management.resources.Subscription)9 EncryptionSetIdentity (com.microsoft.azure.management.compute.EncryptionSetIdentity)7 KeyForDiskEncryptionSet (com.microsoft.azure.management.compute.KeyForDiskEncryptionSet)7 SourceVault (com.microsoft.azure.management.compute.SourceVault)7 DiskEncryptionSetInner (com.microsoft.azure.management.compute.implementation.DiskEncryptionSetInner)7 DiskEncryptionSetCreationCheckerContext (com.sequenceiq.cloudbreak.cloud.azure.task.diskencryptionset.DiskEncryptionSetCreationCheckerContext)7 CloudResource (com.sequenceiq.cloudbreak.cloud.model.CloudResource)7 ResourcePersisted (com.sequenceiq.cloudbreak.cloud.notification.model.ResourcePersisted)7 HashMap (java.util.HashMap)7 Map (java.util.Map)7 CreatedDiskEncryptionSet (com.sequenceiq.cloudbreak.cloud.model.encryption.CreatedDiskEncryptionSet)5 EnvironmentDto (com.sequenceiq.environment.environment.dto.EnvironmentDto)2 ResourceGroup (com.microsoft.azure.management.resources.ResourceGroup)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial