use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.
the class KeycloakOperatorManager method installKeycloak.
public static CompletableFuture<Void> installKeycloak(KubeClient kubeClient) throws Exception {
if (SystemTestEnvironment.INSTALL_KEYCLOAK) {
LOGGER.info("Installing Keycloak : {}", OPERATOR_NS);
kubeClient.client().namespaces().createOrReplace(new NamespaceBuilder().withNewMetadata().withName(OPERATOR_NS).endMetadata().build());
SecurityUtils.TlsConfig tls = SecurityUtils.getTLSConfig(OPERATOR_NS + ".svc");
Secret keycloakCert = new SecretBuilder().withNewMetadata().withName("sso-x509-https-secret").withNamespace(OPERATOR_NS).endMetadata().withType("kubernetes.io/tls").withData(Map.of("tls.crt", new String(Base64.getEncoder().encode(tls.getCert().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8), "tls.key", new String(Base64.getEncoder().encode(tls.getKey().getBytes(StandardCharsets.UTF_8)), StandardCharsets.UTF_8))).build();
kubeClient.client().secrets().inNamespace(OPERATOR_NS).createOrReplace(keycloakCert);
List<String> keycloakInstallFiles = Arrays.asList("https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/service_account.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/role_binding.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/role.yaml", "https://raw.githubusercontent.com/keycloak/keycloak-operator/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/cluster_roles/cluster_role_binding.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/cluster_roles/cluster_role.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakbackups_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakclients_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakrealms_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloaks_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/crds/keycloak.org_keycloakusers_crd.yaml", "https://github.com/keycloak/keycloak-operator/raw/" + SystemTestEnvironment.KEYCLOAK_VERSION + "/deploy/operator.yaml");
for (String urlString : keycloakInstallFiles) {
URL url = new URL(urlString);
INSTALLED_RESOURCES.add(kubeClient.client().load(url.openStream()).get().get(0));
}
for (HasMetadata resource : INSTALLED_RESOURCES) {
resource.getMetadata().setNamespace(OPERATOR_NS);
kubeClient.client().resource(resource).inNamespace(OPERATOR_NS).createOrReplace();
}
kubeClient.cmdClient().namespace(OPERATOR_NS).execInCurrentNamespace("apply", "-f", Paths.get(Environment.SUITE_ROOT, "src", "main", "resources", "keycloak.yml").toAbsolutePath().toString());
LOGGER.info("Done installing Keycloak : {}", OPERATOR_NS);
return TestUtils.asyncWaitFor("Keycloak instance ready", 1_000, 600_000, () -> TestUtils.isPodReady(KubeClient.getInstance().client().pods().inNamespace(OPERATOR_NS).list().getItems().stream().filter(pod -> pod.getMetadata().getName().contains("keycloak-0")).findFirst().orElse(null)));
} else {
LOGGER.info("Keycloak is not installed suite will use values from env vars for oauth");
return CompletableFuture.completedFuture(null);
}
}
use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.
the class StrimziOperatorManager method doInstall.
protected CompletableFuture<Void> doInstall(KubeClient kubeClient) throws IOException {
LOGGER.info("Installing Strimzi : {} version: {}", operatorNs, version);
Namespace namespace = new NamespaceBuilder().withNewMetadata().withName(operatorNs).endMetadata().build();
kubeClient.client().namespaces().createOrReplace(namespace);
URL url = new URL(String.format(STRIMZI_URL_FORMAT, version));
// modify namespaces, convert rolebinding to clusterrolebindings, update deployment if needed
String crbID = UUID.randomUUID().toString().substring(0, 5);
kubeClient.apply(operatorNs, url.openStream(), i -> {
if (i instanceof Namespaced) {
i.getMetadata().setNamespace(operatorNs);
}
if (i instanceof ClusterRoleBinding) {
ClusterRoleBinding crb = (ClusterRoleBinding) i;
crb.getSubjects().forEach(sbj -> sbj.setNamespace(operatorNs));
crb.getMetadata().setName(crb.getMetadata().getName() + "." + operatorNs);
clusterWideResourceDeleters.add(unused -> {
kubeClient.client().rbac().clusterRoleBindings().withName(crb.getMetadata().getName()).delete();
});
} else if (i instanceof RoleBinding) {
RoleBinding rb = (RoleBinding) i;
rb.getSubjects().forEach(sbj -> sbj.setNamespace(operatorNs));
ClusterRoleBinding crb = new ClusterRoleBindingBuilder().withNewMetadata().withName(rb.getMetadata().getName() + "-all-ns-" + crbID).withAnnotations(rb.getMetadata().getAnnotations()).withLabels(rb.getMetadata().getLabels()).endMetadata().withRoleRef(rb.getRoleRef()).withSubjects(rb.getSubjects()).build();
LOGGER.info("Creating {} named {}", crb.getKind(), crb.getMetadata().getName());
kubeClient.client().rbac().clusterRoleBindings().createOrReplace(crb);
clusterWideResourceDeleters.add(unused -> {
kubeClient.client().rbac().clusterRoleBindings().withName(crb.getMetadata().getName()).delete();
});
} else if (i instanceof Deployment && "strimzi-cluster-operator".equals(i.getMetadata().getName())) {
modifyDeployment((Deployment) i);
}
return i;
});
LOGGER.info("Done installing Strimzi : {}", operatorNs);
return TestUtils.asyncWaitFor("Strimzi operator ready", 1_000, FleetShardOperatorManager.INSTALL_TIMEOUT_MS, () -> isReady(kubeClient, operatorNs, version));
}
use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.
the class StrimziOperatorManager method getPreviousUpstreamStrimziVersion.
public static String getPreviousUpstreamStrimziVersion(String actualVersion) throws InterruptedException, ExecutionException {
if (!isNotTestSuiteStrimziOperatorInstalled(KubeClient.getInstance())) {
List<String> sortedReleases = Arrays.stream(GithubApiClient.getReleases("strimzi", "strimzi-kafka-operator")).filter(a -> !(a.prerelease || a.draft)).sorted((a, b) -> {
ComparableVersion aVersion = new ComparableVersion(a.name);
ComparableVersion bVersion = new ComparableVersion(b.name);
return aVersion.compareTo(bVersion);
}).map(a -> a.name).collect(Collectors.toList());
return sortedReleases.get(sortedReleases.indexOf(actualVersion) - 1);
}
return "";
}
use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.
the class ObservabilityManagerTest method testObservabilitySecret.
@Test
public void testObservabilitySecret() {
client.getConfiguration().setNamespace("test");
ObservabilityConfiguration config = new ObservabilityConfigurationBuilder().withAccessToken("test-token").withChannel("test").withRepository("test-repo").withTag("tag").build();
String ownerName = "SampleOwner";
Secret owner = client.secrets().inNamespace(client.getNamespace()).withName(ownerName).create(new SecretBuilder().withNewMetadata().withNamespace(client.getNamespace()).withName(ownerName).endMetadata().addToData("key", "value").build());
this.observabilityManager.createOrUpdateObservabilitySecret(config, owner);
// lets call event handler
Secret secret = observabilityManager.observabilitySecretResource().get();
assertNotNull(secret);
// the mock informermanager should be immediately updated, but it should
// not be seen as running
assertNotNull(observabilityManager.cachedObservabilitySecret());
assertFalse(observabilityManager.isObservabilityRunning());
assertFalse(secret.getMetadata().getOwnerReferences().isEmpty());
ObservabilityConfiguration secretConfig = new ObservabilityConfigurationBuilder().withAccessToken(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_ACCESS_TOKEN)))).withChannel(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_CHANNEL)))).withTag(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_TAG)))).withRepository(new String(decoder.decode(secret.getData().get(ObservabilityManager.OBSERVABILITY_REPOSITORY)))).build();
// secret verification
assertEquals(secretConfig, config);
assertEquals("observability-operator", secret.getMetadata().getLabels().get("configures"));
// status verification, the Informers do not work in test framework thus direct verification
secret = ObservabilityManager.createObservabilitySecretBuilder(client.getNamespace(), config).editMetadata().addToAnnotations(ObservabilityManager.OBSERVABILITY_OPERATOR_STATUS, ObservabilityManager.ACCEPTED).endMetadata().build();
observabilityManager.observabilitySecretResource().createOrReplace(secret);
secret = observabilityManager.observabilitySecretResource().get();
assertTrue(ObservabilityManager.isObservabilityStatusAccepted(secret));
this.observabilityManager.createOrUpdateObservabilitySecret(config, owner);
// no-op update and make sure the flag is not flipped
secret = observabilityManager.observabilitySecretResource().get();
assertTrue(ObservabilityManager.isObservabilityStatusAccepted(secret));
}
use of org.bf2.cos.fleetshard.api.Operator in project kas-fleetshard by bf2fc6cc711aee1a0c2a.
the class OperatorST method deploy.
@BeforeAll
void deploy() throws Exception {
strimziOperatorManager = new OlmBasedStrimziOperatorManager(kube, StrimziOperatorManager.OPERATOR_NS);
CompletableFuture.allOf(strimziOperatorManager.deployStrimziOperator(), FleetShardOperatorManager.deployFleetShardOperator(kube)).join();
// since sync is not installed, manually create the agent resource
var agentResource = kube.client().resource(new ManagedKafkaAgentBuilder().withNewMetadata().withName(ManagedKafkaAgentResourceClient.RESOURCE_NAME).withNamespace(FleetShardOperatorManager.OPERATOR_NS).endMetadata().withSpec(new ManagedKafkaAgentSpecBuilder().withNewObservability().withAccessToken("").withChannel("").withRepository("").withTag("").endObservability().build()).build());
agentResource.createOrReplace();
// the operator will update the status after a while
strimziVersions = SyncApiClient.getSortedAvailableStrimziVersions(() -> agentResource.fromServer().get().getStatus()).collect(Collectors.toList());
assertTrue(strimziVersions.size() > 1);
latestStrimziVersion = strimziVersions.get(strimziVersions.size() - 1);
latestKafkaVersion = SyncApiClient.getLatestAvailableKafkaVersion(() -> agentResource.fromServer().get().getStatus(), latestStrimziVersion);
}
Aggregations