Search in sources :

Example 21 with Operator

use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.

the class KeycloakOperatorManager method installKeycloak.

public static CompletableFuture<Void> installKeycloak(KubeClient kubeClient) throws Exception {
    if (SystemTestEnvironment.INSTALL_KEYCLOAK) {
        LOGGER.info("Installing Keycloak : {}", OPERATOR_NS);
        kubeClient.client().namespaces().createOrReplace(new NamespaceBuilder().withNewMetadata().withName(OPERATOR_NS).endMetadata().build());
        SecurityUtils.TlsConfig tls = SecurityUtils.getTLSConfig(OPERATOR_NS + ".svc");
        Secret keycloakCert = new SecretBuilder().withNewMetadata().withName("sso-x509-https-secret").withNamespace(OPERATOR_NS).endMetadata().withType("kubernetes.io/tls").withData(Map.of("tls.crt", new String(Base64.getEncoder().encode(tls.getCert().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8), "tls.key", new String(Base64.getEncoder().encode(tls.getKey().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8))).build();
        kubeClient.client().secrets().inNamespace(OPERATOR_NS).createOrReplace(keycloakCert);
        List<String> keycloakInstallFiles = Arrays.asList("https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/service_account.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/role_binding.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/role.yaml", "https://raw.githubusercontent.com/keycloak/keycloak-operator/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/cluster_roles/cluster_role_binding.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/cluster_roles/cluster_role.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakbackups_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakclients_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakrealms_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloaks_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakusers_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/operator.yaml");
        for (String urlString : keycloakInstallFiles) {
            URL url = new URL(urlString);
            INSTALLED_RESOURCES.add(kubeClient.client().load(url.openStream()).get().get(0));
        }
        for (HasMetadata resource : INSTALLED_RESOURCES) {
            resource.getMetadata().setNamespace(OPERATOR_NS);
            kubeClient.client().resource(resource).inNamespace(OPERATOR_NS).createOrReplace();
        }
        kubeClient.cmdClient().namespace(OPERATOR_NS).execInCurrentNamespace("apply", "-f", Paths.get(Environment.SUITE_ROOT, "src", "main", "resources", "keycloak.yml").toAbsolutePath().toString());
        LOGGER.info("Done installing Keycloak : {}", OPERATOR_NS);
        return TestUtils.asyncWaitFor("Keycloak instance ready", 1_000, 600_000, () -> TestUtils.isPodReady(KubeClient.getInstance().client().pods().inNamespace(OPERATOR_NS).list().getItems().stream().filter(pod -> pod.getMetadata().getName().contains("keycloak-0")).findFirst().orElse(null)));
    } else {
        LOGGER.info("Keycloak is not installed suite will use values from env vars for oauth");
        return CompletableFuture.completedFuture(null);
    }
}
Also used : Secret(io.fabric8.kubernetes.api.model.Secret) SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder) HasMetadata(io.fabric8.kubernetes.api.model.HasMetadata) SecurityUtils(org.bf2.systemtest.framework.SecurityUtils) NamespaceBuilder(io.fabric8.kubernetes.api.model.NamespaceBuilder) URL(java.net.URL)

Example 22 with Operator

use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.

the class StrimziOperatorManager method doInstall.

protected CompletableFuture<Void> doInstall(KubeClient kubeClient) throws IOException {
    LOGGER.info("Installing Strimzi : {} version: {}", operatorNs, version);
    Namespace namespace = new NamespaceBuilder().withNewMetadata().withName(operatorNs).endMetadata().build();
    kubeClient.client().namespaces().createOrReplace(namespace);
    URL url = new URL(String.format(STRIMZI_URL_FORMAT, version));
    // modify namespaces, convert rolebinding to clusterrolebindings, update deployment if needed
    String crbID = UUID.randomUUID().toString().substring(0, 5);
    kubeClient.apply(operatorNs, url.openStream(), i -> {
        if (i instanceof Namespaced) {
            i.getMetadata().setNamespace(operatorNs);
        }
        if (i instanceof ClusterRoleBinding) {
            ClusterRoleBinding crb = (ClusterRoleBinding) i;
            crb.getSubjects().forEach(sbj -> sbj.setNamespace(operatorNs));
            crb.getMetadata().setName(crb.getMetadata().getName() + "." + operatorNs);
            clusterWideResourceDeleters.add(unused -> {
                kubeClient.client().rbac().clusterRoleBindings().withName(crb.getMetadata().getName()).delete();
            });
        } else if (i instanceof RoleBinding) {
            RoleBinding rb = (RoleBinding) i;
            rb.getSubjects().forEach(sbj -> sbj.setNamespace(operatorNs));
            ClusterRoleBinding crb = new ClusterRoleBindingBuilder().withNewMetadata().withName(rb.getMetadata().getName() + "-all-ns-" + crbID).withAnnotations(rb.getMetadata().getAnnotations()).withLabels(rb.getMetadata().getLabels()).endMetadata().withRoleRef(rb.getRoleRef()).withSubjects(rb.getSubjects()).build();
            LOGGER.info("Creating {} named {}", crb.getKind(), crb.getMetadata().getName());
            kubeClient.client().rbac().clusterRoleBindings().createOrReplace(crb);
            clusterWideResourceDeleters.add(unused -> {
                kubeClient.client().rbac().clusterRoleBindings().withName(crb.getMetadata().getName()).delete();
            });
        } else if (i instanceof Deployment && "strimzi-cluster-operator".equals(i.getMetadata().getName())) {
            modifyDeployment((Deployment) i);
        }
        return i;
    });
    LOGGER.info("Done installing Strimzi : {}", operatorNs);
    return TestUtils.asyncWaitFor("Strimzi operator ready", 1_000, FleetShardOperatorManager.INSTALL_TIMEOUT_MS, () -> isReady(kubeClient, operatorNs, version));
}
Also used : Namespaced(io.fabric8.kubernetes.api.model.Namespaced) GithubApiClient(org.bf2.systemtest.api.github.GithubApiClient) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) EnvVar(io.fabric8.kubernetes.api.model.EnvVar) Arrays(java.util.Arrays) Container(io.fabric8.kubernetes.api.model.Container) URL(java.net.URL) CompletableFuture(java.util.concurrent.CompletableFuture) ArrayList(java.util.ArrayList) RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding) KubeClient(org.bf2.test.k8s.KubeClient) Map(java.util.Map) ComparableVersion(org.apache.maven.artifact.versioning.ComparableVersion) LinkedList(java.util.LinkedList) TestUtils(org.bf2.test.TestUtils) Pod(io.fabric8.kubernetes.api.model.Pod) SystemTestEnvironment(org.bf2.systemtest.framework.SystemTestEnvironment) IOException(java.io.IOException) EnvVarBuilder(io.fabric8.kubernetes.api.model.EnvVarBuilder) UUID(java.util.UUID) OpenShiftClient(io.fabric8.openshift.client.OpenShiftClient) Collectors(java.util.stream.Collectors) Namespaced(io.fabric8.kubernetes.api.model.Namespaced) ExecutionException(java.util.concurrent.ExecutionException) Consumer(java.util.function.Consumer) List(java.util.List) Logger(org.apache.logging.log4j.Logger) Namespace(io.fabric8.kubernetes.api.model.Namespace) NamespaceBuilder(io.fabric8.kubernetes.api.model.NamespaceBuilder) Readiness(io.fabric8.kubernetes.client.internal.readiness.Readiness) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) LogManager(org.apache.logging.log4j.LogManager) Collections(java.util.Collections) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding) Namespace(io.fabric8.kubernetes.api.model.Namespace) NamespaceBuilder(io.fabric8.kubernetes.api.model.NamespaceBuilder) URL(java.net.URL)

Example 23 with Operator

use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.

the class StrimziOperatorManager method getPreviousUpstreamStrimziVersion.

public static String getPreviousUpstreamStrimziVersion(String actualVersion) throws InterruptedException, ExecutionException {
    if (!isNotTestSuiteStrimziOperatorInstalled(KubeClient.getInstance())) {
        List<String> sortedReleases = Arrays.stream(GithubApiClient.getReleases("strimzi", "strimzi-kafka-operator")).filter(a -> !(a.prerelease || a.draft)).sorted((a, b) -> {
            ComparableVersion aVersion = new ComparableVersion(a.name);
            ComparableVersion bVersion = new ComparableVersion(b.name);
            return aVersion.compareTo(bVersion);
        }).map(a -> a.name).collect(Collectors.toList());
        return sortedReleases.get(sortedReleases.indexOf(actualVersion) - 1);
    }
    return "";
}
Also used : GithubApiClient(org.bf2.systemtest.api.github.GithubApiClient) ClusterRoleBinding(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBinding) EnvVar(io.fabric8.kubernetes.api.model.EnvVar) Arrays(java.util.Arrays) Container(io.fabric8.kubernetes.api.model.Container) URL(java.net.URL) CompletableFuture(java.util.concurrent.CompletableFuture) ArrayList(java.util.ArrayList) RoleBinding(io.fabric8.kubernetes.api.model.rbac.RoleBinding) KubeClient(org.bf2.test.k8s.KubeClient) Map(java.util.Map) ComparableVersion(org.apache.maven.artifact.versioning.ComparableVersion) LinkedList(java.util.LinkedList) TestUtils(org.bf2.test.TestUtils) Pod(io.fabric8.kubernetes.api.model.Pod) SystemTestEnvironment(org.bf2.systemtest.framework.SystemTestEnvironment) IOException(java.io.IOException) EnvVarBuilder(io.fabric8.kubernetes.api.model.EnvVarBuilder) UUID(java.util.UUID) OpenShiftClient(io.fabric8.openshift.client.OpenShiftClient) Collectors(java.util.stream.Collectors) Namespaced(io.fabric8.kubernetes.api.model.Namespaced) ExecutionException(java.util.concurrent.ExecutionException) Consumer(java.util.function.Consumer) List(java.util.List) Logger(org.apache.logging.log4j.Logger) Namespace(io.fabric8.kubernetes.api.model.Namespace) NamespaceBuilder(io.fabric8.kubernetes.api.model.NamespaceBuilder) Readiness(io.fabric8.kubernetes.client.internal.readiness.Readiness) ClusterRoleBindingBuilder(io.fabric8.kubernetes.api.model.rbac.ClusterRoleBindingBuilder) Deployment(io.fabric8.kubernetes.api.model.apps.Deployment) LogManager(org.apache.logging.log4j.LogManager) Collections(java.util.Collections) ComparableVersion(org.apache.maven.artifact.versioning.ComparableVersion)

Example 24 with Operator

use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.

the class ObservabilityManagerTest method testObservabilitySecret.

@Test
public void testObservabilitySecret() {
    client.getConfiguration().setNamespace("test");
    ObservabilityConfiguration config = new ObservabilityConfigurationBuilder().withAccessToken("test-token").withChannel("test").withRepository("test-repo").withTag("tag").build();
    String ownerName = "SampleOwner";
    Secret owner = client.secrets().inNamespace(client.getNamespace()).withName(ownerName).create(new SecretBuilder().withNewMetadata().withNamespace(client.getNamespace()).withName(ownerName).endMetadata().addToData("key", "value").build());
    this.observabilityManager.createOrUpdateObservabilitySecret(config, owner);
    // lets call event handler
    Secret secret = observabilityManager.observabilitySecretResource().get();
    assertNotNull(secret);
    // the mock informermanager should be immediately updated, but it should
    // not be seen as running
    assertNotNull(observabilityManager.cachedObservabilitySecret());
    assertFalse(observabilityManager.isObservabilityRunning());
    assertFalse(secret.getMetadata().getOwnerReferences().isEmpty());
    ObservabilityConfiguration secretConfig = new ObservabilityConfigurationBuilder().withAccessToken(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_ACCESS_TOKEN)))).withChannel(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_CHANNEL)))).withTag(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_TAG)))).withRepository(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_REPOSITORY)))).build();
    // secret verification
    assertEquals(secretConfig, config);
    assertEquals("observability-operator", secret.getMetadata().getLabels().get("configures"));
    // status verification, the Informers do not work in test framework thus direct verification
    secret = ObservabilityManager.createObservabilitySecretBuilder(client.getNamespace(), config).editMetadata().addToAnnotations(ObservabilityManager.OBSERVABILITY_OPERATOR_STATUS, ObservabilityManager.ACCEPTED).endMetadata().build();
    observabilityManager.observabilitySecretResource().createOrReplace(secret);
    secret = observabilityManager.observabilitySecretResource().get();
    assertTrue(ObservabilityManager.isObservabilityStatusAccepted(secret));
    this.observabilityManager.createOrUpdateObservabilitySecret(config, owner);
    // no-op update and make sure the flag is not flipped
    secret = observabilityManager.observabilitySecretResource().get();
    assertTrue(ObservabilityManager.isObservabilityStatusAccepted(secret));
}
Also used : Secret(io.fabric8.kubernetes.api.model.Secret) SecretBuilder(io.fabric8.kubernetes.api.model.SecretBuilder) ObservabilityConfiguration(org.bf2.operator.resources.v1alpha1.ObservabilityConfiguration) ObservabilityConfigurationBuilder(org.bf2.operator.resources.v1alpha1.ObservabilityConfigurationBuilder) QuarkusTest(io.quarkus.test.junit.QuarkusTest) Test(org.junit.jupiter.api.Test)

Example 25 with Operator

use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.

the class OperatorST method deploy.

@BeforeAll
void deploy() throws Exception {
    strimziOperatorManager = new OlmBasedStrimziOperatorManager(kube, StrimziOperatorManager.OPERATOR_NS);
    CompletableFuture.allOf(strimziOperatorManager.deployStrimziOperator(), FleetShardOperatorManager.deployFleetShardOperator(kube)).join();
    // since sync is not installed, manually create the agent resource
    var agentResource = kube.client().resource(new ManagedKafkaAgentBuilder().withNewMetadata().withName(ManagedKafkaAgentResourceClient.RESOURCE_NAME).withNamespace(FleetShardOperatorManager.OPERATOR_NS).endMetadata().withSpec(new ManagedKafkaAgentSpecBuilder().withNewObservability().withAccessToken("").withChannel("").withRepository("").withTag("").endObservability().build()).build());
    agentResource.createOrReplace();
    // the operator will update the status after a while
    strimziVersions = SyncApiClient.getSortedAvailableStrimziVersions(() -> agentResource.fromServer().get().getStatus()).collect(Collectors.toList());
    assertTrue(strimziVersions.size() > 1);
    latestStrimziVersion = strimziVersions.get(strimziVersions.size() - 1);
    latestKafkaVersion = SyncApiClient.getLatestAvailableKafkaVersion(() -> agentResource.fromServer().get().getStatus(), latestStrimziVersion);
}
Also used : ManagedKafkaAgentSpecBuilder(org.bf2.operator.resources.v1alpha1.ManagedKafkaAgentSpecBuilder) ManagedKafkaAgentBuilder(org.bf2.operator.resources.v1alpha1.ManagedKafkaAgentBuilder) BeforeAll(org.junit.jupiter.api.BeforeAll)

Aggregations

Operator (org.bf2.cos.fleetshard.api.Operator)8 ManagedConnector (org.bf2.cos.fleetshard.api.ManagedConnector)6 NamespaceBuilder (io.fabric8.kubernetes.api.model.NamespaceBuilder)5 Secret (io.fabric8.kubernetes.api.model.Secret)5 Map (java.util.Map)5 Test (org.junit.jupiter.api.Test)5 OpenShiftClient (io.fabric8.openshift.client.OpenShiftClient)4 QuarkusTest (io.quarkus.test.junit.QuarkusTest)4 Objects (java.util.Objects)4 Collectors (java.util.stream.Collectors)4 ApplicationScoped (javax.enterprise.context.ApplicationScoped)4 Namespace (io.fabric8.kubernetes.api.model.Namespace)3 SecretBuilder (io.fabric8.kubernetes.api.model.SecretBuilder)3 Deployment (io.fabric8.kubernetes.api.model.apps.Deployment)3 URL (java.net.URL)3 HashMap (java.util.HashMap)3 List (java.util.List)3 OperatorSelector (org.bf2.cos.fleetshard.api.OperatorSelector)3 ArrayNode (com.fasterxml.jackson.databind.node.ArrayNode)2 Condition (io.fabric8.kubernetes.api.model.Condition)2