Example 11 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class FreeIpaClientFactoryTest method getFreeIpaClientForStackForLegacyHealthCheckShouldReturnClientWhenStackStatusIsUnreachable.
@Test
void getFreeIpaClientForStackForLegacyHealthCheckShouldReturnClientWhenStackStatusIsUnreachable() {
Stack stack = createStack();
stack.setGatewayport(80);
FreeIpa freeIpa = new FreeIpa();
freeIpa.setAdminPassword(new Secret("", ""));
when(freeIpaService.findByStack(stack)).thenReturn(freeIpa);
when(stackService.getByIdWithListsInTransaction(stack.getId())).thenReturn(stack);
when(tlsSecurityService.buildTLSClientConfig(any(), any(), any())).thenReturn(new HttpClientConfig(FREEIPP_FQDN));
Status unreachableState = Status.FREEIPA_UNREACHABLE_STATUSES.stream().findAny().get();
StackStatus stackStatus = new StackStatus(stack, unreachableState, "The FreeIPA instance is unreachable.", DetailedStackStatus.UNREACHABLE);
stack.setStackStatus(stackStatus);
FreeIpaClientException exception = Assertions.assertThrows(FreeIpaClientException.class, () -> underTest.getFreeIpaClientForStackForLegacyHealthCheck(stack, FREEIPP_FQDN));
verify(clusterProxyService, times(1)).isCreateConfigForClusterProxy(stack);
verify(tlsSecurityService, times(1)).buildTLSClientConfig(any(), any(), any());
Assertions.assertEquals(FreeIpaClientException.class, exception.getCause().getClass());
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
StackStatus(com.sequenceiq.freeipa.entity.StackStatus)
InstanceStatus(com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.instance.InstanceStatus)
Status(com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.Status)
DetailedStackStatus(com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.DetailedStackStatus)
HttpClientConfig(com.sequenceiq.cloudbreak.client.HttpClientConfig)
FreeIpa(com.sequenceiq.freeipa.entity.FreeIpa)
StackStatus(com.sequenceiq.freeipa.entity.StackStatus)
DetailedStackStatus(com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.DetailedStackStatus)
FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException)
Stack(com.sequenceiq.freeipa.entity.Stack)
Test(org.junit.jupiter.api.Test)
Example 12 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class HostKeytabServiceTest method testGenerateHostKeytabHostDontHaveKeytab.
@Test
public void testGenerateHostKeytabHostDontHaveKeytab() throws FreeIpaClientException {
HostKeytabRequest request = new HostKeytabRequest();
request.setEnvironmentCrn(ENVIRONMENT_CRN);
request.setRoleRequest(new RoleRequest());
request.setDoNotRecreateKeytab(Boolean.TRUE);
request.setServerHostName("asdf");
Stack stack = new Stack();
when(keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), ACCOUNT_ID)).thenReturn(stack);
FreeIpaClient freeIpaClient = mock(FreeIpaClient.class);
when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(freeIpaClient);
when(roleComponent.privilegesExist(request.getRoleRequest(), freeIpaClient)).thenReturn(Boolean.TRUE);
Host host = new Host();
host.setHasKeytab(Boolean.FALSE);
host.setKrbprincipalname("dfdf");
when(keytabCommonService.addHost(request.getServerHostName(), request.getRoleRequest(), freeIpaClient)).thenReturn(host);
KeytabCache keytabCache = mock(KeytabCache.class);
Secret keytabSecret = new Secret("keytab", "keytabSecret");
Secret principalSecret = new Secret("principal", "principalSecret");
when(keytabCache.getKeytab()).thenReturn(keytabSecret);
when(keytabCache.getPrincipal()).thenReturn(principalSecret);
when(keytabCommonService.getKeytab(request.getEnvironmentCrn(), host.getKrbprincipalname(), request.getServerHostName(), freeIpaClient)).thenReturn(keytabCache);
SecretResponse keytabResponse = new SecretResponse();
keytabResponse.setSecretPath("keytabPath");
when(secretResponseConverter.convert(keytabCache.getKeytab().getSecret())).thenReturn(keytabResponse);
SecretResponse principalResponse = new SecretResponse();
principalResponse.setSecretPath("principalPath");
when(secretResponseConverter.convert(keytabCache.getPrincipal().getSecret())).thenReturn(principalResponse);
HostKeytabResponse response = underTest.generateHostKeytab(request, ACCOUNT_ID);
assertEquals(keytabResponse, response.getKeytab());
assertEquals(principalResponse, response.getHostPrincipal());
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
SecretResponse(com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)
HostKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)
KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache)
HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)
FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient)
Host(com.sequenceiq.freeipa.client.model.Host)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
Stack(com.sequenceiq.freeipa.entity.Stack)
Test(org.junit.jupiter.api.Test)
Example 13 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class HostKeytabServiceTest method testGenerateHostKeytabGetExisting.
@Test
public void testGenerateHostKeytabGetExisting() throws FreeIpaClientException {
HostKeytabRequest request = new HostKeytabRequest();
request.setEnvironmentCrn(ENVIRONMENT_CRN);
request.setRoleRequest(new RoleRequest());
request.setDoNotRecreateKeytab(Boolean.TRUE);
request.setServerHostName("asdf");
Stack stack = new Stack();
when(keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), ACCOUNT_ID)).thenReturn(stack);
FreeIpaClient freeIpaClient = mock(FreeIpaClient.class);
when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(freeIpaClient);
when(roleComponent.privilegesExist(request.getRoleRequest(), freeIpaClient)).thenReturn(Boolean.TRUE);
Host host = new Host();
host.setHasKeytab(Boolean.TRUE);
host.setKrbprincipalname("dfdf");
when(keytabCommonService.addHost(request.getServerHostName(), request.getRoleRequest(), freeIpaClient)).thenReturn(host);
KeytabCache keytabCache = mock(KeytabCache.class);
Secret keytabSecret = new Secret("keytab", "keytabSecret");
Secret principalSecret = new Secret("principal", "principalSecret");
when(keytabCache.getKeytab()).thenReturn(keytabSecret);
when(keytabCache.getPrincipal()).thenReturn(principalSecret);
when(keytabCommonService.getExistingKeytab(request.getEnvironmentCrn(), host.getKrbprincipalname(), request.getServerHostName(), freeIpaClient)).thenReturn(keytabCache);
SecretResponse keytabResponse = new SecretResponse();
keytabResponse.setSecretPath("keytabPath");
when(secretResponseConverter.convert(keytabCache.getKeytab().getSecret())).thenReturn(keytabResponse);
SecretResponse principalResponse = new SecretResponse();
principalResponse.setSecretPath("principalPath");
when(secretResponseConverter.convert(keytabCache.getPrincipal().getSecret())).thenReturn(principalResponse);
HostKeytabResponse response = underTest.generateHostKeytab(request, ACCOUNT_ID);
assertEquals(keytabResponse, response.getKeytab());
assertEquals(principalResponse, response.getHostPrincipal());
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
SecretResponse(com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)
HostKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)
KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache)
HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)
FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient)
Host(com.sequenceiq.freeipa.client.model.Host)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
Stack(com.sequenceiq.freeipa.entity.Stack)
Test(org.junit.jupiter.api.Test)
Example 14 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class SecretAspectsTest method testproceedSaveEntitySecretSecretNotNull.
@Test
public void testproceedSaveEntitySecretSecretNotNull() throws Exception {
DummyTenantAwareResourceEntity dummyEntity = new DummyTenantAwareResourceEntity(new Secret(null, ""));
when(proceedingJoinPoint.getArgs()).thenReturn(new Object[] { dummyEntity });
underTest.proceedOnRepositorySave(proceedingJoinPoint);
verifySecretManagementIgnoredDuringSave(dummyEntity.secret);
}Example 15 with Secret
use of com.sequenceiq.cloudbreak.service.secret.domain.Secret in project cloudbreak by hortonworks.
the class SecretAspectsTest method testProceedDeleteInCorrectPathWhenAccountIdIsDefined.
@Test
public void testProceedDeleteInCorrectPathWhenAccountIdIsDefined() {
DummyAccountIdAwareResourceEntity dummyEntity = new DummyAccountIdAwareResourceEntity("accountId", new Secret("secret", "accountId/dummyaccountidawareresourceentity/secret/test-123"));
when(proceedingJoinPoint.getArgs()).thenReturn(new Object[] { dummyEntity });
ArgumentCaptor<String> pathCaptor = ArgumentCaptor.forClass(String.class);
doNothing().when(secretService).delete(pathCaptor.capture());
underTest.proceedOnRepositoryDelete(proceedingJoinPoint);
assertTrue(pathCaptor.getValue().startsWith("accountId/dummyaccountidawareresourceentity/secret/test-123"));
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Test(org.junit.Test)
Aggregations
Secret (com.sequenceiq.cloudbreak.service.secret.domain.Secret)37
Test (org.junit.Test)11
Field (java.lang.reflect.Field)8
Test (org.junit.jupiter.api.Test)8
Stack (com.sequenceiq.freeipa.entity.Stack)7
SecretProxy (com.sequenceiq.cloudbreak.service.secret.domain.SecretProxy)5
SecretOperationException (com.sequenceiq.cloudbreak.service.secret.SecretOperationException)4
SecretResponse (com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)4
VaultSecret (com.sequenceiq.cloudbreak.service.secret.vault.VaultSecret)4
HostKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)4
HostKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)4
FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)4
Host (com.sequenceiq.freeipa.client.model.Host)4
KeytabCache (com.sequenceiq.freeipa.entity.KeytabCache)4
HttpClientConfig (com.sequenceiq.cloudbreak.client.HttpClientConfig)3
DetailedStackStatus (com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.DetailedStackStatus)3
Status (com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.Status)3
InstanceStatus (com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.instance.InstanceStatus)3
RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)3
FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)3
