Example 1 with OpenShiftOnly
use of io.strimzi.systemtest.annotations.OpenShiftOnly in project strimzi-kafka-operator by strimzi.
the class ListenersST method testCustomChainCertificatesForRoute.
@ParallelNamespaceTest
@Tag(EXTERNAL_CLIENTS_USED)
@Tag(INTERNAL_CLIENTS_USED)
@OpenShiftOnly
void testCustomChainCertificatesForRoute(ExtensionContext extensionContext) {
final String namespaceName = StUtils.getNamespaceBasedOnRbac(INFRA_NAMESPACE, extensionContext);
final String clusterName = mapWithClusterNames.get(extensionContext.getDisplayName());
final String topicName = mapWithTestTopics.get(extensionContext.getDisplayName());
final String userName = mapWithTestUsers.get(extensionContext.getDisplayName());
final String clusterCustomCertChain1 = clusterName + "-" + customCertChain1;
final String clusterCustomRootCA1 = clusterName + "-" + customRootCA1;
SecretUtils.createCustomSecret(clusterCustomCertChain1, clusterName, namespaceName, CHAIN_CERT_AND_KEY_1);
SecretUtils.createCustomSecret(clusterCustomRootCA1, clusterName, namespaceName, ROOT_CA_CERT_AND_KEY_1);
resourceManager.createResource(extensionContext, KafkaTemplates.kafkaEphemeral(clusterName, 3).editSpec().editKafka().withListeners(new GenericKafkaListenerBuilder().withName(Constants.TLS_LISTENER_DEFAULT_NAME).withPort(9112).withType(KafkaListenerType.INTERNAL).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertChain1).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build(), new GenericKafkaListenerBuilder().withName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).withPort(9113).withType(KafkaListenerType.ROUTE).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertChain1).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build()).endKafka().endSpec().build());
KafkaUser aliceUser = KafkaUserTemplates.tlsUser(clusterName, userName).build();
resourceManager.createResource(extensionContext, aliceUser);
ExternalKafkaClient externalKafkaClient = new ExternalKafkaClient.Builder().withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withCertificateAuthorityCertificateName(clusterCustomRootCA1).withSecurityProtocol(SecurityProtocol.SSL).withListenerName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).build();
externalKafkaClient.verifyProducedAndConsumedMessages(externalKafkaClient.sendMessagesTls(), externalKafkaClient.receiveMessagesTls());
// Deploy client pod with custom certificates and collect messages from internal TLS listener
resourceManager.createResource(extensionContext, KafkaClientsTemplates.kafkaClients(true, clusterName + "-" + Constants.KAFKA_CLIENTS, false, aliceUser).build());
InternalKafkaClient internalKafkaClient = new InternalKafkaClient.Builder().withUsingPodName(kubeClient(namespaceName).listPodsByPrefixInName(namespaceName, clusterName + "-" + Constants.KAFKA_CLIENTS).get(0).getMetadata().getName()).withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withConsumerGroupName("consumer-group-certs-6").withListenerName(Constants.TLS_LISTENER_DEFAULT_NAME).build();
int sent = internalKafkaClient.sendMessagesTls();
assertThat(sent, is(MESSAGE_COUNT));
internalKafkaClient.setMessageCount(MESSAGE_COUNT * 2);
int received = internalKafkaClient.receiveMessagesTls();
assertThat(received, is(2 * MESSAGE_COUNT));
}
Also used :
ExternalKafkaClient(io.strimzi.systemtest.kafkaclients.externalClients.ExternalKafkaClient)
GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)
InternalKafkaClient(io.strimzi.systemtest.kafkaclients.clients.InternalKafkaClient)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
ParallelNamespaceTest(io.strimzi.systemtest.annotations.ParallelNamespaceTest)
Tag(org.junit.jupiter.api.Tag)
OpenShiftOnly(io.strimzi.systemtest.annotations.OpenShiftOnly)
Example 2 with OpenShiftOnly
use of io.strimzi.systemtest.annotations.OpenShiftOnly in project strimzi by strimzi.
the class ListenersST method testCustomCertRouteAndTlsRollingUpdate.
@ParallelNamespaceTest
@Tag(EXTERNAL_CLIENTS_USED)
@Tag(INTERNAL_CLIENTS_USED)
@OpenShiftOnly
@SuppressWarnings({ "checkstyle:MethodLength" })
void testCustomCertRouteAndTlsRollingUpdate(ExtensionContext extensionContext) {
final String namespaceName = StUtils.getNamespaceBasedOnRbac(INFRA_NAMESPACE, extensionContext);
final String clusterName = mapWithClusterNames.get(extensionContext.getDisplayName());
final String topicName = mapWithTestTopics.get(extensionContext.getDisplayName());
final String userName = mapWithTestUsers.get(extensionContext.getDisplayName());
final String clusterCustomCertServer1 = clusterName + "-" + customCertServer1;
final String clusterCustomCertServer2 = clusterName + "-" + customCertServer2;
final LabelSelector kafkaSelector = KafkaResource.getLabelSelector(clusterName, KafkaResources.kafkaStatefulSetName(clusterName));
SecretUtils.createCustomSecret(clusterCustomCertServer1, clusterName, namespaceName, STRIMZI_CERT_AND_KEY_1);
SecretUtils.createCustomSecret(clusterCustomCertServer2, clusterName, namespaceName, STRIMZI_CERT_AND_KEY_2);
resourceManager.createResource(extensionContext, KafkaTemplates.kafkaPersistent(clusterName, 3).editSpec().editKafka().withListeners(new GenericKafkaListenerBuilder().withName(Constants.TLS_LISTENER_DEFAULT_NAME).withPort(9117).withType(KafkaListenerType.INTERNAL).withTls(true).build(), new GenericKafkaListenerBuilder().withName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).withPort(9118).withType(KafkaListenerType.ROUTE).withTls(true).build()).endKafka().endSpec().build());
KafkaUser aliceUser = KafkaUserTemplates.tlsUser(clusterName, userName).build();
resourceManager.createResource(extensionContext, aliceUser);
String externalCerts = getKafkaStatusCertificates(Constants.EXTERNAL_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
String externalSecretCerts = getKafkaSecretCertificates(namespaceName, clusterName + "-cluster-ca-cert", "ca.crt");
String internalCerts = getKafkaStatusCertificates(Constants.TLS_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
LOGGER.info("Check if KafkaStatus certificates from external listeners are the same as secret certificates");
assertThat(externalSecretCerts, is(externalCerts));
LOGGER.info("Check if KafkaStatus certificates from internal TLS listener are the same as secret certificates");
// External secret cert is same as internal in this case
assertThat(externalSecretCerts, is(internalCerts));
ExternalKafkaClient externalKafkaClient = new ExternalKafkaClient.Builder().withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withSecurityProtocol(SecurityProtocol.SSL).withCertificateAuthorityCertificateName(null).withListenerName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).build();
externalKafkaClient.verifyProducedAndConsumedMessages(externalKafkaClient.sendMessagesTls(), externalKafkaClient.receiveMessagesTls());
Map<String, String> kafkaSnapshot = PodUtils.podSnapshot(namespaceName, kafkaSelector);
KafkaResource.replaceKafkaResourceInSpecificNamespace(clusterName, kafka -> {
kafka.getSpec().getKafka().setListeners(asList(new GenericKafkaListenerBuilder().withName(Constants.TLS_LISTENER_DEFAULT_NAME).withPort(9117).withType(KafkaListenerType.INTERNAL).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertServer2).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build(), new GenericKafkaListenerBuilder().withName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).withPort(9118).withType(KafkaListenerType.ROUTE).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertServer1).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build()));
}, namespaceName);
kafkaSnapshot = RollingUpdateUtils.waitTillComponentHasRolled(namespaceName, kafkaSelector, 3, kafkaSnapshot);
KafkaUtils.waitForKafkaStatusUpdate(namespaceName, clusterName);
externalCerts = getKafkaStatusCertificates(Constants.EXTERNAL_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
externalSecretCerts = getKafkaSecretCertificates(namespaceName, clusterCustomCertServer1, "ca.crt");
internalCerts = getKafkaStatusCertificates(Constants.TLS_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
String internalSecretCerts = getKafkaSecretCertificates(namespaceName, clusterCustomCertServer2, "ca.crt");
LOGGER.info("Check if KafkaStatus certificates are the same as secret certificates");
assertThat(externalSecretCerts, is(externalCerts));
LOGGER.info("Check if KafkaStatus certificates from internal TLS listener are the same as secret certificates");
assertThat(internalSecretCerts, is(internalCerts));
externalKafkaClient = externalKafkaClient.toBuilder().withCertificateAuthorityCertificateName(null).withConsumerGroupName(ClientUtils.generateRandomConsumerGroup()).build();
externalKafkaClient.verifyProducedAndConsumedMessages(externalKafkaClient.sendMessagesTls() + MESSAGE_COUNT, externalKafkaClient.receiveMessagesTls());
// Deploy client pod with custom certificates and collect messages from internal TLS listener
resourceManager.createResource(extensionContext, KafkaClientsTemplates.kafkaClients(true, clusterName + "-" + Constants.KAFKA_CLIENTS, false, aliceUser).build());
InternalKafkaClient internalKafkaClient = new InternalKafkaClient.Builder().withUsingPodName(kubeClient(namespaceName).listPodsByPrefixInName(namespaceName, clusterName + "-" + Constants.KAFKA_CLIENTS).get(0).getMetadata().getName()).withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withConsumerGroupName("consumer-group-certs-91").withListenerName(Constants.TLS_LISTENER_DEFAULT_NAME).build();
int sent = internalKafkaClient.sendMessagesTls();
assertThat(sent, is(MESSAGE_COUNT));
internalKafkaClient.setMessageCount(MESSAGE_COUNT * 3);
int received = internalKafkaClient.receiveMessagesTls();
assertThat(received, is(3 * MESSAGE_COUNT));
SecretUtils.createCustomSecret(clusterCustomCertServer1, clusterName, namespaceName, STRIMZI_CERT_AND_KEY_2);
SecretUtils.createCustomSecret(clusterCustomCertServer2, clusterName, namespaceName, STRIMZI_CERT_AND_KEY_1);
kafkaSnapshot = RollingUpdateUtils.waitTillComponentHasRolled(namespaceName, kafkaSelector, 3, kafkaSnapshot);
externalCerts = getKafkaStatusCertificates(Constants.EXTERNAL_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
externalSecretCerts = getKafkaSecretCertificates(namespaceName, clusterCustomCertServer1, "ca.crt");
internalCerts = getKafkaStatusCertificates(Constants.TLS_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
internalSecretCerts = getKafkaSecretCertificates(namespaceName, clusterCustomCertServer2, "ca.crt");
LOGGER.info("Check if KafkaStatus certificates are the same as secret certificates");
assertThat(externalSecretCerts, is(externalCerts));
LOGGER.info("Check if KafkaStatus certificates from internal TLS listener are the same as secret certificates");
assertThat(internalSecretCerts, is(internalCerts));
externalKafkaClient.verifyProducedAndConsumedMessages(externalKafkaClient.sendMessagesTls() + MESSAGE_COUNT, externalKafkaClient.receiveMessagesTls());
internalKafkaClient = internalKafkaClient.toBuilder().withConsumerGroupName("consumer-group-certs-92").withMessageCount(MESSAGE_COUNT).build();
sent = internalKafkaClient.sendMessagesTls();
assertThat(sent, is(MESSAGE_COUNT));
internalKafkaClient = internalKafkaClient.toBuilder().withMessageCount(5 * MESSAGE_COUNT).build();
received = internalKafkaClient.receiveMessagesTls();
assertThat(received, is(5 * MESSAGE_COUNT));
KafkaResource.replaceKafkaResourceInSpecificNamespace(clusterName, kafka -> {
kafka.getSpec().getKafka().setListeners(asList(new GenericKafkaListenerBuilder().withName(Constants.TLS_LISTENER_DEFAULT_NAME).withPort(9117).withType(KafkaListenerType.INTERNAL).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertServer2).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build(), new GenericKafkaListenerBuilder().withName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).withPort(9118).withType(KafkaListenerType.ROUTE).withTls(true).build()));
}, namespaceName);
RollingUpdateUtils.waitTillComponentHasRolled(namespaceName, kafkaSelector, 3, kafkaSnapshot);
KafkaUtils.waitForKafkaStatusUpdate(namespaceName, clusterName);
externalCerts = getKafkaStatusCertificates(Constants.EXTERNAL_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
externalSecretCerts = getKafkaSecretCertificates(namespaceName, clusterName + "-cluster-ca-cert", "ca.crt");
internalCerts = getKafkaStatusCertificates(Constants.TLS_LISTENER_DEFAULT_NAME, namespaceName, clusterName);
internalSecretCerts = getKafkaSecretCertificates(namespaceName, clusterCustomCertServer2, "ca.crt");
LOGGER.info("Check if KafkaStatus certificates are the same as secret certificates");
assertThat(externalSecretCerts, is(externalCerts));
LOGGER.info("Check if KafkaStatus certificates from internal TLS listener are the same as secret certificates");
assertThat(internalSecretCerts, is(internalCerts));
externalKafkaClient = externalKafkaClient.toBuilder().withCertificateAuthorityCertificateName(null).withConsumerGroupName(ClientUtils.generateRandomConsumerGroup()).build();
sent = externalKafkaClient.sendMessagesTls() + (5 * MESSAGE_COUNT);
externalKafkaClient = externalKafkaClient.toBuilder().withMessageCount(6 * MESSAGE_COUNT).build();
externalKafkaClient.verifyProducedAndConsumedMessages(sent, externalKafkaClient.receiveMessagesTls());
internalKafkaClient = internalKafkaClient.toBuilder().withMessageCount(6 * MESSAGE_COUNT).withConsumerGroupName("consumer-group-certs-93").build();
received = internalKafkaClient.receiveMessagesTls();
assertThat(received, is(6 * MESSAGE_COUNT));
}
Also used :
ExternalKafkaClient(io.strimzi.systemtest.kafkaclients.externalClients.ExternalKafkaClient)
GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)
LabelSelector(io.fabric8.kubernetes.api.model.LabelSelector)
InternalKafkaClient(io.strimzi.systemtest.kafkaclients.clients.InternalKafkaClient)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
ParallelNamespaceTest(io.strimzi.systemtest.annotations.ParallelNamespaceTest)
Tag(org.junit.jupiter.api.Tag)
OpenShiftOnly(io.strimzi.systemtest.annotations.OpenShiftOnly)
Example 3 with OpenShiftOnly
use of io.strimzi.systemtest.annotations.OpenShiftOnly in project strimzi by strimzi.
the class ListenersST method testCustomChainCertificatesForRoute.
@ParallelNamespaceTest
@Tag(EXTERNAL_CLIENTS_USED)
@Tag(INTERNAL_CLIENTS_USED)
@OpenShiftOnly
void testCustomChainCertificatesForRoute(ExtensionContext extensionContext) {
final String namespaceName = StUtils.getNamespaceBasedOnRbac(INFRA_NAMESPACE, extensionContext);
final String clusterName = mapWithClusterNames.get(extensionContext.getDisplayName());
final String topicName = mapWithTestTopics.get(extensionContext.getDisplayName());
final String userName = mapWithTestUsers.get(extensionContext.getDisplayName());
final String clusterCustomCertChain1 = clusterName + "-" + customCertChain1;
final String clusterCustomRootCA1 = clusterName + "-" + customRootCA1;
SecretUtils.createCustomSecret(clusterCustomCertChain1, clusterName, namespaceName, CHAIN_CERT_AND_KEY_1);
SecretUtils.createCustomSecret(clusterCustomRootCA1, clusterName, namespaceName, ROOT_CA_CERT_AND_KEY_1);
resourceManager.createResource(extensionContext, KafkaTemplates.kafkaEphemeral(clusterName, 3).editSpec().editKafka().withListeners(new GenericKafkaListenerBuilder().withName(Constants.TLS_LISTENER_DEFAULT_NAME).withPort(9112).withType(KafkaListenerType.INTERNAL).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertChain1).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build(), new GenericKafkaListenerBuilder().withName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).withPort(9113).withType(KafkaListenerType.ROUTE).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertChain1).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build()).endKafka().endSpec().build());
KafkaUser aliceUser = KafkaUserTemplates.tlsUser(clusterName, userName).build();
resourceManager.createResource(extensionContext, aliceUser);
ExternalKafkaClient externalKafkaClient = new ExternalKafkaClient.Builder().withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withCertificateAuthorityCertificateName(clusterCustomRootCA1).withSecurityProtocol(SecurityProtocol.SSL).withListenerName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).build();
externalKafkaClient.verifyProducedAndConsumedMessages(externalKafkaClient.sendMessagesTls(), externalKafkaClient.receiveMessagesTls());
// Deploy client pod with custom certificates and collect messages from internal TLS listener
resourceManager.createResource(extensionContext, KafkaClientsTemplates.kafkaClients(true, clusterName + "-" + Constants.KAFKA_CLIENTS, false, aliceUser).build());
InternalKafkaClient internalKafkaClient = new InternalKafkaClient.Builder().withUsingPodName(kubeClient(namespaceName).listPodsByPrefixInName(namespaceName, clusterName + "-" + Constants.KAFKA_CLIENTS).get(0).getMetadata().getName()).withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withConsumerGroupName("consumer-group-certs-6").withListenerName(Constants.TLS_LISTENER_DEFAULT_NAME).build();
int sent = internalKafkaClient.sendMessagesTls();
assertThat(sent, is(MESSAGE_COUNT));
internalKafkaClient.setMessageCount(MESSAGE_COUNT * 2);
int received = internalKafkaClient.receiveMessagesTls();
assertThat(received, is(2 * MESSAGE_COUNT));
}
Also used :
ExternalKafkaClient(io.strimzi.systemtest.kafkaclients.externalClients.ExternalKafkaClient)
GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)
InternalKafkaClient(io.strimzi.systemtest.kafkaclients.clients.InternalKafkaClient)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
ParallelNamespaceTest(io.strimzi.systemtest.annotations.ParallelNamespaceTest)
Tag(org.junit.jupiter.api.Tag)
OpenShiftOnly(io.strimzi.systemtest.annotations.OpenShiftOnly)
Example 4 with OpenShiftOnly
use of io.strimzi.systemtest.annotations.OpenShiftOnly in project strimzi by strimzi.
the class ListenersST method testCustomSoloCertificatesForRoute.
@ParallelNamespaceTest
@Tag(ACCEPTANCE)
@Tag(EXTERNAL_CLIENTS_USED)
@Tag(INTERNAL_CLIENTS_USED)
@OpenShiftOnly
void testCustomSoloCertificatesForRoute(ExtensionContext extensionContext) {
final String namespaceName = StUtils.getNamespaceBasedOnRbac(INFRA_NAMESPACE, extensionContext);
final String clusterName = mapWithClusterNames.get(extensionContext.getDisplayName());
final String topicName = mapWithTestTopics.get(extensionContext.getDisplayName());
final String userName = mapWithTestUsers.get(extensionContext.getDisplayName());
final String clusterCustomCertServer1 = clusterName + "-" + customCertServer1;
SecretUtils.createCustomSecret(clusterCustomCertServer1, clusterName, namespaceName, STRIMZI_CERT_AND_KEY_1);
resourceManager.createResource(extensionContext, KafkaTemplates.kafkaEphemeral(clusterName, 3).editSpec().editKafka().withListeners(new GenericKafkaListenerBuilder().withName(Constants.TLS_LISTENER_DEFAULT_NAME).withPort(9111).withType(KafkaListenerType.INTERNAL).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertServer1).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build(), new GenericKafkaListenerBuilder().withName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).withPort(9112).withType(KafkaListenerType.ROUTE).withTls(true).withNewConfiguration().withNewBrokerCertChainAndKey().withSecretName(clusterCustomCertServer1).withKey("ca.key").withCertificate("ca.crt").endBrokerCertChainAndKey().endConfiguration().build()).endKafka().endSpec().build());
KafkaUser aliceUser = KafkaUserTemplates.tlsUser(clusterName, userName).build();
resourceManager.createResource(extensionContext, aliceUser);
ExternalKafkaClient externalKafkaClient = new ExternalKafkaClient.Builder().withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withCertificateAuthorityCertificateName(clusterCustomCertServer1).withSecurityProtocol(SecurityProtocol.SSL).withListenerName(Constants.EXTERNAL_LISTENER_DEFAULT_NAME).build();
externalKafkaClient.verifyProducedAndConsumedMessages(externalKafkaClient.sendMessagesTls(), externalKafkaClient.receiveMessagesTls());
// Deploy client pod with custom certificates and collect messages from internal TLS listener
resourceManager.createResource(extensionContext, KafkaClientsTemplates.kafkaClients(true, clusterName + "-" + Constants.KAFKA_CLIENTS, false, aliceUser).build());
InternalKafkaClient internalKafkaClient = new InternalKafkaClient.Builder().withUsingPodName(kubeClient(namespaceName).listPodsByPrefixInName(namespaceName, clusterName + "-" + Constants.KAFKA_CLIENTS).get(0).getMetadata().getName()).withTopicName(topicName).withNamespaceName(namespaceName).withClusterName(clusterName).withKafkaUsername(userName).withMessageCount(MESSAGE_COUNT).withConsumerGroupName("consumer-group-certs-4").withListenerName(Constants.TLS_LISTENER_DEFAULT_NAME).build();
int sent = internalKafkaClient.sendMessagesTls();
assertThat(sent, is(MESSAGE_COUNT));
internalKafkaClient.setMessageCount(MESSAGE_COUNT * 2);
int received = internalKafkaClient.receiveMessagesTls();
assertThat(received, is(2 * MESSAGE_COUNT));
}
Also used :
ExternalKafkaClient(io.strimzi.systemtest.kafkaclients.externalClients.ExternalKafkaClient)
GenericKafkaListenerBuilder(io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)
InternalKafkaClient(io.strimzi.systemtest.kafkaclients.clients.InternalKafkaClient)
CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString)
KafkaUser(io.strimzi.api.kafka.model.KafkaUser)
ParallelNamespaceTest(io.strimzi.systemtest.annotations.ParallelNamespaceTest)
Tag(org.junit.jupiter.api.Tag)
OpenShiftOnly(io.strimzi.systemtest.annotations.OpenShiftOnly)
Example 5 with OpenShiftOnly
use of io.strimzi.systemtest.annotations.OpenShiftOnly in project strimzi by strimzi.
the class ConnectBuilderIsolatedST method testPushIntoImageStream.
@OpenShiftOnly
@ParallelTest
void testPushIntoImageStream(ExtensionContext extensionContext) {
String connectClusterTest = mapWithClusterNames.get(extensionContext.getDisplayName()) + "-connect";
String imageStreamName = "custom-image-stream";
ImageStream imageStream = new ImageStreamBuilder().editOrNewMetadata().withName(imageStreamName).withNamespace(INFRA_NAMESPACE).endMetadata().build();
kubeClient().getClient().adapt(OpenShiftClient.class).imageStreams().inNamespace(INFRA_NAMESPACE).create(imageStream);
resourceManager.createResource(extensionContext, KafkaConnectTemplates.kafkaConnect(extensionContext, connectClusterTest, INFRA_NAMESPACE, INFRA_NAMESPACE, 1, false).editMetadata().addToAnnotations(Annotations.STRIMZI_IO_USE_CONNECTOR_RESOURCES, "true").endMetadata().editOrNewSpec().withNewBuild().withPlugins(PLUGIN_WITH_TAR_AND_JAR).withNewImageStreamOutput().withImage(imageStreamName + ":latest").endImageStreamOutput().endBuild().endSpec().build());
KafkaConnect kafkaConnect = KafkaConnectResource.kafkaConnectClient().inNamespace(INFRA_NAMESPACE).withName(connectClusterTest).get();
LOGGER.info("Checking, if KafkaConnect has all artifacts and if is successfully created");
assertThat(kafkaConnect.getSpec().getBuild().getPlugins().get(0).getArtifacts().size(), is(2));
assertThat(kafkaConnect.getSpec().getBuild().getOutput().getType(), is("imagestream"));
assertThat(kafkaConnect.getSpec().getBuild().getOutput().getImage(), is(imageStreamName + ":latest"));
assertThat(kafkaConnect.getStatus().getConditions().get(0).getType(), is(Ready.toString()));
assertTrue(kafkaConnect.getStatus().getConnectorPlugins().size() > 0);
assertTrue(kafkaConnect.getStatus().getConnectorPlugins().stream().anyMatch(connectorPlugin -> connectorPlugin.getConnectorClass().contains(ECHO_SINK_CLASS_NAME)));
}
Also used :
ImageStreamBuilder(io.fabric8.openshift.api.model.ImageStreamBuilder)
ParallelTest(io.strimzi.systemtest.annotations.ParallelTest)
KubeClusterResource.cmdKubeClient(io.strimzi.test.k8s.KubeClusterResource.cmdKubeClient)
Assertions.assertNotEquals(org.junit.jupiter.api.Assertions.assertNotEquals)
Annotations(io.strimzi.operator.common.Annotations)
Random(java.util.Random)
KafkaTopicUtils(io.strimzi.systemtest.utils.kafkaUtils.KafkaTopicUtils)
INFRA_NAMESPACE(io.strimzi.systemtest.Constants.INFRA_NAMESPACE)
KafkaConnectResource(io.strimzi.systemtest.resources.crd.KafkaConnectResource)
KafkaConnector(io.strimzi.api.kafka.model.KafkaConnector)
Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse)
KafkaResources(io.strimzi.api.kafka.model.KafkaResources)
OtherArtifactBuilder(io.strimzi.api.kafka.model.connect.build.OtherArtifactBuilder)
KafkaConnectUtils(io.strimzi.systemtest.utils.kafkaUtils.KafkaConnectUtils)
BeforeAll(org.junit.jupiter.api.BeforeAll)
Map(java.util.Map)
Tag(org.junit.jupiter.api.Tag)
KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect)
IsolatedSuite(io.strimzi.systemtest.annotations.IsolatedSuite)
KafkaClients(io.strimzi.systemtest.kafkaclients.internalClients.KafkaClients)
Collectors(java.util.stream.Collectors)
ClientUtils(io.strimzi.systemtest.utils.ClientUtils)
Labels(io.strimzi.operator.common.model.Labels)
Logger(org.apache.logging.log4j.Logger)
Plugin(io.strimzi.api.kafka.model.connect.build.Plugin)
KafkaTopicTemplates(io.strimzi.systemtest.templates.crd.KafkaTopicTemplates)
KafkaConnectorTemplates(io.strimzi.systemtest.templates.crd.KafkaConnectorTemplates)
Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue)
Matchers.is(org.hamcrest.Matchers.is)
Condition(io.strimzi.api.kafka.model.status.Condition)
AbstractST(io.strimzi.systemtest.AbstractST)
KafkaClientsTemplates(io.strimzi.systemtest.templates.crd.KafkaClientsTemplates)
KafkaConnectTemplates(io.strimzi.systemtest.templates.crd.KafkaConnectTemplates)
NetworkPolicyResource(io.strimzi.systemtest.resources.kubernetes.NetworkPolicyResource)
CONNECT(io.strimzi.systemtest.Constants.CONNECT)
OpenShiftOnly(io.strimzi.systemtest.annotations.OpenShiftOnly)
HashMap(java.util.HashMap)
PluginBuilder(io.strimzi.api.kafka.model.connect.build.PluginBuilder)
ExtensionContext(org.junit.jupiter.api.extension.ExtensionContext)
ZipArtifactBuilder(io.strimzi.api.kafka.model.connect.build.ZipArtifactBuilder)
KafkaConnectorResource(io.strimzi.systemtest.resources.crd.KafkaConnectorResource)
PodUtils(io.strimzi.systemtest.utils.kubeUtils.objects.PodUtils)
NotReady(io.strimzi.systemtest.enums.CustomResourceStatus.NotReady)
Service(io.fabric8.kubernetes.api.model.Service)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals)
TgzArtifactBuilder(io.strimzi.api.kafka.model.connect.build.TgzArtifactBuilder)
ImageStream(io.fabric8.openshift.api.model.ImageStream)
KafkaTemplates(io.strimzi.systemtest.templates.crd.KafkaTemplates)
Ready(io.strimzi.systemtest.enums.CustomResourceStatus.Ready)
InternalKafkaClient(io.strimzi.systemtest.kafkaclients.clients.InternalKafkaClient)
Constants(io.strimzi.systemtest.Constants)
KafkaClientsBuilder(io.strimzi.systemtest.kafkaclients.internalClients.KafkaClientsBuilder)
OpenShiftClient(io.fabric8.openshift.client.OpenShiftClient)
JarArtifactBuilder(io.strimzi.api.kafka.model.connect.build.JarArtifactBuilder)
KubeClusterResource.kubeClient(io.strimzi.test.k8s.KubeClusterResource.kubeClient)
Util(io.strimzi.operator.common.Util)
DeploymentUtils(io.strimzi.systemtest.utils.kubeUtils.controllers.DeploymentUtils)
CONNECT_COMPONENTS(io.strimzi.systemtest.Constants.CONNECT_COMPONENTS)
ImageStreamBuilder(io.fabric8.openshift.api.model.ImageStreamBuilder)
MavenArtifactBuilder(io.strimzi.api.kafka.model.connect.build.MavenArtifactBuilder)
LogManager(org.apache.logging.log4j.LogManager)
Collections(java.util.Collections)
REGRESSION(io.strimzi.systemtest.Constants.REGRESSION)
KafkaConnectResources(io.strimzi.api.kafka.model.KafkaConnectResources)
OpenShiftClient(io.fabric8.openshift.client.OpenShiftClient)
ImageStream(io.fabric8.openshift.api.model.ImageStream)
KafkaConnect(io.strimzi.api.kafka.model.KafkaConnect)
ParallelTest(io.strimzi.systemtest.annotations.ParallelTest)
OpenShiftOnly(io.strimzi.systemtest.annotations.OpenShiftOnly)
Aggregations
OpenShiftOnly (io.strimzi.systemtest.annotations.OpenShiftOnly)8
InternalKafkaClient (io.strimzi.systemtest.kafkaclients.clients.InternalKafkaClient)8
Tag (org.junit.jupiter.api.Tag)8
KafkaUser (io.strimzi.api.kafka.model.KafkaUser)6
GenericKafkaListenerBuilder (io.strimzi.api.kafka.model.listener.arraylistener.GenericKafkaListenerBuilder)6
ParallelNamespaceTest (io.strimzi.systemtest.annotations.ParallelNamespaceTest)6
ExternalKafkaClient (io.strimzi.systemtest.kafkaclients.externalClients.ExternalKafkaClient)6
CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)6
LabelSelector (io.fabric8.kubernetes.api.model.LabelSelector)2
Service (io.fabric8.kubernetes.api.model.Service)2
ImageStream (io.fabric8.openshift.api.model.ImageStream)2
ImageStreamBuilder (io.fabric8.openshift.api.model.ImageStreamBuilder)2
OpenShiftClient (io.fabric8.openshift.client.OpenShiftClient)2
KafkaConnect (io.strimzi.api.kafka.model.KafkaConnect)2
KafkaConnectResources (io.strimzi.api.kafka.model.KafkaConnectResources)2
KafkaConnector (io.strimzi.api.kafka.model.KafkaConnector)2
KafkaResources (io.strimzi.api.kafka.model.KafkaResources)2
JarArtifactBuilder (io.strimzi.api.kafka.model.connect.build.JarArtifactBuilder)2
MavenArtifactBuilder (io.strimzi.api.kafka.model.connect.build.MavenArtifactBuilder)2
OtherArtifactBuilder (io.strimzi.api.kafka.model.connect.build.OtherArtifactBuilder)2
