Example 21 with KafkaUserBuilder
use of io.strimzi.api.kafka.model.KafkaUserBuilder in project strimzi by strimzi.
the class KafkaUserModelTest method testFromCrdScramShaUserWithPasswordParsing.
@Test
public void testFromCrdScramShaUserWithPasswordParsing() {
KafkaUser user = new KafkaUserBuilder(scramShaUser).editSpec().withNewKafkaUserScramSha512ClientAuthentication().withNewPassword().withNewValueFrom().withNewSecretKeyRef("my-password", "my-secret", false).endValueFrom().endPassword().endKafkaUserScramSha512ClientAuthentication().endSpec().build();
KafkaUserModel model = KafkaUserModel.fromCrd(user, UserOperatorConfig.DEFAULT_SECRET_PREFIX, UserOperatorConfig.DEFAULT_STRIMZI_ACLS_ADMIN_API_SUPPORTED);
assertThat(model.isUserWithDesiredPassword(), is(true));
assertThat(model.desiredPasswordSecretKey(), is("my-password"));
assertThat(model.desiredPasswordSecretName(), is("my-secret"));
}
Also used :
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Example 22 with KafkaUserBuilder
use of io.strimzi.api.kafka.model.KafkaUserBuilder in project strimzi by strimzi.
the class KafkaUserModelTest method testGenerateSecretWithMetadataOverrides.
@Test
public void testGenerateSecretWithMetadataOverrides() {
KafkaUser userWithTemplate = new KafkaUserBuilder(tlsUser).editSpec().withNewTemplate().withNewSecret().withNewMetadata().withLabels(singletonMap("label1", "value1")).withAnnotations(singletonMap("anno1", "value1")).endMetadata().endSecret().endTemplate().endSpec().build();
KafkaUserModel model = KafkaUserModel.fromCrd(userWithTemplate, UserOperatorConfig.DEFAULT_SECRET_PREFIX, UserOperatorConfig.DEFAULT_STRIMZI_ACLS_ADMIN_API_SUPPORTED);
model.maybeGenerateCertificates(Reconciliation.DUMMY_RECONCILIATION, mockCertManager, passwordGenerator, clientsCaCert, clientsCaKey, null, 365, 30);
Secret generatedSecret = model.generateSecret();
assertThat(generatedSecret.getData().keySet(), is(set("ca.crt", "user.crt", "user.key", "user.p12", "user.password")));
assertThat(generatedSecret.getMetadata().getName(), is(ResourceUtils.NAME));
assertThat(generatedSecret.getMetadata().getNamespace(), is(ResourceUtils.NAMESPACE));
assertThat(generatedSecret.getMetadata().getLabels(), is(Labels.fromMap(ResourceUtils.LABELS).withStrimziKind(KafkaUser.RESOURCE_KIND).withKubernetesName(KafkaUserModel.KAFKA_USER_OPERATOR_NAME).withKubernetesInstance(ResourceUtils.NAME).withKubernetesPartOf(ResourceUtils.NAME).withKubernetesManagedBy(KafkaUserModel.KAFKA_USER_OPERATOR_NAME).withAdditionalLabels(singletonMap("label1", "value1")).toMap()));
assertThat(generatedSecret.getMetadata().getAnnotations(), is(singletonMap("anno1", "value1")));
// Check owner reference
checkOwnerReference(model.createOwnerReference(), generatedSecret);
}
Also used :
Secret(io.fabric8.kubernetes.api.model.Secret)
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Example 23 with KafkaUserBuilder
use of io.strimzi.api.kafka.model.KafkaUserBuilder in project strimzi by strimzi.
the class KafkaUserModelTest method testGenerateSecretUseDesiredPasswordIsEmpty.
@Test
public void testGenerateSecretUseDesiredPasswordIsEmpty() {
KafkaUser user = new KafkaUserBuilder(scramShaUser).editSpec().withNewKafkaUserScramSha512ClientAuthentication().withNewPassword().withNewValueFrom().withNewSecretKeyRef("my-password", "my-secret", false).endValueFrom().endPassword().endKafkaUserScramSha512ClientAuthentication().endSpec().build();
Secret desiredPasswordSecret = new SecretBuilder().withNewMetadata().withName("my-secret").endMetadata().addToData("my-password", Base64.getEncoder().encodeToString("".getBytes(StandardCharsets.UTF_8))).build();
KafkaUserModel model = KafkaUserModel.fromCrd(user, UserOperatorConfig.DEFAULT_SECRET_PREFIX, UserOperatorConfig.DEFAULT_STRIMZI_ACLS_ADMIN_API_SUPPORTED);
InvalidResourceException e = assertThrows(InvalidResourceException.class, () -> {
model.maybeGeneratePassword(Reconciliation.DUMMY_RECONCILIATION, passwordGenerator, null, desiredPasswordSecret);
});
assertThat(e.getMessage(), is("The requested user password is empty."));
}
Also used :
Secret(io.fabric8.kubernetes.api.model.Secret)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
InvalidResourceException(io.strimzi.operator.cluster.model.InvalidResourceException)
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Example 24 with KafkaUserBuilder
use of io.strimzi.api.kafka.model.KafkaUserBuilder in project strimzi by strimzi.
the class KafkaUserModelTest method testFromCrdTlsUserWith65CharTlsUsernameThrows.
@Test
public void testFromCrdTlsUserWith65CharTlsUsernameThrows() {
KafkaUser tooLong = new KafkaUserBuilder(tlsUser).editMetadata().withName("User-123456789012345678901234567890123456789012345678901234567890").endMetadata().build();
assertThrows(InvalidResourceException.class, () -> {
// 65 characters => Should throw exception with TLS
KafkaUserModel.fromCrd(tooLong, UserOperatorConfig.DEFAULT_SECRET_PREFIX, UserOperatorConfig.DEFAULT_STRIMZI_ACLS_ADMIN_API_SUPPORTED);
});
}
Also used :
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Example 25 with KafkaUserBuilder
use of io.strimzi.api.kafka.model.KafkaUserBuilder in project strimzi by strimzi.
the class KafkaUserModelTest method testFromCrdScramShaUserWith65CharSaslUsernameValid.
@Test
public void testFromCrdScramShaUserWith65CharSaslUsernameValid() {
// 65 characters => should work with SCRAM-SHA-512
KafkaUser tooLong = new KafkaUserBuilder(scramShaUser).editMetadata().withName("User-123456789012345678901234567890123456789012345678901234567890").endMetadata().build();
KafkaUserModel.fromCrd(tooLong, UserOperatorConfig.DEFAULT_SECRET_PREFIX, UserOperatorConfig.DEFAULT_STRIMZI_ACLS_ADMIN_API_SUPPORTED);
}
Also used :
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Aggregations
KafkaUser (io.strimzi.api.kafka.model.KafkaUser)30
KafkaUserBuilder (io.strimzi.api.kafka.model.KafkaUserBuilder)30
Test (org.junit.jupiter.api.Test)30
Secret (io.fabric8.kubernetes.api.model.Secret)16
SecretBuilder (io.fabric8.kubernetes.api.model.SecretBuilder)14
InvalidResourceException (io.strimzi.operator.cluster.model.InvalidResourceException)10
HashSet (java.util.HashSet)10
LabelSelector (io.fabric8.kubernetes.api.model.LabelSelector)6
KafkaUserQuotas (io.strimzi.api.kafka.model.KafkaUserQuotas)6
KafkaUserStatus (io.strimzi.api.kafka.model.status.KafkaUserStatus)6
CertManager (io.strimzi.certs.CertManager)6
Reconciliation (io.strimzi.operator.common.Reconciliation)6
Labels (io.strimzi.operator.common.model.Labels)6
MockCertManager (io.strimzi.operator.common.operator.MockCertManager)6
CrdOperator (io.strimzi.operator.common.operator.resource.CrdOperator)6
SecretOperator (io.strimzi.operator.common.operator.resource.SecretOperator)6
ResourceUtils (io.strimzi.operator.user.ResourceUtils)6
KafkaUserModel (io.strimzi.operator.user.model.KafkaUserModel)6
SimpleAclRule (io.strimzi.operator.user.model.acl.SimpleAclRule)6
Future (io.vertx.core.Future)6
