Search in sources :

Example 1 with CertSecretSourceBuilder

use of io.strimzi.api.kafka.model.CertSecretSourceBuilder in project strimzi by strimzi.

the class KafkaMirrorMaker2Templates method defaultKafkaMirrorMaker2.

private static KafkaMirrorMaker2Builder defaultKafkaMirrorMaker2(KafkaMirrorMaker2 kafkaMirrorMaker2, String name, String kafkaTargetClusterName, String kafkaSourceClusterName, int kafkaMirrorMaker2Replicas, boolean tlsListener, String sourceNs, String targetNs) {
    KafkaMirrorMaker2ClusterSpec targetClusterSpec = new KafkaMirrorMaker2ClusterSpecBuilder().withAlias(kafkaTargetClusterName).withBootstrapServers(targetNs == null ? KafkaResources.plainBootstrapAddress(kafkaTargetClusterName) : KafkaUtils.namespacedPlainBootstrapAddress(kafkaTargetClusterName, targetNs)).addToConfig("config.storage.replication.factor", -1).addToConfig("offset.storage.replication.factor", -1).addToConfig("status.storage.replication.factor", -1).build();
    KafkaMirrorMaker2ClusterSpec sourceClusterSpec = new KafkaMirrorMaker2ClusterSpecBuilder().withAlias(kafkaSourceClusterName).withBootstrapServers(sourceNs == null ? KafkaResources.plainBootstrapAddress(kafkaSourceClusterName) : KafkaUtils.namespacedPlainBootstrapAddress(kafkaSourceClusterName, sourceNs)).build();
    if (tlsListener) {
        targetClusterSpec = new KafkaMirrorMaker2ClusterSpecBuilder(targetClusterSpec).withBootstrapServers(targetNs == null ? KafkaResources.tlsBootstrapAddress(kafkaTargetClusterName) : KafkaUtils.namespacedTlsBootstrapAddress(kafkaTargetClusterName, targetNs)).withNewTls().withTrustedCertificates(new CertSecretSourceBuilder().withSecretName(KafkaResources.clusterCaCertificateSecretName(kafkaTargetClusterName)).withCertificate("ca.crt").build()).endTls().build();
        sourceClusterSpec = new KafkaMirrorMaker2ClusterSpecBuilder(sourceClusterSpec).withBootstrapServers(sourceNs == null ? KafkaResources.tlsBootstrapAddress(kafkaSourceClusterName) : KafkaUtils.namespacedTlsBootstrapAddress(kafkaSourceClusterName, sourceNs)).withNewTls().withTrustedCertificates(new CertSecretSourceBuilder().withSecretName(KafkaResources.clusterCaCertificateSecretName(kafkaSourceClusterName)).withCertificate("ca.crt").build()).endTls().build();
    }
    return new KafkaMirrorMaker2Builder(kafkaMirrorMaker2).withNewMetadata().withName(name).withNamespace(ResourceManager.kubeClient().getNamespace()).withClusterName(kafkaTargetClusterName).endMetadata().editOrNewSpec().withVersion(Environment.ST_KAFKA_VERSION).withReplicas(kafkaMirrorMaker2Replicas).withConnectCluster(kafkaTargetClusterName).withClusters(targetClusterSpec, sourceClusterSpec).editFirstMirror().withSourceCluster(kafkaSourceClusterName).withTargetCluster(kafkaTargetClusterName).endMirror().withNewInlineLogging().addToLoggers("connect.root.logger.level", "DEBUG").endInlineLogging().endSpec();
}
Also used : KafkaMirrorMaker2Builder(io.strimzi.api.kafka.model.KafkaMirrorMaker2Builder) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) KafkaMirrorMaker2ClusterSpecBuilder(io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpecBuilder) KafkaMirrorMaker2ClusterSpec(io.strimzi.api.kafka.model.KafkaMirrorMaker2ClusterSpec)

Example 2 with CertSecretSourceBuilder

use of io.strimzi.api.kafka.model.CertSecretSourceBuilder in project strimzi by strimzi.

the class UtilTest method getHashOk.

@Test
public void getHashOk() {
    String namespace = "ns";
    GenericSecretSource at = new GenericSecretSourceBuilder().withSecretName("top-secret-at").withKey("key").build();
    GenericSecretSource cs = new GenericSecretSourceBuilder().withSecretName("top-secret-cs").withKey("key").build();
    GenericSecretSource rt = new GenericSecretSourceBuilder().withSecretName("top-secret-rt").withKey("key").build();
    KafkaClientAuthentication kcu = new KafkaClientAuthenticationOAuthBuilder().withAccessToken(at).withRefreshToken(rt).withClientSecret(cs).build();
    CertSecretSource css = new CertSecretSourceBuilder().withCertificate("key").withSecretName("css-secret").build();
    Secret secret = new SecretBuilder().withData(Map.of("key", "value")).build();
    SecretOperator secretOps = mock(SecretOperator.class);
    when(secretOps.getAsync(eq(namespace), eq("top-secret-at"))).thenReturn(Future.succeededFuture(secret));
    when(secretOps.getAsync(eq(namespace), eq("top-secret-rt"))).thenReturn(Future.succeededFuture(secret));
    when(secretOps.getAsync(eq(namespace), eq("top-secret-cs"))).thenReturn(Future.succeededFuture(secret));
    when(secretOps.getAsync(eq(namespace), eq("css-secret"))).thenReturn(Future.succeededFuture(secret));
    Future<Integer> res = Util.authTlsHash(secretOps, "ns", kcu, singletonList(css));
    res.onComplete(v -> {
        assertThat(v.succeeded(), is(true));
        // we are summing "value" hash four times
        assertThat(v.result(), is("value".hashCode() * 4));
    });
}
Also used : KafkaClientAuthentication(io.strimzi.api.kafka.model.authentication.KafkaClientAuthentication) KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) Secret(io.fabric8.kubernetes.api.model.Secret) SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder) SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator) GenericSecretSource(io.strimzi.api.kafka.model.GenericSecretSource) GenericSecretSourceBuilder(io.strimzi.api.kafka.model.GenericSecretSourceBuilder) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource) Test(org.junit.jupiter.api.Test)

Example 3 with CertSecretSourceBuilder

use of io.strimzi.api.kafka.model.CertSecretSourceBuilder in project strimzi by strimzi.

the class OauthTlsIsolatedST method testProducerConsumerConnect.

@Description("As an oauth KafkaConnect, I am able to sink messages from kafka broker topic using encrypted communication.")
@ParallelTest
@Tag(CONNECT)
@Tag(CONNECT_COMPONENTS)
void testProducerConsumerConnect(ExtensionContext extensionContext) {
    String clusterName = mapWithClusterNames.get(extensionContext.getDisplayName());
    String producerName = OAUTH_PRODUCER_NAME + "-" + clusterName;
    String consumerName = OAUTH_CONSUMER_NAME + "-" + clusterName;
    String topicName = mapWithTestTopics.get(extensionContext.getDisplayName());
    resourceManager.createResource(extensionContext, KafkaTopicTemplates.topic(oauthClusterName, topicName, INFRA_NAMESPACE).build());
    KafkaOauthClients oauthExampleClients = new KafkaOauthClientsBuilder().withNamespaceName(INFRA_NAMESPACE).withProducerName(producerName).withConsumerName(consumerName).withBootstrapAddress(KafkaResources.tlsBootstrapAddress(oauthClusterName)).withTopicName(topicName).withMessageCount(MESSAGE_COUNT).withOauthClientId(OAUTH_CLIENT_NAME).withOauthClientSecret(OAUTH_CLIENT_SECRET).withOauthTokenEndpointUri(keycloakInstance.getOauthTokenEndpointUri()).build();
    resourceManager.createResource(extensionContext, oauthExampleClients.producerStrimziOauthTls(oauthClusterName));
    ClientUtils.waitForClientSuccess(producerName, INFRA_NAMESPACE, MESSAGE_COUNT);
    JobUtils.deleteJobWithWait(INFRA_NAMESPACE, producerName);
    resourceManager.createResource(extensionContext, oauthExampleClients.consumerStrimziOauthTls(oauthClusterName));
    ClientUtils.waitForClientSuccess(consumerName, INFRA_NAMESPACE, MESSAGE_COUNT);
    JobUtils.deleteJobWithWait(INFRA_NAMESPACE, consumerName);
    resourceManager.createResource(extensionContext, KafkaClientsTemplates.kafkaClients(INFRA_NAMESPACE, false, oauthClusterName + "-" + Constants.KAFKA_CLIENTS).build());
    String defaultKafkaClientsPodName = ResourceManager.kubeClient().listPodsByPrefixInName(INFRA_NAMESPACE, oauthClusterName + "-" + Constants.KAFKA_CLIENTS).get(0).getMetadata().getName();
    resourceManager.createResource(extensionContext, KafkaConnectTemplates.kafkaConnect(extensionContext, clusterName, INFRA_NAMESPACE, oauthClusterName, 1).editSpec().withConfig(connectorConfig).addToConfig("key.converter.schemas.enable", false).addToConfig("value.converter.schemas.enable", false).addToConfig("key.converter", "org.apache.kafka.connect.storage.StringConverter").addToConfig("value.converter", "org.apache.kafka.connect.storage.StringConverter").withNewKafkaClientAuthenticationOAuth().withTokenEndpointUri(keycloakInstance.getOauthTokenEndpointUri()).withClientId("kafka-connect").withNewClientSecret().withSecretName("my-connect-oauth").withKey(OAUTH_KEY).endClientSecret().withTlsTrustedCertificates(new CertSecretSourceBuilder().withSecretName(KeycloakInstance.KEYCLOAK_SECRET_NAME).withCertificate(KeycloakInstance.KEYCLOAK_SECRET_CERT).build()).withDisableTlsHostnameVerification(true).endKafkaClientAuthenticationOAuth().withNewTls().addNewTrustedCertificate().withSecretName(oauthClusterName + "-cluster-ca-cert").withCertificate("ca.crt").endTrustedCertificate().endTls().withBootstrapServers(oauthClusterName + "-kafka-bootstrap:9093").endSpec().build());
    String kafkaConnectPodName = kubeClient(INFRA_NAMESPACE).listPods(INFRA_NAMESPACE, clusterName, Labels.STRIMZI_KIND_LABEL, KafkaConnect.RESOURCE_KIND).get(0).getMetadata().getName();
    KafkaConnectUtils.waitUntilKafkaConnectRestApiIsAvailable(INFRA_NAMESPACE, kafkaConnectPodName);
    KafkaConnectorUtils.createFileSinkConnector(INFRA_NAMESPACE, defaultKafkaClientsPodName, topicName, Constants.DEFAULT_SINK_FILE_PATH, KafkaConnectResources.url(clusterName, INFRA_NAMESPACE, 8083));
    KafkaConnectUtils.waitForMessagesInKafkaConnectFileSink(INFRA_NAMESPACE, kafkaConnectPodName, Constants.DEFAULT_SINK_FILE_PATH, "\"Hello-world - 99\"");
}
Also used : KafkaOauthClientsBuilder(io.strimzi.systemtest.kafkaclients.internalClients.KafkaOauthClientsBuilder) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) KafkaOauthClients(io.strimzi.systemtest.kafkaclients.internalClients.KafkaOauthClients) Description(io.vertx.core.cli.annotations.Description) ParallelTest(io.strimzi.systemtest.annotations.ParallelTest) Tag(org.junit.jupiter.api.Tag)

Example 4 with CertSecretSourceBuilder

use of io.strimzi.api.kafka.model.CertSecretSourceBuilder in project strimzi by strimzi.

the class OauthTlsIsolatedST method testMirrorMaker.

@Description("As a oauth mirror maker, I am able to replicate topic data using using encrypted communication")
@IsolatedTest("Using more tha one Kafka cluster in one namespace")
@Tag(MIRROR_MAKER)
@Tag(NODEPORT_SUPPORTED)
@SuppressWarnings({ "checkstyle:MethodLength" })
void testMirrorMaker(ExtensionContext extensionContext) {
    // Nodeport needs cluster wide rights to work properly which is not possible with STRIMZI_RBAC_SCOPE=NAMESPACE
    assumeFalse(Environment.isNamespaceRbacScope());
    String clusterName = mapWithClusterNames.get(extensionContext.getDisplayName());
    String producerName = OAUTH_PRODUCER_NAME + "-" + clusterName;
    String consumerName = OAUTH_CONSUMER_NAME + "-" + clusterName;
    String topicName = mapWithTestTopics.get(extensionContext.getDisplayName());
    resourceManager.createResource(extensionContext, KafkaTopicTemplates.topic(oauthClusterName, topicName, INFRA_NAMESPACE).build());
    KafkaOauthClients oauthExampleClients = new KafkaOauthClientsBuilder().withNamespaceName(INFRA_NAMESPACE).withProducerName(producerName).withConsumerName(consumerName).withBootstrapAddress(KafkaResources.tlsBootstrapAddress(oauthClusterName)).withTopicName(topicName).withMessageCount(MESSAGE_COUNT).withOauthClientId(OAUTH_CLIENT_NAME).withOauthClientSecret(OAUTH_CLIENT_SECRET).withOauthTokenEndpointUri(keycloakInstance.getOauthTokenEndpointUri()).build();
    resourceManager.createResource(extensionContext, oauthExampleClients.producerStrimziOauthTls(oauthClusterName));
    ClientUtils.waitForClientSuccess(producerName, INFRA_NAMESPACE, MESSAGE_COUNT);
    JobUtils.deleteJobWithWait(INFRA_NAMESPACE, producerName);
    resourceManager.createResource(extensionContext, oauthExampleClients.consumerStrimziOauthTls(oauthClusterName));
    ClientUtils.waitForClientSuccess(consumerName, INFRA_NAMESPACE, MESSAGE_COUNT);
    JobUtils.deleteJobWithWait(INFRA_NAMESPACE, consumerName);
    String targetKafkaCluster = oauthClusterName + "-target";
    resourceManager.createResource(extensionContext, KafkaTemplates.kafkaEphemeral(targetKafkaCluster, 1, 1).editMetadata().withNamespace(INFRA_NAMESPACE).endMetadata().editSpec().editKafka().withListeners(OauthAbstractST.BUILD_OAUTH_TLS_LISTENER.apply(keycloakInstance), new GenericKafkaListenerBuilder().withName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).withPort(9094).withType(KafkaListenerType.NODEPORT).withTls(true).withNewKafkaListenerAuthenticationOAuth().withValidIssuerUri(keycloakInstance.getValidIssuerUri()).withJwksExpirySeconds(keycloakInstance.getJwksExpireSeconds()).withJwksRefreshSeconds(keycloakInstance.getJwksRefreshSeconds()).withJwksEndpointUri(keycloakInstance.getJwksEndpointUri()).withUserNameClaim(keycloakInstance.getUserNameClaim()).withTlsTrustedCertificates(new CertSecretSourceBuilder().withSecretName(KeycloakInstance.KEYCLOAK_SECRET_NAME).withCertificate(KeycloakInstance.KEYCLOAK_SECRET_CERT).build()).withDisableTlsHostnameVerification(true).endKafkaListenerAuthenticationOAuth().build()).endKafka().endSpec().build());
    resourceManager.createResource(extensionContext, KafkaMirrorMakerTemplates.kafkaMirrorMaker(oauthClusterName, oauthClusterName, targetKafkaCluster, ClientUtils.generateRandomConsumerGroup(), 1, true).editMetadata().withNamespace(INFRA_NAMESPACE).endMetadata().editSpec().withNewConsumer().withNewTls().withTrustedCertificates(new CertSecretSourceBuilder().withCertificate("ca.crt").withSecretName(KafkaResources.clusterCaCertificateSecretName(oauthClusterName)).build()).endTls().withBootstrapServers(KafkaResources.tlsBootstrapAddress(oauthClusterName)).withGroupId(ClientUtils.generateRandomConsumerGroup()).addToConfig(ConsumerConfig.AUTO_OFFSET_RESET_CONFIG, "earliest").withNewKafkaClientAuthenticationOAuth().withTokenEndpointUri(keycloakInstance.getOauthTokenEndpointUri()).withClientId("kafka-mirror-maker").withNewClientSecret().withSecretName(MIRROR_MAKER_OAUTH_SECRET).withKey(OAUTH_KEY).endClientSecret().withTlsTrustedCertificates(new CertSecretSourceBuilder().withSecretName(KeycloakInstance.KEYCLOAK_SECRET_NAME).withCertificate(KeycloakInstance.KEYCLOAK_SECRET_CERT).build()).withDisableTlsHostnameVerification(true).endKafkaClientAuthenticationOAuth().endConsumer().withNewProducer().withBootstrapServers(KafkaResources.tlsBootstrapAddress(targetKafkaCluster)).withNewTls().withTrustedCertificates(new CertSecretSourceBuilder().withCertificate("ca.crt").withSecretName(KafkaResources.clusterCaCertificateSecretName(targetKafkaCluster)).build()).endTls().withNewKafkaClientAuthenticationOAuth().withTokenEndpointUri(keycloakInstance.getOauthTokenEndpointUri()).withClientId("kafka-mirror-maker").withNewClientSecret().withSecretName(MIRROR_MAKER_OAUTH_SECRET).withKey(OAUTH_KEY).endClientSecret().withTlsTrustedCertificates(new CertSecretSourceBuilder().withSecretName(KeycloakInstance.KEYCLOAK_SECRET_NAME).withCertificate(KeycloakInstance.KEYCLOAK_SECRET_CERT).build()).withDisableTlsHostnameVerification(true).endKafkaClientAuthenticationOAuth().addToConfig(ProducerConfig.ACKS_CONFIG, "all").endProducer().endSpec().build());
    String mirrorMakerPodName = kubeClient().listPodsByPrefixInName(INFRA_NAMESPACE, KafkaMirrorMakerResources.deploymentName(oauthClusterName)).get(0).getMetadata().getName();
    String kafkaMirrorMakerLogs = kubeClient().logsInSpecificNamespace(INFRA_NAMESPACE, mirrorMakerPodName);
    assertThat(kafkaMirrorMakerLogs, not(containsString("keytool error: java.io.FileNotFoundException: /opt/kafka/consumer-oauth-certs/**/* (No such file or directory)")));
    resourceManager.createResource(extensionContext, KafkaUserTemplates.tlsUser(INFRA_NAMESPACE, oauthClusterName, USER_NAME).build());
    KafkaUserUtils.waitForKafkaUserCreation(INFRA_NAMESPACE, USER_NAME);
    LOGGER.info("Creating new client with new consumer-group and also to point on {} cluster", targetKafkaCluster);
    KafkaOauthClients kafkaOauthClientJob = new KafkaOauthClientsBuilder().withNamespaceName(INFRA_NAMESPACE).withProducerName(producerName).withConsumerName(consumerName).withClientUserName(USER_NAME).withBootstrapAddress(KafkaResources.tlsBootstrapAddress(targetKafkaCluster)).withTopicName(topicName).withMessageCount(MESSAGE_COUNT).withOauthClientId(OAUTH_CLIENT_NAME).withOauthClientSecret(OAUTH_CLIENT_SECRET).withOauthTokenEndpointUri(keycloakInstance.getOauthTokenEndpointUri()).build();
    resourceManager.createResource(extensionContext, kafkaOauthClientJob.consumerStrimziOauthTls(targetKafkaCluster));
    ClientUtils.waitForClientSuccess(consumerName, INFRA_NAMESPACE, MESSAGE_COUNT);
    JobUtils.deleteJobWithWait(INFRA_NAMESPACE, consumerName);
}
Also used : KafkaOauthClientsBuilder(io.strimzi.systemtest.kafkaclients.internalClients.KafkaOauthClientsBuilder) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) KafkaOauthClients(io.strimzi.systemtest.kafkaclients.internalClients.KafkaOauthClients) Description(io.vertx.core.cli.annotations.Description) IsolatedTest(io.strimzi.systemtest.annotations.IsolatedTest) Tag(org.junit.jupiter.api.Tag)

Example 5 with CertSecretSourceBuilder

use of io.strimzi.api.kafka.model.CertSecretSourceBuilder in project strimzi by strimzi.

the class KafkaConnectClusterTest method testGenerateDeploymentWithScramSha512AuthAndTLSSameSecret.

/**
 * This test uses the same secret to hold the certs for TLS and the credentials for SCRAM SHA 512 client authentication. It checks that
 * the volumes and volume mounts that reference the secret are correctly created and that each volume name is only created once - volumes
 * with duplicate names will cause Kubernetes to reject the deployment.
 */
@ParallelTest
public void testGenerateDeploymentWithScramSha512AuthAndTLSSameSecret() {
    KafkaConnect resource = new KafkaConnectBuilder(this.resource).editSpec().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret").withCertificate("cert.crt").build()).endTls().withNewKafkaClientAuthenticationScramSha512().withUsername("user1").withNewPasswordSecret().withSecretName("my-secret").withPassword("user1.password").endPasswordSecret().endKafkaClientAuthenticationScramSha512().endSpec().build();
    KafkaConnectCluster kc = KafkaConnectCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kc.generateDeployment(emptyMap(), true, null, null);
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().size(), is(3));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(0).getName(), is(AbstractModel.STRIMZI_TMP_DIRECTORY_DEFAULT_VOLUME_NAME));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(1).getName(), is("kafka-metrics-and-logging"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(2).getName(), is("my-secret"));
    List<Container> containers = dep.getSpec().getTemplate().getSpec().getContainers();
    assertThat(containers.get(0).getVolumeMounts().size(), is(4));
    assertThat(containers.get(0).getVolumeMounts().get(0).getName(), is(AbstractModel.STRIMZI_TMP_DIRECTORY_DEFAULT_VOLUME_NAME));
    assertThat(containers.get(0).getVolumeMounts().get(0).getMountPath(), is(AbstractModel.STRIMZI_TMP_DIRECTORY_DEFAULT_MOUNT_PATH));
    assertThat(containers.get(0).getVolumeMounts().get(1).getName(), is("kafka-metrics-and-logging"));
    assertThat(containers.get(0).getVolumeMounts().get(1).getMountPath(), is("/opt/kafka/custom-config/"));
    assertThat(containers.get(0).getVolumeMounts().get(2).getName(), is("my-secret"));
    assertThat(containers.get(0).getVolumeMounts().get(2).getMountPath(), is(KafkaConnectCluster.TLS_CERTS_BASE_VOLUME_MOUNT + "my-secret"));
    assertThat(containers.get(0).getVolumeMounts().get(3).getName(), is("my-secret"));
    assertThat(containers.get(0).getVolumeMounts().get(3).getMountPath(), is(KafkaConnectCluster.PASSWORD_VOLUME_MOUNT + "my-secret"));
    assertThat(AbstractModel.containerEnvVars(containers.get(0)), hasEntry(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_SASL_PASSWORD_FILE, "my-secret/user1.password"));
    assertThat(AbstractModel.containerEnvVars(containers.get(0)), hasEntry(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_SASL_USERNAME, "user1"));
    assertThat(AbstractModel.containerEnvVars(containers.get(0)), hasEntry(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_SASL_MECHANISM, "scram-sha-512"));
    assertThat(AbstractModel.containerEnvVars(containers.get(0)), hasEntry(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_TLS, "true"));
}
Also used : KafkaConnectBuilder(io.strimzi.api.kafka.model.KafkaConnectBuilder) Container(io.fabric8.kubernetes.api.model.Container) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Aggregations

CertSecretSourceBuilder (io.strimzi.api.kafka.model.CertSecretSourceBuilder)43 ParallelTest (io.strimzi.test.annotations.ParallelTest)32 Deployment (io.fabric8.kubernetes.api.model.apps.Deployment)26 Container (io.fabric8.kubernetes.api.model.Container)25 CertSecretSource (io.strimzi.api.kafka.model.CertSecretSource)15 KafkaClientAuthenticationTlsBuilder (io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder)14 EnvVar (io.fabric8.kubernetes.api.model.EnvVar)9 HasMetadata (io.fabric8.kubernetes.api.model.HasMetadata)9 IntOrString (io.fabric8.kubernetes.api.model.IntOrString)9 LocalObjectReference (io.fabric8.kubernetes.api.model.LocalObjectReference)9 OwnerReference (io.fabric8.kubernetes.api.model.OwnerReference)9 PodSecurityContextBuilder (io.fabric8.kubernetes.api.model.PodSecurityContextBuilder)9 Quantity (io.fabric8.kubernetes.api.model.Quantity)9 ResourceRequirementsBuilder (io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder)9 ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)9 PodDisruptionBudget (io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)9 ContainerEnvVar (io.strimzi.api.kafka.model.ContainerEnvVar)9 ContainerTemplate (io.strimzi.api.kafka.model.template.ContainerTemplate)9 KafkaVersionTestUtils (io.strimzi.operator.cluster.KafkaVersionTestUtils)9 ResourceUtils (io.strimzi.operator.cluster.ResourceUtils)9