Search in sources :

Example 46 with KafkaClientAuthenticationOAuthBuilder

use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder in project strimzi by strimzi.

the class KafkaBridgeClusterTest method testGenerateDeploymentWithOAuthWithAccessToken.

@ParallelTest
public void testGenerateDeploymentWithOAuthWithAccessToken() {
    KafkaBridge resource = new KafkaBridgeBuilder(this.resource).editSpec().withAuthentication(new KafkaClientAuthenticationOAuthBuilder().withNewAccessToken().withSecretName("my-token-secret").withKey("my-token-key").endAccessToken().build()).endSpec().build();
    KafkaBridgeCluster kb = KafkaBridgeCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kb.generateDeployment(emptyMap(), true, null, null);
    Container cont = dep.getSpec().getTemplate().getSpec().getContainers().get(0);
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_SASL_MECHANISM.equals(var.getName())).findFirst().orElseThrow().getValue(), is("oauth"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_OAUTH_ACCESS_TOKEN.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getName(), is("my-token-secret"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_OAUTH_ACCESS_TOKEN.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getKey(), is("my-token-key"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_OAUTH_CONFIG.equals(var.getName())).findFirst().orElseThrow().getValue().isEmpty(), is(true));
}
Also used : KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) Quantity(io.fabric8.kubernetes.api.model.Quantity) CoreMatchers.is(org.hamcrest.CoreMatchers.is) IntOrString(io.fabric8.kubernetes.api.model.IntOrString) ParallelSuite(io.strimzi.test.annotations.ParallelSuite) ClientConfig(io.strimzi.kafka.oauth.client.ClientConfig) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) Collections.singletonList(java.util.Collections.singletonList) CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue) JvmOptionsBuilder(io.strimzi.api.kafka.model.JvmOptionsBuilder) KafkaBridge(io.strimzi.api.kafka.model.KafkaBridge) JaegerTracing(io.strimzi.api.kafka.model.tracing.JaegerTracing) Map(java.util.Map) ContainerEnvVar(io.strimzi.api.kafka.model.ContainerEnvVar) ResourceUtils(io.strimzi.operator.cluster.ResourceUtils) Affinity(io.fabric8.kubernetes.api.model.Affinity) KeyToPath(io.fabric8.kubernetes.api.model.KeyToPath) LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder) IpFamilyPolicy(io.strimzi.api.kafka.model.template.IpFamilyPolicy) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource) ParallelTest(io.strimzi.test.annotations.ParallelTest) Collections.emptyList(java.util.Collections.emptyList) KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) EnvVarBuilder(io.fabric8.kubernetes.api.model.EnvVarBuilder) HasMetadata(io.fabric8.kubernetes.api.model.HasMetadata) KafkaBridgeHttpConfig(io.strimzi.api.kafka.model.KafkaBridgeHttpConfig) NodeSelectorTermBuilder(io.fabric8.kubernetes.api.model.NodeSelectorTermBuilder) List(java.util.List) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) Labels(io.strimzi.operator.common.model.Labels) PodSecurityContextBuilder(io.fabric8.kubernetes.api.model.PodSecurityContextBuilder) Matchers.contains(org.hamcrest.Matchers.contains) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) TopologySpreadConstraintBuilder(io.fabric8.kubernetes.api.model.TopologySpreadConstraintBuilder) Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) EnvVar(io.fabric8.kubernetes.api.model.EnvVar) ContainerTemplate(io.strimzi.api.kafka.model.template.ContainerTemplate) Container(io.fabric8.kubernetes.api.model.Container) ResourceRequirementsBuilder(io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder) KafkaClientAuthenticationTlsBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder) IpFamily(io.strimzi.api.kafka.model.template.IpFamily) HashMap(java.util.HashMap) LocalObjectReference(io.fabric8.kubernetes.api.model.LocalObjectReference) OwnerReference(io.fabric8.kubernetes.api.model.OwnerReference) ArrayList(java.util.ArrayList) KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils) DeploymentStrategy(io.strimzi.api.kafka.model.template.DeploymentStrategy) TestUtils(io.strimzi.test.TestUtils) KafkaBridgeBuilder(io.strimzi.api.kafka.model.KafkaBridgeBuilder) Collections.singletonMap(java.util.Collections.singletonMap) Service(io.fabric8.kubernetes.api.model.Service) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) KafkaBridgeResources(io.strimzi.api.kafka.model.KafkaBridgeResources) Collections.emptyMap(java.util.Collections.emptyMap) TopologySpreadConstraint(io.fabric8.kubernetes.api.model.TopologySpreadConstraint) Toleration(io.fabric8.kubernetes.api.model.Toleration) ServerConfig(io.strimzi.kafka.oauth.server.ServerConfig) TolerationBuilder(io.fabric8.kubernetes.api.model.TolerationBuilder) AffinityBuilder(io.fabric8.kubernetes.api.model.AffinityBuilder) Reconciliation(io.strimzi.operator.common.Reconciliation) SystemPropertyBuilder(io.strimzi.api.kafka.model.SystemPropertyBuilder) ServiceAccount(io.fabric8.kubernetes.api.model.ServiceAccount) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) Collections(java.util.Collections) Container(io.fabric8.kubernetes.api.model.Container) KafkaBridge(io.strimzi.api.kafka.model.KafkaBridge) KafkaBridgeBuilder(io.strimzi.api.kafka.model.KafkaBridgeBuilder) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 47 with KafkaClientAuthenticationOAuthBuilder

use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder in project strimzi by strimzi.

the class KafkaBridgeClusterTest method testGenerateDeploymentWithOAuthWithMissingUri.

@ParallelTest
public void testGenerateDeploymentWithOAuthWithMissingUri() {
    assertThrows(InvalidResourceException.class, () -> {
        KafkaBridge resource = new KafkaBridgeBuilder(this.resource).editSpec().withAuthentication(new KafkaClientAuthenticationOAuthBuilder().withClientId("my-client-id").withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().build()).endSpec().build();
        KafkaBridgeCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    });
}
Also used : KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) KafkaBridge(io.strimzi.api.kafka.model.KafkaBridge) KafkaBridgeBuilder(io.strimzi.api.kafka.model.KafkaBridgeBuilder) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 48 with KafkaClientAuthenticationOAuthBuilder

use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder in project strimzi by strimzi.

the class KafkaBridgeClusterTest method testGenerateDeploymentWithOAuthWithTls.

@ParallelTest
public void testGenerateDeploymentWithOAuthWithTls() {
    CertSecretSource cert1 = new CertSecretSourceBuilder().withSecretName("first-certificate").withCertificate("ca.crt").build();
    CertSecretSource cert2 = new CertSecretSourceBuilder().withSecretName("second-certificate").withCertificate("tls.crt").build();
    CertSecretSource cert3 = new CertSecretSourceBuilder().withSecretName("first-certificate").withCertificate("ca2.crt").build();
    KafkaBridge resource = new KafkaBridgeBuilder(this.resource).editSpec().withAuthentication(new KafkaClientAuthenticationOAuthBuilder().withClientId("my-client-id").withTokenEndpointUri("http://my-oauth-server").withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().withDisableTlsHostnameVerification(true).withTlsTrustedCertificates(cert1, cert2, cert3).build()).endSpec().build();
    KafkaBridgeCluster kb = KafkaBridgeCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kb.generateDeployment(emptyMap(), true, null, null);
    Container cont = dep.getSpec().getTemplate().getSpec().getContainers().get(0);
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_SASL_MECHANISM.equals(var.getName())).findFirst().orElseThrow().getValue(), is("oauth"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_OAUTH_CLIENT_SECRET.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getName(), is("my-secret-secret"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_OAUTH_CLIENT_SECRET.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getKey(), is("my-secret-key"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaBridgeCluster.ENV_VAR_KAFKA_BRIDGE_OAUTH_CONFIG.equals(var.getName())).findFirst().orElseThrow().getValue().trim(), is(String.format("%s=\"%s\" %s=\"%s\" %s=\"%s\"", ClientConfig.OAUTH_CLIENT_ID, "my-client-id", ClientConfig.OAUTH_TOKEN_ENDPOINT_URI, "http://my-oauth-server", ServerConfig.OAUTH_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM, "")));
    // Volume mounts
    assertThat(cont.getVolumeMounts().stream().filter(mount -> "oauth-certs-0".equals(mount.getName())).findFirst().orElseThrow().getMountPath(), is(KafkaBridgeCluster.OAUTH_TLS_CERTS_BASE_VOLUME_MOUNT + "/first-certificate-0"));
    assertThat(cont.getVolumeMounts().stream().filter(mount -> "oauth-certs-1".equals(mount.getName())).findFirst().orElseThrow().getMountPath(), is(KafkaBridgeCluster.OAUTH_TLS_CERTS_BASE_VOLUME_MOUNT + "/second-certificate-1"));
    assertThat(cont.getVolumeMounts().stream().filter(mount -> "oauth-certs-2".equals(mount.getName())).findFirst().orElseThrow().getMountPath(), is(KafkaBridgeCluster.OAUTH_TLS_CERTS_BASE_VOLUME_MOUNT + "/first-certificate-2"));
    // Volumes
    List<KeyToPath> cert1Items = dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-0".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems();
    assertThat(cert1Items.size(), is(1));
    assertThat(cert1Items.get(0).getKey(), is("ca.crt"));
    assertThat(cert1Items.get(0).getPath(), is("tls.crt"));
    List<KeyToPath> cert2Items = dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-1".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems();
    assertThat(cert2Items.size(), is(1));
    assertThat(cert2Items.get(0).getKey(), is("tls.crt"));
    assertThat(cert2Items.get(0).getPath(), is("tls.crt"));
    List<KeyToPath> cert3Items = dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-2".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems();
    assertThat(cert3Items.size(), is(1));
    assertThat(cert3Items.get(0).getKey(), is("ca2.crt"));
    assertThat(cert3Items.get(0).getPath(), is("tls.crt"));
}
Also used : KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) Quantity(io.fabric8.kubernetes.api.model.Quantity) CoreMatchers.is(org.hamcrest.CoreMatchers.is) IntOrString(io.fabric8.kubernetes.api.model.IntOrString) ParallelSuite(io.strimzi.test.annotations.ParallelSuite) ClientConfig(io.strimzi.kafka.oauth.client.ClientConfig) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) Collections.singletonList(java.util.Collections.singletonList) CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue) JvmOptionsBuilder(io.strimzi.api.kafka.model.JvmOptionsBuilder) KafkaBridge(io.strimzi.api.kafka.model.KafkaBridge) JaegerTracing(io.strimzi.api.kafka.model.tracing.JaegerTracing) Map(java.util.Map) ContainerEnvVar(io.strimzi.api.kafka.model.ContainerEnvVar) ResourceUtils(io.strimzi.operator.cluster.ResourceUtils) Affinity(io.fabric8.kubernetes.api.model.Affinity) KeyToPath(io.fabric8.kubernetes.api.model.KeyToPath) LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder) IpFamilyPolicy(io.strimzi.api.kafka.model.template.IpFamilyPolicy) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource) ParallelTest(io.strimzi.test.annotations.ParallelTest) Collections.emptyList(java.util.Collections.emptyList) KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) EnvVarBuilder(io.fabric8.kubernetes.api.model.EnvVarBuilder) HasMetadata(io.fabric8.kubernetes.api.model.HasMetadata) KafkaBridgeHttpConfig(io.strimzi.api.kafka.model.KafkaBridgeHttpConfig) NodeSelectorTermBuilder(io.fabric8.kubernetes.api.model.NodeSelectorTermBuilder) List(java.util.List) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) Labels(io.strimzi.operator.common.model.Labels) PodSecurityContextBuilder(io.fabric8.kubernetes.api.model.PodSecurityContextBuilder) Matchers.contains(org.hamcrest.Matchers.contains) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) TopologySpreadConstraintBuilder(io.fabric8.kubernetes.api.model.TopologySpreadConstraintBuilder) Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) EnvVar(io.fabric8.kubernetes.api.model.EnvVar) ContainerTemplate(io.strimzi.api.kafka.model.template.ContainerTemplate) Container(io.fabric8.kubernetes.api.model.Container) ResourceRequirementsBuilder(io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder) KafkaClientAuthenticationTlsBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder) IpFamily(io.strimzi.api.kafka.model.template.IpFamily) HashMap(java.util.HashMap) LocalObjectReference(io.fabric8.kubernetes.api.model.LocalObjectReference) OwnerReference(io.fabric8.kubernetes.api.model.OwnerReference) ArrayList(java.util.ArrayList) KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils) DeploymentStrategy(io.strimzi.api.kafka.model.template.DeploymentStrategy) TestUtils(io.strimzi.test.TestUtils) KafkaBridgeBuilder(io.strimzi.api.kafka.model.KafkaBridgeBuilder) Collections.singletonMap(java.util.Collections.singletonMap) Service(io.fabric8.kubernetes.api.model.Service) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) KafkaBridgeResources(io.strimzi.api.kafka.model.KafkaBridgeResources) Collections.emptyMap(java.util.Collections.emptyMap) TopologySpreadConstraint(io.fabric8.kubernetes.api.model.TopologySpreadConstraint) Toleration(io.fabric8.kubernetes.api.model.Toleration) ServerConfig(io.strimzi.kafka.oauth.server.ServerConfig) TolerationBuilder(io.fabric8.kubernetes.api.model.TolerationBuilder) AffinityBuilder(io.fabric8.kubernetes.api.model.AffinityBuilder) Reconciliation(io.strimzi.operator.common.Reconciliation) SystemPropertyBuilder(io.strimzi.api.kafka.model.SystemPropertyBuilder) ServiceAccount(io.fabric8.kubernetes.api.model.ServiceAccount) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) Collections(java.util.Collections) KeyToPath(io.fabric8.kubernetes.api.model.KeyToPath) Container(io.fabric8.kubernetes.api.model.Container) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) KafkaBridge(io.strimzi.api.kafka.model.KafkaBridge) KafkaBridgeBuilder(io.strimzi.api.kafka.model.KafkaBridgeBuilder) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 49 with KafkaClientAuthenticationOAuthBuilder

use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder in project strimzi-kafka-operator by strimzi.

the class KafkaConnectClusterTest method testGenerateDeploymentWithOAuthWithTls.

@ParallelTest
public void testGenerateDeploymentWithOAuthWithTls() {
    CertSecretSource cert1 = new CertSecretSourceBuilder().withSecretName("first-certificate").withCertificate("ca.crt").build();
    CertSecretSource cert2 = new CertSecretSourceBuilder().withSecretName("second-certificate").withCertificate("tls.crt").build();
    CertSecretSource cert3 = new CertSecretSourceBuilder().withSecretName("first-certificate").withCertificate("ca2.crt").build();
    KafkaConnect resource = new KafkaConnectBuilder(this.resource).editSpec().withAuthentication(new KafkaClientAuthenticationOAuthBuilder().withClientId("my-client-id").withTokenEndpointUri("http://my-oauth-server").withNewClientSecret().withSecretName("my-secret-secret").withKey("my-secret-key").endClientSecret().withDisableTlsHostnameVerification(true).withTlsTrustedCertificates(cert1, cert2, cert3).build()).endSpec().build();
    KafkaConnectCluster kc = KafkaConnectCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kc.generateDeployment(emptyMap(), true, null, null);
    Container cont = dep.getSpec().getTemplate().getSpec().getContainers().get(0);
    assertThat(cont.getEnv().stream().filter(var -> KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_SASL_MECHANISM.equals(var.getName())).findFirst().orElseThrow().getValue(), is("oauth"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_OAUTH_CLIENT_SECRET.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getName(), is("my-secret-secret"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_OAUTH_CLIENT_SECRET.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getKey(), is("my-secret-key"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_OAUTH_CONFIG.equals(var.getName())).findFirst().orElseThrow().getValue().trim(), is(String.format("%s=\"%s\" %s=\"%s\" %s=\"%s\"", ClientConfig.OAUTH_CLIENT_ID, "my-client-id", ClientConfig.OAUTH_TOKEN_ENDPOINT_URI, "http://my-oauth-server", ServerConfig.OAUTH_SSL_ENDPOINT_IDENTIFICATION_ALGORITHM, "")));
    // Volume mounts
    assertThat(cont.getVolumeMounts().stream().filter(mount -> "oauth-certs-0".equals(mount.getName())).findFirst().orElseThrow().getMountPath(), is(KafkaConnectCluster.OAUTH_TLS_CERTS_BASE_VOLUME_MOUNT + "/first-certificate-0"));
    assertThat(cont.getVolumeMounts().stream().filter(mount -> "oauth-certs-1".equals(mount.getName())).findFirst().orElseThrow().getMountPath(), is(KafkaConnectCluster.OAUTH_TLS_CERTS_BASE_VOLUME_MOUNT + "/second-certificate-1"));
    assertThat(cont.getVolumeMounts().stream().filter(mount -> "oauth-certs-2".equals(mount.getName())).findFirst().orElseThrow().getMountPath(), is(KafkaConnectCluster.OAUTH_TLS_CERTS_BASE_VOLUME_MOUNT + "/first-certificate-2"));
    // Volumes
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-0".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().size(), is(1));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-0".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().get(0).getKey(), is("ca.crt"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-0".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().get(0).getPath(), is("tls.crt"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-1".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().size(), is(1));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-1".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().get(0).getKey(), is("tls.crt"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-1".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().get(0).getPath(), is("tls.crt"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-2".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().size(), is(1));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-2".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().get(0).getKey(), is("ca2.crt"));
    assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().stream().filter(vol -> "oauth-certs-2".equals(vol.getName())).findFirst().orElseThrow().getSecret().getItems().get(0).getPath(), is("tls.crt"));
}
Also used : KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) Quantity(io.fabric8.kubernetes.api.model.Quantity) VolumeMount(io.fabric8.kubernetes.api.model.VolumeMount) CoreMatchers.is(org.hamcrest.CoreMatchers.is) OrderedProperties(io.strimzi.operator.common.model.OrderedProperties) CoreMatchers.hasItem(org.hamcrest.CoreMatchers.hasItem) ConfigMapVolumeSourceBuilder(io.fabric8.kubernetes.api.model.ConfigMapVolumeSourceBuilder) IntOrString(io.fabric8.kubernetes.api.model.IntOrString) ParallelSuite(io.strimzi.test.annotations.ParallelSuite) ExternalConfigurationEnv(io.strimzi.api.kafka.model.connect.ExternalConfigurationEnv) Rack(io.strimzi.api.kafka.model.Rack) CoreMatchers.startsWith(org.hamcrest.CoreMatchers.startsWith) SecurityContextBuilder(io.fabric8.kubernetes.api.model.SecurityContextBuilder) ClientConfig(io.strimzi.kafka.oauth.client.ClientConfig) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) Collections.singletonList(java.util.Collections.singletonList) CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue) ResourceRequirements(io.fabric8.kubernetes.api.model.ResourceRequirements) ExternalConfigurationEnvBuilder(io.strimzi.api.kafka.model.connect.ExternalConfigurationEnvBuilder) Map(java.util.Map) ContainerEnvVar(io.strimzi.api.kafka.model.ContainerEnvVar) ResourceUtils(io.strimzi.operator.cluster.ResourceUtils) KafkaJmxOptionsBuilder(io.strimzi.api.kafka.model.KafkaJmxOptionsBuilder) SecretVolumeSourceBuilder(io.fabric8.kubernetes.api.model.SecretVolumeSourceBuilder) Probe(io.strimzi.api.kafka.model.Probe) KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect) ExternalConfigurationVolumeSourceBuilder(io.strimzi.api.kafka.model.connect.ExternalConfigurationVolumeSourceBuilder) LabelSelectorBuilder(io.fabric8.kubernetes.api.model.LabelSelectorBuilder) IpFamilyPolicy(io.strimzi.api.kafka.model.template.IpFamilyPolicy) CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource) ParallelTest(io.strimzi.test.annotations.ParallelTest) Collections.emptyList(java.util.Collections.emptyList) Matchers.allOf(org.hamcrest.Matchers.allOf) KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) KafkaConnectBuilder(io.strimzi.api.kafka.model.KafkaConnectBuilder) EnvVarBuilder(io.fabric8.kubernetes.api.model.EnvVarBuilder) HasMetadata(io.fabric8.kubernetes.api.model.HasMetadata) Collectors(java.util.stream.Collectors) List(java.util.List) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) Labels(io.strimzi.operator.common.model.Labels) PodSecurityContextBuilder(io.fabric8.kubernetes.api.model.PodSecurityContextBuilder) Matchers.contains(org.hamcrest.Matchers.contains) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) HostAliasBuilder(io.fabric8.kubernetes.api.model.HostAliasBuilder) Secret(io.fabric8.kubernetes.api.model.Secret) TopologySpreadConstraintBuilder(io.fabric8.kubernetes.api.model.TopologySpreadConstraintBuilder) Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) EnvVar(io.fabric8.kubernetes.api.model.EnvVar) ContainerTemplate(io.strimzi.api.kafka.model.template.ContainerTemplate) Container(io.fabric8.kubernetes.api.model.Container) CoreMatchers.equalTo(org.hamcrest.CoreMatchers.equalTo) ResourceRequirementsBuilder(io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder) KafkaClientAuthenticationTlsBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder) IpFamily(io.strimzi.api.kafka.model.template.IpFamily) HashMap(java.util.HashMap) LocalObjectReference(io.fabric8.kubernetes.api.model.LocalObjectReference) OwnerReference(io.fabric8.kubernetes.api.model.OwnerReference) MetricsAndLogging(io.strimzi.operator.common.MetricsAndLogging) ArrayList(java.util.ArrayList) Matchers.hasProperty(org.hamcrest.Matchers.hasProperty) HostAlias(io.fabric8.kubernetes.api.model.HostAlias) JmxPrometheusExporterMetrics(io.strimzi.api.kafka.model.JmxPrometheusExporterMetrics) SecurityContext(io.fabric8.kubernetes.api.model.SecurityContext) JmxPrometheusExporterMetricsBuilder(io.strimzi.api.kafka.model.JmxPrometheusExporterMetricsBuilder) KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils) PodSpec(io.fabric8.kubernetes.api.model.PodSpec) DeploymentStrategy(io.strimzi.api.kafka.model.template.DeploymentStrategy) MetricsConfig(io.strimzi.api.kafka.model.MetricsConfig) TestUtils(io.strimzi.test.TestUtils) Collections.singletonMap(java.util.Collections.singletonMap) Service(io.fabric8.kubernetes.api.model.Service) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) Volume(io.fabric8.kubernetes.api.model.Volume) Matchers.hasEntry(org.hamcrest.Matchers.hasEntry) Collections.emptyMap(java.util.Collections.emptyMap) TopologySpreadConstraint(io.fabric8.kubernetes.api.model.TopologySpreadConstraint) ExternalConfigurationVolumeSource(io.strimzi.api.kafka.model.connect.ExternalConfigurationVolumeSource) KafkaJmxAuthenticationPasswordBuilder(io.strimzi.api.kafka.model.KafkaJmxAuthenticationPasswordBuilder) ServerConfig(io.strimzi.kafka.oauth.server.ServerConfig) IOException(java.io.IOException) ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap) Reconciliation(io.strimzi.operator.common.Reconciliation) SecretKeySelectorBuilder(io.fabric8.kubernetes.api.model.SecretKeySelectorBuilder) ConfigMapKeySelectorBuilder(io.fabric8.kubernetes.api.model.ConfigMapKeySelectorBuilder) NetworkPolicy(io.fabric8.kubernetes.api.model.networking.v1.NetworkPolicy) ServiceAccount(io.fabric8.kubernetes.api.model.ServiceAccount) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) Collections(java.util.Collections) KafkaConnectResources(io.strimzi.api.kafka.model.KafkaConnectResources) KafkaConnectBuilder(io.strimzi.api.kafka.model.KafkaConnectBuilder) Container(io.fabric8.kubernetes.api.model.Container) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect) CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Example 50 with KafkaClientAuthenticationOAuthBuilder

use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder in project strimzi-kafka-operator by strimzi.

the class KafkaMirrorMakerClusterTest method testGenerateDeploymentWithProducerOAuthWithAccessToken.

@ParallelTest
public void testGenerateDeploymentWithProducerOAuthWithAccessToken() {
    KafkaMirrorMaker resource = new KafkaMirrorMakerBuilder(this.resource).editSpec().editProducer().withAuthentication(new KafkaClientAuthenticationOAuthBuilder().withNewAccessToken().withSecretName("my-token-secret").withKey("my-token-key").endAccessToken().build()).endProducer().endSpec().build();
    KafkaMirrorMakerCluster kc = KafkaMirrorMakerCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
    Deployment dep = kc.generateDeployment(emptyMap(), true, null, null);
    Container cont = dep.getSpec().getTemplate().getSpec().getContainers().get(0);
    assertThat(cont.getEnv().stream().filter(var -> KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_SASL_MECHANISM_PRODUCER.equals(var.getName())).findFirst().orElseThrow().getValue(), is("oauth"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_OAUTH_ACCESS_TOKEN_PRODUCER.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getName(), is("my-token-secret"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_OAUTH_ACCESS_TOKEN_PRODUCER.equals(var.getName())).findFirst().orElseThrow().getValueFrom().getSecretKeyRef().getKey(), is("my-token-key"));
    assertThat(cont.getEnv().stream().filter(var -> KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_OAUTH_CONFIG_PRODUCER.equals(var.getName())).findFirst().orElseThrow().getValue().isEmpty(), is(true));
}
Also used : KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) Quantity(io.fabric8.kubernetes.api.model.Quantity) KafkaMirrorMakerProducerSpecBuilder(io.strimzi.api.kafka.model.KafkaMirrorMakerProducerSpecBuilder) CoreMatchers.is(org.hamcrest.CoreMatchers.is) KafkaMirrorMakerResources(io.strimzi.api.kafka.model.KafkaMirrorMakerResources) IntOrString(io.fabric8.kubernetes.api.model.IntOrString) ParallelSuite(io.strimzi.test.annotations.ParallelSuite) ClientConfig(io.strimzi.kafka.oauth.client.ClientConfig) PodDisruptionBudget(io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget) Collections.singletonList(java.util.Collections.singletonList) CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue) Map(java.util.Map) ContainerEnvVar(io.strimzi.api.kafka.model.ContainerEnvVar) ResourceUtils(io.strimzi.operator.cluster.ResourceUtils) CertSecretSource(io.strimzi.api.kafka.model.CertSecretSource) ParallelTest(io.strimzi.test.annotations.ParallelTest) KafkaMirrorMaker(io.strimzi.api.kafka.model.KafkaMirrorMaker) KafkaClientAuthenticationOAuthBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder) EnvVarBuilder(io.fabric8.kubernetes.api.model.EnvVarBuilder) HasMetadata(io.fabric8.kubernetes.api.model.HasMetadata) List(java.util.List) CertSecretSourceBuilder(io.strimzi.api.kafka.model.CertSecretSourceBuilder) Labels(io.strimzi.operator.common.model.Labels) KafkaMirrorMakerConsumerSpecBuilder(io.strimzi.api.kafka.model.KafkaMirrorMakerConsumerSpecBuilder) PodSecurityContextBuilder(io.fabric8.kubernetes.api.model.PodSecurityContextBuilder) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) HostAliasBuilder(io.fabric8.kubernetes.api.model.HostAliasBuilder) LINE_SEPARATOR(io.strimzi.test.TestUtils.LINE_SEPARATOR) Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) EnvVar(io.fabric8.kubernetes.api.model.EnvVar) ContainerTemplate(io.strimzi.api.kafka.model.template.ContainerTemplate) Container(io.fabric8.kubernetes.api.model.Container) KafkaMirrorMakerConsumerSpec(io.strimzi.api.kafka.model.KafkaMirrorMakerConsumerSpec) ResourceRequirementsBuilder(io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder) KafkaClientAuthenticationTlsBuilder(io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder) HashMap(java.util.HashMap) LocalObjectReference(io.fabric8.kubernetes.api.model.LocalObjectReference) OwnerReference(io.fabric8.kubernetes.api.model.OwnerReference) MetricsAndLogging(io.strimzi.operator.common.MetricsAndLogging) ArrayList(java.util.ArrayList) HostAlias(io.fabric8.kubernetes.api.model.HostAlias) JmxPrometheusExporterMetrics(io.strimzi.api.kafka.model.JmxPrometheusExporterMetrics) JmxPrometheusExporterMetricsBuilder(io.strimzi.api.kafka.model.JmxPrometheusExporterMetricsBuilder) KafkaVersionTestUtils(io.strimzi.operator.cluster.KafkaVersionTestUtils) DeploymentStrategy(io.strimzi.api.kafka.model.template.DeploymentStrategy) MetricsConfig(io.strimzi.api.kafka.model.MetricsConfig) KafkaMirrorMakerBuilder(io.strimzi.api.kafka.model.KafkaMirrorMakerBuilder) KafkaMirrorMakerProducerSpec(io.strimzi.api.kafka.model.KafkaMirrorMakerProducerSpec) TestUtils(io.strimzi.test.TestUtils) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue) Probe(io.fabric8.kubernetes.api.model.Probe) Collections.emptyMap(java.util.Collections.emptyMap) ServerConfig(io.strimzi.kafka.oauth.server.ServerConfig) ConfigMap(io.fabric8.kubernetes.api.model.ConfigMap) Reconciliation(io.strimzi.operator.common.Reconciliation) ConfigMapKeySelectorBuilder(io.fabric8.kubernetes.api.model.ConfigMapKeySelectorBuilder) ServiceAccount(io.fabric8.kubernetes.api.model.ServiceAccount) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) Collections(java.util.Collections) KafkaMirrorMakerBuilder(io.strimzi.api.kafka.model.KafkaMirrorMakerBuilder) Container(io.fabric8.kubernetes.api.model.Container) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) KafkaMirrorMaker(io.strimzi.api.kafka.model.KafkaMirrorMaker) ParallelTest(io.strimzi.test.annotations.ParallelTest)

Aggregations

KafkaClientAuthenticationOAuthBuilder (io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationOAuthBuilder)70 ParallelTest (io.strimzi.test.annotations.ParallelTest)66 CertSecretSource (io.strimzi.api.kafka.model.CertSecretSource)50 CertSecretSourceBuilder (io.strimzi.api.kafka.model.CertSecretSourceBuilder)50 Container (io.fabric8.kubernetes.api.model.Container)46 EnvVar (io.fabric8.kubernetes.api.model.EnvVar)46 EnvVarBuilder (io.fabric8.kubernetes.api.model.EnvVarBuilder)46 HasMetadata (io.fabric8.kubernetes.api.model.HasMetadata)46 IntOrString (io.fabric8.kubernetes.api.model.IntOrString)46 LocalObjectReference (io.fabric8.kubernetes.api.model.LocalObjectReference)46 OwnerReference (io.fabric8.kubernetes.api.model.OwnerReference)46 PodSecurityContextBuilder (io.fabric8.kubernetes.api.model.PodSecurityContextBuilder)46 Quantity (io.fabric8.kubernetes.api.model.Quantity)46 ResourceRequirementsBuilder (io.fabric8.kubernetes.api.model.ResourceRequirementsBuilder)46 ServiceAccount (io.fabric8.kubernetes.api.model.ServiceAccount)46 Deployment (io.fabric8.kubernetes.api.model.apps.Deployment)46 PodDisruptionBudget (io.fabric8.kubernetes.api.model.policy.v1.PodDisruptionBudget)46 ContainerEnvVar (io.strimzi.api.kafka.model.ContainerEnvVar)46 KafkaClientAuthenticationTlsBuilder (io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder)46 ContainerTemplate (io.strimzi.api.kafka.model.template.ContainerTemplate)46