Example 91 with CrdOperator
use of io.strimzi.operator.common.operator.resource.CrdOperator in project strimzi-kafka-operator by strimzi.
the class KafkaUserOperatorTest method testCreateUserWithAclsDisabled.
@Test
public void testCreateUserWithAclsDisabled(VertxTestContext context) {
CrdOperator mockCrdOps = mock(CrdOperator.class);
SecretOperator mockSecretOps = mock(SecretOperator.class);
SimpleAclOperator aclOps = mock(SimpleAclOperator.class);
ScramCredentialsOperator scramOps = mock(ScramCredentialsOperator.class);
QuotasOperator quotasOps = mock(QuotasOperator.class);
ArgumentCaptor<String> secretNamespaceCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<String> secretNameCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<Secret> secretCaptor = ArgumentCaptor.forClass(Secret.class);
when(mockSecretOps.reconcile(any(), secretNamespaceCaptor.capture(), secretNameCaptor.capture(), secretCaptor.capture())).thenReturn(Future.succeededFuture());
when(scramOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
when(quotasOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
KafkaUserOperator op = new KafkaUserOperator(vertx, mockCertManager, mockCrdOps, mockSecretOps, scramOps, quotasOps, aclOps, ResourceUtils.createUserOperatorConfig(Map.of(), false, false, "12"));
KafkaUser user = new KafkaUserBuilder().withNewMetadata().withName(ResourceUtils.NAME).withNamespace(ResourceUtils.NAMESPACE).endMetadata().withNewSpec().withNewKafkaUserTlsClientAuthentication().endKafkaUserTlsClientAuthentication().withNewQuotas().withConsumerByteRate(1024 * 1024).withProducerByteRate(1024 * 1024).endQuotas().endSpec().build();
Secret clientsCa = ResourceUtils.createClientsCaCertSecret();
Secret clientsCaKey = ResourceUtils.createClientsCaKeySecret();
when(mockSecretOps.getAsync(anyString(), eq("user-cert"))).thenReturn(Future.succeededFuture(clientsCa));
when(mockSecretOps.getAsync(anyString(), eq("user-key"))).thenReturn(Future.succeededFuture(clientsCaKey));
when(mockSecretOps.getAsync(anyString(), eq(ResourceUtils.NAME))).thenReturn(Future.succeededFuture(null));
when(mockCrdOps.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(user));
when(mockCrdOps.updateStatusAsync(any(), any(KafkaUser.class))).thenReturn(Future.succeededFuture());
Checkpoint async = context.checkpoint();
op.createOrUpdate(new Reconciliation("test-trigger", KafkaUser.RESOURCE_KIND, ResourceUtils.NAMESPACE, ResourceUtils.NAME), user).onComplete(context.succeeding(v -> context.verify(() -> {
List<String> capturedNames = secretNameCaptor.getAllValues();
assertThat(capturedNames, hasSize(1));
assertThat(capturedNames.get(0), is(ResourceUtils.NAME));
List<String> capturedNamespaces = secretNamespaceCaptor.getAllValues();
assertThat(capturedNamespaces, hasSize(1));
assertThat(capturedNamespaces.get(0), is(ResourceUtils.NAMESPACE));
List<Secret> capturedSecrets = secretCaptor.getAllValues();
assertThat(capturedSecrets, hasSize(1));
Secret captured = capturedSecrets.get(0);
assertThat(captured.getMetadata().getName(), is(user.getMetadata().getName()));
assertThat(captured.getMetadata().getNamespace(), is(user.getMetadata().getNamespace()));
assertThat(captured.getMetadata().getLabels(), is(Labels.fromMap(user.getMetadata().getLabels()).withStrimziKind(KafkaUser.RESOURCE_KIND).withKubernetesName(KafkaUserModel.KAFKA_USER_OPERATOR_NAME).withKubernetesInstance(ResourceUtils.NAME).withKubernetesPartOf(ResourceUtils.NAME).withKubernetesManagedBy(KafkaUserModel.KAFKA_USER_OPERATOR_NAME).toMap()));
assertThat(new String(Base64.getDecoder().decode(captured.getData().get("ca.crt"))), is("clients-ca-crt"));
assertThat(new String(Base64.getDecoder().decode(captured.getData().get("user.crt"))), is("crt file"));
assertThat(new String(Base64.getDecoder().decode(captured.getData().get("user.key"))), is("key file"));
verify(aclOps, never()).reconcile(any(), any(), any());
async.flag();
})));
}
Also used :
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
Arrays(java.util.Arrays)
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Collections.singletonList(java.util.Collections.singletonList)
CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue)
AfterAll(org.junit.jupiter.api.AfterAll)
MicrometerMetricsOptions(io.vertx.micrometer.MicrometerMetricsOptions)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Arrays.asList(java.util.Arrays.asList)
Map(java.util.Map)
KafkaUserStatus(io.strimzi.api.kafka.model.status.KafkaUserStatus)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
VertxOptions(io.vertx.core.VertxOptions)
Set(java.util.Set)
VertxPrometheusOptions(io.vertx.micrometer.VertxPrometheusOptions)
VertxExtension(io.vertx.junit5.VertxExtension)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
Future(io.vertx.core.Future)
StandardCharsets(java.nio.charset.StandardCharsets)
Test(org.junit.jupiter.api.Test)
Base64(java.util.Base64)
List(java.util.List)
KafkaUserQuotas(io.strimzi.api.kafka.model.KafkaUserQuotas)
Labels(io.strimzi.operator.common.model.Labels)
Secret(io.fabric8.kubernetes.api.model.Secret)
Optional(java.util.Optional)
Checkpoint(io.vertx.junit5.Checkpoint)
MockCertManager(io.strimzi.operator.common.operator.MockCertManager)
Mockito.mock(org.mockito.Mockito.mock)
VertxTestContext(io.vertx.junit5.VertxTestContext)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
CertManager(io.strimzi.certs.CertManager)
HashSet(java.util.HashSet)
ResourceUtils(io.strimzi.operator.user.ResourceUtils)
ArgumentCaptor(org.mockito.ArgumentCaptor)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
ArgumentMatchers.isNull(org.mockito.ArgumentMatchers.isNull)
SimpleAclRule(io.strimzi.operator.user.model.acl.SimpleAclRule)
Promise(io.vertx.core.Promise)
Vertx(io.vertx.core.Vertx)
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
Mockito.when(org.mockito.Mockito.when)
KafkaUserModel(io.strimzi.operator.user.model.KafkaUserModel)
Mockito.verify(org.mockito.Mockito.verify)
Reconciliation(io.strimzi.operator.common.Reconciliation)
Mockito.never(org.mockito.Mockito.never)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Secret(io.fabric8.kubernetes.api.model.Secret)
Checkpoint(io.vertx.junit5.Checkpoint)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Reconciliation(io.strimzi.operator.common.Reconciliation)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Example 92 with CrdOperator
use of io.strimzi.operator.common.operator.resource.CrdOperator in project strimzi-kafka-operator by strimzi.
the class KafkaUserOperatorTest method testReconcileAllWithoutAcls.
@Test
public void testReconcileAllWithoutAcls(VertxTestContext context) {
CrdOperator mockCrdOps = mock(CrdOperator.class);
SecretOperator mockSecretOps = mock(SecretOperator.class);
SimpleAclOperator aclOps = mock(SimpleAclOperator.class);
ScramCredentialsOperator scramOps = mock(ScramCredentialsOperator.class);
QuotasOperator quotasOps = mock(QuotasOperator.class);
KafkaUser newTlsUser = ResourceUtils.createKafkaUserTls();
newTlsUser.getMetadata().setName("new-tls-user");
KafkaUser newScramShaUser = ResourceUtils.createKafkaUserScramSha();
newScramShaUser.getMetadata().setName("new-scram-sha-user");
KafkaUser existingTlsUser = ResourceUtils.createKafkaUserTls();
existingTlsUser.getMetadata().setName("existing-tls-user");
Secret clientsCa = ResourceUtils.createClientsCaCertSecret();
Secret existingTlsUserSecret = ResourceUtils.createUserSecretTls();
existingTlsUserSecret.getMetadata().setName("existing-tls-user");
Secret existingScramShaUserSecret = ResourceUtils.createUserSecretScramSha();
existingScramShaUserSecret.getMetadata().setName("existing-scram-sha-user");
KafkaUser existingScramShaUser = ResourceUtils.createKafkaUserTls();
existingScramShaUser.getMetadata().setName("existing-scram-sha-user");
when(mockCrdOps.listAsync(eq(ResourceUtils.NAMESPACE), eq(Optional.of(new LabelSelector(null, Labels.fromMap(ResourceUtils.LABELS).toMap()))))).thenReturn(Future.succeededFuture(Arrays.asList(newTlsUser, newScramShaUser, existingTlsUser, existingScramShaUser)));
when(mockSecretOps.list(eq(ResourceUtils.NAMESPACE), eq(Labels.fromMap(ResourceUtils.LABELS).withStrimziKind(KafkaUser.RESOURCE_KIND)))).thenReturn(Arrays.asList(existingTlsUserSecret, existingScramShaUserSecret));
when(scramOps.getAllUsers()).thenReturn(Future.succeededFuture(List.of("existing-tls-user", "deleted-scram-sha-user")));
when(quotasOps.getAllUsers()).thenReturn(Future.succeededFuture(Set.of("existing-tls-user", "quota-user")));
when(mockCrdOps.get(eq(newTlsUser.getMetadata().getNamespace()), eq(newTlsUser.getMetadata().getName()))).thenReturn(newTlsUser);
when(mockCrdOps.get(eq(newScramShaUser.getMetadata().getNamespace()), eq(newScramShaUser.getMetadata().getName()))).thenReturn(newScramShaUser);
when(mockCrdOps.get(eq(existingTlsUser.getMetadata().getNamespace()), eq(existingTlsUser.getMetadata().getName()))).thenReturn(existingTlsUser);
when(mockCrdOps.get(eq(existingTlsUser.getMetadata().getNamespace()), eq(existingScramShaUser.getMetadata().getName()))).thenReturn(existingScramShaUser);
when(mockCrdOps.getAsync(eq(newTlsUser.getMetadata().getNamespace()), eq(newTlsUser.getMetadata().getName()))).thenReturn(Future.succeededFuture(newTlsUser));
when(mockCrdOps.getAsync(eq(newScramShaUser.getMetadata().getNamespace()), eq(newScramShaUser.getMetadata().getName()))).thenReturn(Future.succeededFuture(newScramShaUser));
when(mockCrdOps.getAsync(eq(existingTlsUser.getMetadata().getNamespace()), eq(existingTlsUser.getMetadata().getName()))).thenReturn(Future.succeededFuture(existingTlsUser));
when(mockCrdOps.getAsync(eq(existingTlsUser.getMetadata().getNamespace()), eq(existingScramShaUser.getMetadata().getName()))).thenReturn(Future.succeededFuture(existingScramShaUser));
when(mockCrdOps.updateStatusAsync(any(), any())).thenReturn(Future.succeededFuture());
when(mockSecretOps.get(eq(clientsCa.getMetadata().getNamespace()), eq(clientsCa.getMetadata().getName()))).thenReturn(clientsCa);
when(mockSecretOps.get(eq(newTlsUser.getMetadata().getNamespace()), eq(newTlsUser.getMetadata().getName()))).thenReturn(null);
when(mockSecretOps.get(eq(newScramShaUser.getMetadata().getNamespace()), eq(newScramShaUser.getMetadata().getName()))).thenReturn(null);
when(mockSecretOps.get(eq(existingTlsUser.getMetadata().getNamespace()), eq(existingTlsUser.getMetadata().getName()))).thenReturn(existingTlsUserSecret);
when(mockSecretOps.get(eq(existingScramShaUser.getMetadata().getNamespace()), eq(existingScramShaUser.getMetadata().getName()))).thenReturn(existingScramShaUserSecret);
Set<String> createdOrUpdated = new CopyOnWriteArraySet<>();
Set<String> deleted = new CopyOnWriteArraySet<>();
Checkpoint async = context.checkpoint();
Promise reconcileAllCompleted = Promise.promise();
KafkaUserOperator op = new KafkaUserOperator(vertx, mockCertManager, mockCrdOps, mockSecretOps, scramOps, quotasOps, aclOps, ResourceUtils.createUserOperatorConfig(ResourceUtils.LABELS, false, false, "12")) {
@Override
public Future<KafkaUserStatus> createOrUpdate(Reconciliation reconciliation, KafkaUser resource) {
createdOrUpdated.add(resource.getMetadata().getName());
return Future.succeededFuture(new KafkaUserStatus());
}
@Override
public Future<Boolean> delete(Reconciliation reconciliation) {
deleted.add(reconciliation.name());
return Future.succeededFuture(Boolean.TRUE);
}
};
// call reconcileAll and pass in promise to the handler to run assertions on completion
op.reconcileAll("test", ResourceUtils.NAMESPACE, ar -> reconcileAllCompleted.complete());
reconcileAllCompleted.future().compose(v -> context.verify(() -> {
assertThat(createdOrUpdated, is(new HashSet(asList("new-tls-user", "existing-tls-user", "new-scram-sha-user", "existing-scram-sha-user"))));
assertThat(deleted, is(new HashSet(asList("quota-user", "deleted-scram-sha-user"))));
verify(aclOps, never()).getAllUsers();
async.flag();
}));
}
Also used :
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Secret(io.fabric8.kubernetes.api.model.Secret)
Promise(io.vertx.core.Promise)
Checkpoint(io.vertx.junit5.Checkpoint)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Reconciliation(io.strimzi.operator.common.Reconciliation)
KafkaUserStatus(io.strimzi.api.kafka.model.status.KafkaUserStatus)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
HashSet(java.util.HashSet)
Test(org.junit.jupiter.api.Test)
Example 93 with CrdOperator
use of io.strimzi.operator.common.operator.resource.CrdOperator in project strimzi-kafka-operator by strimzi.
the class KafkaUserOperatorTest method testUpdateUserNewCert.
@Test
public void testUpdateUserNewCert(VertxTestContext context) {
CrdOperator mockCrdOps = mock(CrdOperator.class);
SecretOperator mockSecretOps = mock(SecretOperator.class);
SimpleAclOperator aclOps = mock(SimpleAclOperator.class);
ScramCredentialsOperator scramOps = mock(ScramCredentialsOperator.class);
QuotasOperator quotasOps = mock(QuotasOperator.class);
ArgumentCaptor<String> secretNamespaceCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<String> secretNameCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<Secret> secretCaptor = ArgumentCaptor.forClass(Secret.class);
when(mockSecretOps.reconcile(any(), secretNamespaceCaptor.capture(), secretNameCaptor.capture(), secretCaptor.capture())).thenReturn(Future.succeededFuture());
ArgumentCaptor<String> aclNameCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<Set<SimpleAclRule>> aclRulesCaptor = ArgumentCaptor.forClass(Set.class);
when(aclOps.reconcile(any(), aclNameCaptor.capture(), aclRulesCaptor.capture())).thenReturn(Future.succeededFuture());
when(scramOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
when(quotasOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
when(mockCrdOps.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture());
KafkaUserOperator op = new KafkaUserOperator(vertx, mockCertManager, mockCrdOps, mockSecretOps, scramOps, quotasOps, aclOps, ResourceUtils.createUserOperatorConfig());
KafkaUser user = ResourceUtils.createKafkaUserTls();
Secret clientsCa = ResourceUtils.createClientsCaCertSecret();
clientsCa.getData().put("ca.crt", Base64.getEncoder().encodeToString("different-clients-ca-crt".getBytes()));
Secret clientsCaKey = ResourceUtils.createClientsCaKeySecret();
clientsCaKey.getData().put("ca.key", Base64.getEncoder().encodeToString("different-clients-ca-key".getBytes()));
Secret userCert = ResourceUtils.createUserSecretTls();
when(mockSecretOps.getAsync(anyString(), eq(clientsCa.getMetadata().getName()))).thenReturn(Future.succeededFuture(clientsCa));
when(mockSecretOps.getAsync(anyString(), eq(clientsCaKey.getMetadata().getName()))).thenReturn(Future.succeededFuture(clientsCaKey));
when(mockSecretOps.getAsync(anyString(), eq(user.getMetadata().getName()))).thenReturn(Future.succeededFuture(userCert));
when(mockCrdOps.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(user));
when(mockCrdOps.updateStatusAsync(any(), any(KafkaUser.class))).thenReturn(Future.succeededFuture());
Checkpoint async = context.checkpoint();
op.createOrUpdate(new Reconciliation("test-trigger", KafkaUser.RESOURCE_KIND, ResourceUtils.NAMESPACE, ResourceUtils.NAME), user).onComplete(context.succeeding(v -> context.verify(() -> {
List<String> capturedNames = secretNameCaptor.getAllValues();
assertThat(capturedNames, hasSize(1));
assertThat(capturedNames.get(0), is(ResourceUtils.NAME));
List<String> capturedNamespaces = secretNamespaceCaptor.getAllValues();
assertThat(capturedNamespaces, hasSize(1));
assertThat(capturedNamespaces.get(0), is(ResourceUtils.NAMESPACE));
List<Secret> capturedSecrets = secretCaptor.getAllValues();
assertThat(capturedSecrets, hasSize(1));
Secret captured = capturedSecrets.get(0);
assertThat(captured.getMetadata().getName(), is(userCert.getMetadata().getName()));
assertThat(captured.getMetadata().getNamespace(), is(userCert.getMetadata().getNamespace()));
assertThat(captured.getMetadata().getLabels(), is(userCert.getMetadata().getLabels()));
assertThat(new String(Base64.getDecoder().decode(captured.getData().get("ca.crt"))), is("different-clients-ca-crt"));
assertThat(new String(Base64.getDecoder().decode(captured.getData().get("user.crt"))), is("crt file"));
assertThat(new String(Base64.getDecoder().decode(captured.getData().get("user.key"))), is("key file"));
async.flag();
})));
}
Also used :
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
Arrays(java.util.Arrays)
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Collections.singletonList(java.util.Collections.singletonList)
CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue)
AfterAll(org.junit.jupiter.api.AfterAll)
MicrometerMetricsOptions(io.vertx.micrometer.MicrometerMetricsOptions)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Arrays.asList(java.util.Arrays.asList)
Map(java.util.Map)
KafkaUserStatus(io.strimzi.api.kafka.model.status.KafkaUserStatus)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
VertxOptions(io.vertx.core.VertxOptions)
Set(java.util.Set)
VertxPrometheusOptions(io.vertx.micrometer.VertxPrometheusOptions)
VertxExtension(io.vertx.junit5.VertxExtension)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
Future(io.vertx.core.Future)
StandardCharsets(java.nio.charset.StandardCharsets)
Test(org.junit.jupiter.api.Test)
Base64(java.util.Base64)
List(java.util.List)
KafkaUserQuotas(io.strimzi.api.kafka.model.KafkaUserQuotas)
Labels(io.strimzi.operator.common.model.Labels)
Secret(io.fabric8.kubernetes.api.model.Secret)
Optional(java.util.Optional)
Checkpoint(io.vertx.junit5.Checkpoint)
MockCertManager(io.strimzi.operator.common.operator.MockCertManager)
Mockito.mock(org.mockito.Mockito.mock)
VertxTestContext(io.vertx.junit5.VertxTestContext)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
CertManager(io.strimzi.certs.CertManager)
HashSet(java.util.HashSet)
ResourceUtils(io.strimzi.operator.user.ResourceUtils)
ArgumentCaptor(org.mockito.ArgumentCaptor)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
ArgumentMatchers.isNull(org.mockito.ArgumentMatchers.isNull)
SimpleAclRule(io.strimzi.operator.user.model.acl.SimpleAclRule)
Promise(io.vertx.core.Promise)
Vertx(io.vertx.core.Vertx)
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
Mockito.when(org.mockito.Mockito.when)
KafkaUserModel(io.strimzi.operator.user.model.KafkaUserModel)
Mockito.verify(org.mockito.Mockito.verify)
Reconciliation(io.strimzi.operator.common.Reconciliation)
Mockito.never(org.mockito.Mockito.never)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Set(java.util.Set)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
HashSet(java.util.HashSet)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Secret(io.fabric8.kubernetes.api.model.Secret)
Checkpoint(io.vertx.junit5.Checkpoint)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Reconciliation(io.strimzi.operator.common.Reconciliation)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Example 94 with CrdOperator
use of io.strimzi.operator.common.operator.resource.CrdOperator in project strimzi-kafka-operator by strimzi.
the class KafkaUserOperatorTest method testReconcileExistingTlsUser.
@Test
public void testReconcileExistingTlsUser(VertxTestContext context) {
CrdOperator mockCrdOps = mock(CrdOperator.class);
SecretOperator mockSecretOps = mock(SecretOperator.class);
SimpleAclOperator aclOps = mock(SimpleAclOperator.class);
ScramCredentialsOperator scramOps = mock(ScramCredentialsOperator.class);
QuotasOperator quotasOps = mock(QuotasOperator.class);
KafkaUserOperator op = new KafkaUserOperator(vertx, mockCertManager, mockCrdOps, mockSecretOps, scramOps, quotasOps, aclOps, ResourceUtils.createUserOperatorConfig());
KafkaUser user = ResourceUtils.createKafkaUserTls();
Secret clientsCa = ResourceUtils.createClientsCaCertSecret();
Secret clientsCaKey = ResourceUtils.createClientsCaKeySecret();
Secret userCert = ResourceUtils.createUserSecretTls();
ArgumentCaptor<String> secretNamespaceCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<String> secretNameCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<Secret> secretCaptor = ArgumentCaptor.forClass(Secret.class);
when(mockSecretOps.reconcile(any(), secretNamespaceCaptor.capture(), secretNameCaptor.capture(), secretCaptor.capture())).thenReturn(Future.succeededFuture());
when(scramOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
ArgumentCaptor<String> aclNameCaptor = ArgumentCaptor.forClass(String.class);
ArgumentCaptor<Set<SimpleAclRule>> aclRulesCaptor = ArgumentCaptor.forClass(Set.class);
when(aclOps.reconcile(any(), aclNameCaptor.capture(), aclRulesCaptor.capture())).thenReturn(Future.succeededFuture());
when(mockSecretOps.getAsync(anyString(), eq(clientsCa.getMetadata().getName()))).thenReturn(Future.succeededFuture(clientsCa));
when(mockSecretOps.getAsync(anyString(), eq(clientsCaKey.getMetadata().getName()))).thenReturn(Future.succeededFuture(clientsCaKey));
when(mockSecretOps.getAsync(anyString(), eq(user.getMetadata().getName()))).thenReturn(Future.succeededFuture(userCert));
when(mockCrdOps.get(eq(user.getMetadata().getNamespace()), eq(user.getMetadata().getName()))).thenReturn(user);
when(mockCrdOps.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(user));
when(mockCrdOps.updateStatusAsync(any(), any(KafkaUser.class))).thenReturn(Future.succeededFuture());
when(quotasOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
Checkpoint async = context.checkpoint();
op.reconcile(new Reconciliation("test-trigger", KafkaUser.RESOURCE_KIND, ResourceUtils.NAMESPACE, ResourceUtils.NAME)).onComplete(context.succeeding(v -> context.verify(() -> {
List<String> capturedNames = secretNameCaptor.getAllValues();
assertThat(capturedNames, hasSize(1));
assertThat(ResourceUtils.NAME, is(capturedNames.get(0)));
List<String> capturedNamespaces = secretNamespaceCaptor.getAllValues();
assertThat(capturedNamespaces, hasSize(1));
assertThat(capturedNamespaces.get(0), is(ResourceUtils.NAMESPACE));
List<Secret> capturedSecrets = secretCaptor.getAllValues();
assertThat(capturedSecrets, hasSize(1));
Secret captured = capturedSecrets.get(0);
assertThat(captured.getMetadata().getName(), is(user.getMetadata().getName()));
assertThat(captured.getMetadata().getNamespace(), is(user.getMetadata().getNamespace()));
assertThat(captured.getMetadata().getLabels(), is(Labels.fromMap(user.getMetadata().getLabels()).withKubernetesName(KafkaUserModel.KAFKA_USER_OPERATOR_NAME).withKubernetesInstance(ResourceUtils.NAME).withKubernetesPartOf(ResourceUtils.NAME).withKubernetesManagedBy(KafkaUserModel.KAFKA_USER_OPERATOR_NAME).withStrimziKind(KafkaUser.RESOURCE_KIND).toMap()));
assertThat(captured.getData().get("ca.crt"), is(userCert.getData().get("ca.crt")));
assertThat(captured.getData().get("user.crt"), is(userCert.getData().get("user.crt")));
assertThat(captured.getData().get("user.key"), is(userCert.getData().get("user.key")));
List<String> capturedAclNames = aclNameCaptor.getAllValues();
assertThat(capturedAclNames, hasSize(2));
assertThat(capturedAclNames.get(0), is(KafkaUserModel.getTlsUserName(ResourceUtils.NAME)));
assertThat(capturedAclNames.get(1), is(KafkaUserModel.getScramUserName(ResourceUtils.NAME)));
List<Set<SimpleAclRule>> capturedAcls = aclRulesCaptor.getAllValues();
assertThat(capturedAcls, hasSize(2));
Set<SimpleAclRule> aclRules = capturedAcls.get(0);
assertThat(aclRules, hasSize(ResourceUtils.createExpectedSimpleAclRules(user).size()));
assertThat(aclRules, is(ResourceUtils.createExpectedSimpleAclRules(user)));
assertThat(capturedAcls.get(1), is(nullValue()));
async.flag();
})));
}
Also used :
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
Arrays(java.util.Arrays)
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Collections.singletonList(java.util.Collections.singletonList)
CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue)
AfterAll(org.junit.jupiter.api.AfterAll)
MicrometerMetricsOptions(io.vertx.micrometer.MicrometerMetricsOptions)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Arrays.asList(java.util.Arrays.asList)
Map(java.util.Map)
KafkaUserStatus(io.strimzi.api.kafka.model.status.KafkaUserStatus)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
VertxOptions(io.vertx.core.VertxOptions)
Set(java.util.Set)
VertxPrometheusOptions(io.vertx.micrometer.VertxPrometheusOptions)
VertxExtension(io.vertx.junit5.VertxExtension)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
Future(io.vertx.core.Future)
StandardCharsets(java.nio.charset.StandardCharsets)
Test(org.junit.jupiter.api.Test)
Base64(java.util.Base64)
List(java.util.List)
KafkaUserQuotas(io.strimzi.api.kafka.model.KafkaUserQuotas)
Labels(io.strimzi.operator.common.model.Labels)
Secret(io.fabric8.kubernetes.api.model.Secret)
Optional(java.util.Optional)
Checkpoint(io.vertx.junit5.Checkpoint)
MockCertManager(io.strimzi.operator.common.operator.MockCertManager)
Mockito.mock(org.mockito.Mockito.mock)
VertxTestContext(io.vertx.junit5.VertxTestContext)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
CertManager(io.strimzi.certs.CertManager)
HashSet(java.util.HashSet)
ResourceUtils(io.strimzi.operator.user.ResourceUtils)
ArgumentCaptor(org.mockito.ArgumentCaptor)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
ArgumentMatchers.isNull(org.mockito.ArgumentMatchers.isNull)
SimpleAclRule(io.strimzi.operator.user.model.acl.SimpleAclRule)
Promise(io.vertx.core.Promise)
Vertx(io.vertx.core.Vertx)
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
Mockito.when(org.mockito.Mockito.when)
KafkaUserModel(io.strimzi.operator.user.model.KafkaUserModel)
Mockito.verify(org.mockito.Mockito.verify)
Reconciliation(io.strimzi.operator.common.Reconciliation)
Mockito.never(org.mockito.Mockito.never)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Set(java.util.Set)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
HashSet(java.util.HashSet)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Secret(io.fabric8.kubernetes.api.model.Secret)
Checkpoint(io.vertx.junit5.Checkpoint)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Reconciliation(io.strimzi.operator.common.Reconciliation)
SimpleAclRule(io.strimzi.operator.user.model.acl.SimpleAclRule)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Example 95 with CrdOperator
use of io.strimzi.operator.common.operator.resource.CrdOperator in project strimzi-kafka-operator by strimzi.
the class KafkaUserOperatorTest method testReconciliationWithKRaft.
// In KRaft mode, SCRAM-SHA-512 API is currently not supported. This test is used to check the mode to disable it.
// It should be possible to remove this after KRaft in Kafka supports SCRAM-SHA-512
@Test
public void testReconciliationWithKRaft(VertxTestContext context) {
CrdOperator mockCrdOps = mock(CrdOperator.class);
SecretOperator mockSecretOps = mock(SecretOperator.class);
SimpleAclOperator aclOps = mock(SimpleAclOperator.class);
ScramCredentialsOperator scramOps = mock(ScramCredentialsOperator.class);
QuotasOperator quotasOps = mock(QuotasOperator.class);
when(mockSecretOps.reconcile(any(), any(), any(), any())).thenReturn(Future.succeededFuture());
when(aclOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
KafkaUser user = ResourceUtils.createKafkaUserTls();
when(mockCrdOps.getAsync(anyString(), anyString())).thenReturn(Future.succeededFuture(user));
when(mockCrdOps.updateStatusAsync(any(), any(KafkaUser.class))).thenReturn(Future.succeededFuture());
KafkaUserOperator op = new KafkaUserOperator(vertx, mockCertManager, mockCrdOps, mockSecretOps, scramOps, quotasOps, aclOps, ResourceUtils.createUserOperatorConfig(Map.of(), true, true, "12"));
Secret clientsCa = ResourceUtils.createClientsCaCertSecret();
Secret clientsCaKey = ResourceUtils.createClientsCaKeySecret();
Secret userCert = ResourceUtils.createUserSecretTls();
when(mockSecretOps.getAsync(anyString(), eq(clientsCa.getMetadata().getName()))).thenReturn(Future.succeededFuture(clientsCa));
when(mockSecretOps.getAsync(anyString(), eq(clientsCaKey.getMetadata().getName()))).thenReturn(Future.succeededFuture(clientsCaKey));
when(mockSecretOps.getAsync(anyString(), eq(user.getMetadata().getName()))).thenReturn(Future.succeededFuture(userCert));
when(quotasOps.reconcile(any(), any(), any())).thenReturn(Future.succeededFuture());
Checkpoint async = context.checkpoint();
op.createOrUpdate(new Reconciliation("test-trigger", KafkaUser.RESOURCE_KIND, ResourceUtils.NAMESPACE, ResourceUtils.NAME), user).onComplete(context.succeeding(v -> context.verify(() -> {
verify(scramOps, never()).reconcile(any(), any(), any());
async.flag();
})));
}
Also used :
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
Secret(io.fabric8.kubernetes.api.model.Secret)
CoreMatchers.is(org.hamcrest.CoreMatchers.is)
Arrays(java.util.Arrays)
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Collections.singletonList(java.util.Collections.singletonList)
CoreMatchers.notNullValue(org.hamcrest.CoreMatchers.notNullValue)
AfterAll(org.junit.jupiter.api.AfterAll)
MicrometerMetricsOptions(io.vertx.micrometer.MicrometerMetricsOptions)
ExtendWith(org.junit.jupiter.api.extension.ExtendWith)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Arrays.asList(java.util.Arrays.asList)
Map(java.util.Map)
KafkaUserStatus(io.strimzi.api.kafka.model.status.KafkaUserStatus)
SecretOperator(io.strimzi.operator.common.operator.resource.SecretOperator)
VertxOptions(io.vertx.core.VertxOptions)
Set(java.util.Set)
VertxPrometheusOptions(io.vertx.micrometer.VertxPrometheusOptions)
VertxExtension(io.vertx.junit5.VertxExtension)
CopyOnWriteArraySet(java.util.concurrent.CopyOnWriteArraySet)
Future(io.vertx.core.Future)
StandardCharsets(java.nio.charset.StandardCharsets)
Test(org.junit.jupiter.api.Test)
Base64(java.util.Base64)
List(java.util.List)
KafkaUserQuotas(io.strimzi.api.kafka.model.KafkaUserQuotas)
Labels(io.strimzi.operator.common.model.Labels)
Secret(io.fabric8.kubernetes.api.model.Secret)
Optional(java.util.Optional)
Checkpoint(io.vertx.junit5.Checkpoint)
MockCertManager(io.strimzi.operator.common.operator.MockCertManager)
Mockito.mock(org.mockito.Mockito.mock)
VertxTestContext(io.vertx.junit5.VertxTestContext)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
CertManager(io.strimzi.certs.CertManager)
HashSet(java.util.HashSet)
ResourceUtils(io.strimzi.operator.user.ResourceUtils)
ArgumentCaptor(org.mockito.ArgumentCaptor)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
CoreMatchers.nullValue(org.hamcrest.CoreMatchers.nullValue)
ArgumentMatchers.isNull(org.mockito.ArgumentMatchers.isNull)
SimpleAclRule(io.strimzi.operator.user.model.acl.SimpleAclRule)
Promise(io.vertx.core.Promise)
Vertx(io.vertx.core.Vertx)
KafkaUserBuilder(io.strimzi.api.kafka.model.KafkaUserBuilder)
Mockito.when(org.mockito.Mockito.when)
KafkaUserModel(io.strimzi.operator.user.model.KafkaUserModel)
Mockito.verify(org.mockito.Mockito.verify)
Reconciliation(io.strimzi.operator.common.Reconciliation)
Mockito.never(org.mockito.Mockito.never)
SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Checkpoint(io.vertx.junit5.Checkpoint)
CrdOperator(io.strimzi.operator.common.operator.resource.CrdOperator)
Reconciliation(io.strimzi.operator.common.Reconciliation)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
Test(org.junit.jupiter.api.Test)
Aggregations
CrdOperator (io.strimzi.operator.common.operator.resource.CrdOperator)180
Reconciliation (io.strimzi.operator.common.Reconciliation)174
Checkpoint (io.vertx.junit5.Checkpoint)174
Test (org.junit.jupiter.api.Test)174
Future (io.vertx.core.Future)156
Vertx (io.vertx.core.Vertx)156
VertxExtension (io.vertx.junit5.VertxExtension)156
VertxTestContext (io.vertx.junit5.VertxTestContext)156
MatcherAssert.assertThat (org.hamcrest.MatcherAssert.assertThat)156
AfterAll (org.junit.jupiter.api.AfterAll)156
BeforeAll (org.junit.jupiter.api.BeforeAll)156
ExtendWith (org.junit.jupiter.api.extension.ExtendWith)156
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)156
ArgumentMatchers.eq (org.mockito.ArgumentMatchers.eq)156
Mockito.when (org.mockito.Mockito.when)156
List (java.util.List)152
SecretOperator (io.strimzi.operator.common.operator.resource.SecretOperator)150
CoreMatchers.is (org.hamcrest.CoreMatchers.is)150
ArgumentCaptor (org.mockito.ArgumentCaptor)148
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)138
