use of io.strimzi.api.kafka.model.Kafka in project strimzi by strimzi.
the class EntityUserOperatorTest method testFromCrdCaValidityAndRenewal.
@ParallelTest
public void testFromCrdCaValidityAndRenewal() {
EntityUserOperatorSpec entityUserOperatorSpec = new EntityUserOperatorSpecBuilder().build();
EntityOperatorSpec entityOperatorSpec = new EntityOperatorSpecBuilder().withUserOperator(entityUserOperatorSpec).build();
CertificateAuthority ca = new CertificateAuthority();
ca.setValidityDays(42);
ca.setRenewalDays(69);
Kafka customValues = new KafkaBuilder(ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout)).editSpec().withEntityOperator(entityOperatorSpec).withClientsCa(ca).endSpec().build();
EntityUserOperator entityUserOperator = EntityUserOperator.fromCrd(new Reconciliation("test", resource.getKind(), resource.getMetadata().getNamespace(), resource.getMetadata().getName()), customValues);
Kafka defaultValues = new KafkaBuilder(ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout)).editSpec().withEntityOperator(entityOperatorSpec).endSpec().build();
EntityUserOperator entityUserOperator2 = EntityUserOperator.fromCrd(new Reconciliation("test", resource.getKind(), resource.getMetadata().getNamespace(), resource.getMetadata().getName()), defaultValues);
assertThat(entityUserOperator.getClientsCaValidityDays(), is(42L));
assertThat(entityUserOperator.getClientsCaRenewalDays(), is(69L));
assertThat(entityUserOperator2.getClientsCaValidityDays(), is(Long.valueOf(CertificateAuthority.DEFAULT_CERTS_VALIDITY_DAYS)));
assertThat(entityUserOperator2.getClientsCaRenewalDays(), is(Long.valueOf(CertificateAuthority.DEFAULT_CERTS_RENEWAL_DAYS)));
}
use of io.strimzi.api.kafka.model.Kafka in project strimzi by strimzi.
the class EntityUserOperatorTest method testAclsAdminApiSupported.
private void testAclsAdminApiSupported(KafkaAuthorization authorizer) {
Kafka kafkaAssembly = new KafkaBuilder(ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout, jmxMetricsConfig, singletonMap("foo", "bar"), emptyMap())).editSpec().editKafka().withAuthorization(authorizer).endKafka().withNewEntityOperator().withNewUserOperator().endUserOperator().endEntityOperator().endSpec().build();
EntityUserOperator f = EntityUserOperator.fromCrd(new Reconciliation("test", resource.getKind(), resource.getMetadata().getNamespace(), resource.getMetadata().getName()), kafkaAssembly);
assertThat(f.getEnvVars().stream().filter(a -> a.getName().equals(EntityUserOperator.ENV_VAR_ACLS_ADMIN_API_SUPPORTED)).findFirst().orElseThrow().getValue(), is(String.valueOf(authorizer.supportsAdminApi())));
}
use of io.strimzi.api.kafka.model.Kafka in project strimzi by strimzi.
the class EntityUserOperatorTest method testFromCrdDefault.
@ParallelTest
public void testFromCrdDefault() {
EntityUserOperatorSpec entityUserOperatorSpec = new EntityUserOperatorSpecBuilder().build();
EntityOperatorSpec entityOperatorSpec = new EntityOperatorSpecBuilder().withUserOperator(entityUserOperatorSpec).build();
Kafka resource = new KafkaBuilder(ResourceUtils.createKafka(namespace, cluster, replicas, image, healthDelay, healthTimeout)).editSpec().withEntityOperator(entityOperatorSpec).endSpec().build();
EntityUserOperator entityUserOperator = EntityUserOperator.fromCrd(new Reconciliation("test", resource.getKind(), resource.getMetadata().getNamespace(), resource.getMetadata().getName()), resource);
assertThat(entityUserOperator.getWatchedNamespace(), is(namespace));
assertThat(entityUserOperator.getImage(), is("quay.io/strimzi/operator:latest"));
assertThat(entityUserOperator.getReconciliationIntervalMs(), is(EntityUserOperatorSpec.DEFAULT_FULL_RECONCILIATION_INTERVAL_SECONDS * 1000));
assertThat(entityUserOperator.readinessProbeOptions.getInitialDelaySeconds(), is(EntityUserOperatorSpec.DEFAULT_HEALTHCHECK_DELAY));
assertThat(entityUserOperator.readinessProbeOptions.getTimeoutSeconds(), is(EntityUserOperatorSpec.DEFAULT_HEALTHCHECK_TIMEOUT));
assertThat(entityUserOperator.livenessProbeOptions.getInitialDelaySeconds(), is(EntityUserOperatorSpec.DEFAULT_HEALTHCHECK_DELAY));
assertThat(entityUserOperator.livenessProbeOptions.getTimeoutSeconds(), is(EntityUserOperatorSpec.DEFAULT_HEALTHCHECK_TIMEOUT));
assertThat(entityUserOperator.getKafkaBootstrapServers(), is(EntityUserOperator.defaultBootstrapServers(cluster)));
assertThat(entityUserOperator.getLogging(), is(nullValue()));
assertThat(entityUserOperator.getSecretPrefix(), is(EntityUserOperatorSpec.DEFAULT_SECRET_PREFIX));
}
use of io.strimzi.api.kafka.model.Kafka in project strimzi by strimzi.
the class KafkaAssemblyOperatorCustomCertTest method testPodToRestartTrueWhenCustomCertExternalListenerThumbprintAnnotationsNotMatchingThumbprint.
@Test
public void testPodToRestartTrueWhenCustomCertExternalListenerThumbprintAnnotationsNotMatchingThumbprint(VertxTestContext context) {
Checkpoint async = context.checkpoint();
operator.createOrUpdate(new Reconciliation("test-trigger", Kafka.RESOURCE_KIND, namespace, clusterName), kafka).onComplete(context.succeeding(v -> context.verify(() -> {
StatefulSet reconcileSts = client.apps().statefulSets().inNamespace(namespace).withName(KafkaResources.kafkaStatefulSetName(clusterName)).get();
assertThat(reconcileSts.getSpec().getTemplate().getMetadata().getAnnotations(), hasEntry(KafkaCluster.ANNO_STRIMZI_CUSTOM_LISTENER_CERT_THUMBPRINTS, getTlsThumbprint()));
assertThat(functionArgumentCaptor, hasSize(1));
Function<Pod, List<String>> isPodToRestart = functionArgumentCaptor.get(0);
Pod pod = getPod(reconcileSts);
assertThat("There are no changes in broker config, the restart should not be needed", isPodToRestart.apply(pod), empty());
pod.getMetadata().getAnnotations().put(KafkaCluster.ANNO_STRIMZI_CUSTOM_LISTENER_CERT_THUMBPRINTS, Base64.getEncoder().encodeToString("Not the right one!".getBytes()));
assertThat(isPodToRestart.apply(pod).get(0), equalTo("custom certificate one or more listeners changed"));
async.flag();
})));
}
use of io.strimzi.api.kafka.model.Kafka in project strimzi by strimzi.
the class KafkaAssemblyOperatorCustomCertTest method setup.
@BeforeEach
public void setup() {
kafka = createKafka();
client = new MockKube().withCustomResourceDefinition(Crds.kafka(), Kafka.class, KafkaList.class).end().withCustomResourceDefinition(Crds.strimziPodSet(), StrimziPodSet.class, StrimziPodSetList.class).end().build();
Crds.kafkaOperation(client).inNamespace(namespace).create(kafka);
client.secrets().inNamespace(namespace).create(getTlsSecret());
client.secrets().inNamespace(namespace).create(getExternalSecret());
Secret secret = new SecretBuilder().withNewMetadata().withNamespace(namespace).withName("testkafka-cluster-operator-certs").endMetadata().addToData("foo", "bar").build();
client.secrets().inNamespace(namespace).create(secret);
ResourceOperatorSupplier supplier = new ResourceOperatorSupplier(vertx, client, mock(ZookeeperLeaderFinder.class), mock(AdminClientProvider.class), mock(ZookeeperScalerProvider.class), mock(MetricsProvider.class), new PlatformFeaturesAvailability(false, KubernetesVersion.V1_20), FeatureGates.NONE, 10000);
operator = new MockKafkaAssemblyOperator(vertx, new PlatformFeaturesAvailability(false, kubernetesVersion), certManager, passwordGenerator, supplier, config);
}
Aggregations