use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder in project strimzi-kafka-operator by strimzi.
the class KafkaConnectClusterTest method testGenerateDeploymentWithTlsSameSecret.
@ParallelTest
public void testGenerateDeploymentWithTlsSameSecret() {
KafkaConnect resource = new KafkaConnectBuilder(this.resource).editSpec().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("my-secret").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).endSpec().build();
KafkaConnectCluster kc = KafkaConnectCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
Deployment dep = kc.generateDeployment(emptyMap(), true, null, null);
// 3 = 1 temp volume + 1 volume from logging/metrics + just 1 from above certs Secret
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().size(), is(3));
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(2).getName(), is("my-secret"));
}
use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder in project strimzi-kafka-operator by strimzi.
the class KafkaConnectClusterTest method testGenerateDeploymentWithTlsAuth.
@ParallelTest
public void testGenerateDeploymentWithTlsAuth() {
KafkaConnect resource = new KafkaConnectBuilder(this.resource).editSpec().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("user-secret").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).endSpec().build();
KafkaConnectCluster kc = KafkaConnectCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
Deployment dep = kc.generateDeployment(emptyMap(), true, null, null);
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(3).getName(), is("user-secret"));
List<Container> containers = dep.getSpec().getTemplate().getSpec().getContainers();
assertThat(containers.get(0).getVolumeMounts().get(3).getMountPath(), is(KafkaConnectCluster.TLS_CERTS_BASE_VOLUME_MOUNT + "user-secret"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_TLS_AUTH_CERT), is("user-secret/user.crt"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_TLS_AUTH_KEY), is("user-secret/user.key"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_TLS), is("true"));
}
use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder in project strimzi-kafka-operator by strimzi.
the class KafkaMirrorMakerClusterTest method testGenerateDeploymentWithTlsSameSecret.
@ParallelTest
public void testGenerateDeploymentWithTlsSameSecret() {
KafkaMirrorMaker resource = new KafkaMirrorMakerBuilder(this.resource).editSpec().editOrNewConsumer().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret-c").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("my-secret-c").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).endConsumer().editOrNewProducer().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret-p").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("my-secret-p").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).endProducer().endSpec().build();
KafkaMirrorMakerCluster mmc = KafkaMirrorMakerCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
Deployment dep = mmc.generateDeployment(emptyMap(), true, null, null);
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().size(), is(4));
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(0).getName(), is(AbstractModel.STRIMZI_TMP_DIRECTORY_DEFAULT_VOLUME_NAME));
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(2).getName(), is("my-secret-p"));
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(3).getName(), is("my-secret-c"));
}
use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder in project strimzi-kafka-operator by strimzi.
the class KafkaMirrorMakerClusterTest method testGenerateDeploymentWithTlsAuth.
@ParallelTest
public void testGenerateDeploymentWithTlsAuth() {
KafkaMirrorMaker resource = new KafkaMirrorMakerBuilder(this.resource).editSpec().editOrNewConsumer().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret-c").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("user-secret-c").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).endConsumer().editOrNewProducer().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret-p").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("user-secret-p").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).endProducer().endSpec().build();
KafkaMirrorMakerCluster mmc = KafkaMirrorMakerCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
Deployment dep = mmc.generateDeployment(emptyMap(), true, null, null);
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(5).getName(), is("user-secret-c"));
List<Container> containers = dep.getSpec().getTemplate().getSpec().getContainers();
assertThat(containers.get(0).getVolumeMounts().get(5).getMountPath(), is(KafkaMirrorMakerCluster.TLS_CERTS_VOLUME_MOUNT_CONSUMER + "user-secret-c"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_TLS_AUTH_CERT_CONSUMER), is("user-secret-c/user.crt"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_TLS_AUTH_KEY_CONSUMER), is("user-secret-c/user.key"));
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(3).getName(), is("user-secret-p"));
assertThat(containers.get(0).getVolumeMounts().get(3).getMountPath(), is(KafkaMirrorMakerCluster.TLS_CERTS_VOLUME_MOUNT_PRODUCER + "user-secret-p"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_TLS_AUTH_CERT_PRODUCER), is("user-secret-p/user.crt"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaMirrorMakerCluster.ENV_VAR_KAFKA_MIRRORMAKER_TLS_AUTH_KEY_PRODUCER), is("user-secret-p/user.key"));
}
use of io.strimzi.api.kafka.model.authentication.KafkaClientAuthenticationTlsBuilder in project strimzi by strimzi.
the class KafkaConnectClusterTest method testGenerateDeploymentWithTlsAuth.
@ParallelTest
public void testGenerateDeploymentWithTlsAuth() {
KafkaConnect resource = new KafkaConnectBuilder(this.resource).editSpec().editOrNewTls().addToTrustedCertificates(new CertSecretSourceBuilder().withSecretName("my-secret").withCertificate("cert.crt").build()).endTls().withAuthentication(new KafkaClientAuthenticationTlsBuilder().withNewCertificateAndKey().withSecretName("user-secret").withCertificate("user.crt").withKey("user.key").endCertificateAndKey().build()).endSpec().build();
KafkaConnectCluster kc = KafkaConnectCluster.fromCrd(Reconciliation.DUMMY_RECONCILIATION, resource, VERSIONS);
Deployment dep = kc.generateDeployment(emptyMap(), true, null, null);
assertThat(dep.getSpec().getTemplate().getSpec().getVolumes().get(3).getName(), is("user-secret"));
List<Container> containers = dep.getSpec().getTemplate().getSpec().getContainers();
assertThat(containers.get(0).getVolumeMounts().get(3).getMountPath(), is(KafkaConnectCluster.TLS_CERTS_BASE_VOLUME_MOUNT + "user-secret"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_TLS_AUTH_CERT), is("user-secret/user.crt"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_TLS_AUTH_KEY), is("user-secret/user.key"));
assertThat(AbstractModel.containerEnvVars(containers.get(0)).get(KafkaConnectCluster.ENV_VAR_KAFKA_CONNECT_TLS), is("true"));
}
Aggregations