Search in sources :

Example 1 with ServiceAccount

use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project cos-fleetshard by bf2fc6cc711aee1a0c2a.

the class AbstractOperandController method reify.

@Override
public List<HasMetadata> reify(ManagedConnector connector, Secret secret) {
    LOGGER.debug("Reifying connector: {} and secret.metadata: {}", connector, secret.getMetadata());
    final ServiceAccount serviceAccountSettings = extract(secret, SECRET_ENTRY_SERVICE_ACCOUNT, ServiceAccount.class);
    LOGGER.debug("Extracted serviceAccount {}", serviceAccountSettings == null ? "is null" : "with clientId: " + serviceAccountSettings.getClientId());
    ServiceAccountSpec sas = serviceAccountSettings == null ? new ServiceAccountSpecBuilder().build() : new ServiceAccountSpecBuilder().withClientId(serviceAccountSettings.getClientId()).withClientSecret(serviceAccountSettings.getClientSecret()).build();
    ConnectorConfiguration<S> connectorConfig;
    try {
        connectorConfig = new ConnectorConfiguration<>(extract(secret, SECRET_ENTRY_CONNECTOR, ObjectNode.class), connectorSpecType);
    } catch (IncompleteConnectorSpecException e) {
        throw new RuntimeException("Incomplete connectorSpec for connector \"" + connector.getSpec().getConnectorId() + "@" + connector.getSpec().getDeploymentId() + "#" + connector.getSpec().getDeployment().getDeploymentResourceVersion() + "\": " + e.getLocalizedMessage(), e);
    }
    return doReify(connector, extract(secret, SECRET_ENTRY_META, metadataType), connectorConfig, sas);
}
Also used : IncompleteConnectorSpecException(org.bf2.cos.fleetshard.operator.connector.IncompleteConnectorSpecException) ServiceAccount(org.bf2.cos.fleet.manager.model.ServiceAccount) ServiceAccountSpec(org.bf2.cos.fleetshard.api.ServiceAccountSpec) ServiceAccountSpecBuilder(org.bf2.cos.fleetshard.api.ServiceAccountSpecBuilder)

Example 2 with ServiceAccount

use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project cos-fleetshard by bf2fc6cc711aee1a0c2a.

the class ConnectorTestSupport method createDeployment.

public static ConnectorDeployment createDeployment(long deploymentRevision, Supplier<JsonNode> connectorSpec, Supplier<JsonNode> connectorMeta) {
    final String deploymentId = "did";
    final String connectorId = "cid";
    final String connectorTypeId = "ctid";
    return new ConnectorDeployment().kind("ConnectorDeployment").id(deploymentId).metadata(new ConnectorDeploymentAllOfMetadata().resourceVersion(deploymentRevision)).spec(new ConnectorDeploymentSpec().connectorId(connectorId).connectorTypeId(connectorTypeId).connectorResourceVersion(1L).kafka(new KafkaConnectionSettings().url("kafka.acme.com:2181")).schemaRegistry(new SchemaRegistryConnectionSettings().url("schemaregistry.acme.com:2282")).serviceAccount(new ServiceAccount().clientId(UUID.randomUUID().toString()).clientSecret(toBase64(UUID.randomUUID().toString()))).connectorSpec(connectorSpec.get()).shardMetadata(connectorMeta.get()).desiredState(DESIRED_STATE_READY));
}
Also used : ConnectorDeployment(org.bf2.cos.fleet.manager.model.ConnectorDeployment) ServiceAccount(org.bf2.cos.fleet.manager.model.ServiceAccount) ConnectorDeploymentAllOfMetadata(org.bf2.cos.fleet.manager.model.ConnectorDeploymentAllOfMetadata) ConnectorDeploymentSpec(org.bf2.cos.fleet.manager.model.ConnectorDeploymentSpec) SchemaRegistryConnectionSettings(org.bf2.cos.fleet.manager.model.SchemaRegistryConnectionSettings) KafkaConnectionSettings(org.bf2.cos.fleet.manager.model.KafkaConnectionSettings)

Example 3 with ServiceAccount

use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project kas-fleetshard by bf2fc6cc711aee1a0c2a.

the class KafkaCluster method addKafkaAuthorizerConfig.

private void addKafkaAuthorizerConfig(ManagedKafka managedKafka, Map<String, Object> config) {
    List<String> owners = managedKafka.getSpec().getOwners();
    AtomicInteger aclCount = new AtomicInteger(0);
    AtomicInteger aclLoggingCount = new AtomicInteger(0);
    AccessControl aclConfig = getAclConfig(managedKafka);
    final String configPrefix = aclConfig.getConfigPrefix();
    final String allowedListenersKey = configPrefix + "allowed-listeners";
    final String resourceOperationsKey = configPrefix + "resource-operations";
    final String aclKeyPrefix = configPrefix + "acl";
    final String aclLoggingKeyPrefix = aclKeyPrefix + ".logging";
    final String aclKeyTemplate = aclKeyPrefix + ".%03d";
    final String aclLoggingKeyTemplate = aclLoggingKeyPrefix + ".%03d";
    // Deprecated option: Remove when canary, must-gather, and SRE are configured via ManagedKafka CR
    if (aclConfig.allowedListeners != null) {
        config.put(allowedListenersKey, aclConfig.allowedListeners);
    }
    if (aclConfig.getLoggingSuppressionWindow() != null) {
        String key = aclLoggingKeyPrefix + ".suppressionWindow";
        if (aclConfig.getLoggingSuppressionWindow().getDuration() != null) {
            config.put(key + ".duration", aclConfig.getLoggingSuppressionWindow().getDuration());
        }
        if (aclConfig.getLoggingSuppressionWindow().getApis() != null) {
            config.put(key + ".apis", aclConfig.getLoggingSuppressionWindow().getApis());
        }
        if (aclConfig.getLoggingSuppressionWindow().getEventCount() != null) {
            config.put(key + ".eventCount", aclConfig.getLoggingSuppressionWindow().getEventCount());
        }
    }
    addAcl(aclConfig.getGlobal(), "", aclKeyTemplate, aclCount, config);
    addAcl(aclConfig.getLogging(), "", aclLoggingKeyTemplate, aclLoggingCount, config);
    config.put(resourceOperationsKey, aclConfig.getResourceOperations());
    for (String owner : owners) {
        addAcl(aclConfig.getOwner(), owner, aclKeyTemplate, aclCount, config);
    }
    Objects.requireNonNullElse(managedKafka.getSpec().getServiceAccounts(), Collections.<ServiceAccount>emptyList()).stream().forEach(account -> {
        String aclKey = String.format(SERVICE_ACCOUNT_KEY, account.getName());
        applicationConfig.getOptionalValue(aclKey, String.class).ifPresent(acl -> addAcl(acl, account.getPrincipal(), aclKeyTemplate, aclCount, config));
    });
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) AccessControl(org.bf2.operator.operands.KafkaInstanceConfiguration.AccessControl)

Example 4 with ServiceAccount

use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project gapic-generator-java by googleapis.

the class AsyncGetServiceAccount method asyncGetServiceAccount.

public static void asyncGetServiceAccount() throws Exception {
    // It may require modifications to work in your environment.
    try (StorageClient storageClient = StorageClient.create()) {
        GetServiceAccountRequest request = GetServiceAccountRequest.newBuilder().setProject(ProjectName.of("[PROJECT]").toString()).setCommonRequestParams(CommonRequestParams.newBuilder().build()).build();
        ApiFuture<ServiceAccount> future = storageClient.getServiceAccountCallable().futureCall(request);
        // Do something.
        ServiceAccount response = future.get();
    }
}
Also used : ServiceAccount(com.google.storage.v2.ServiceAccount) StorageClient(com.google.storage.v2.StorageClient) GetServiceAccountRequest(com.google.storage.v2.GetServiceAccountRequest)

Example 5 with ServiceAccount

use of org.bf2.operator.resources.v1alpha1.ServiceAccount in project gapic-generator-java by googleapis.

the class SyncGetServiceAccount method syncGetServiceAccount.

public static void syncGetServiceAccount() throws Exception {
    // It may require modifications to work in your environment.
    try (StorageClient storageClient = StorageClient.create()) {
        GetServiceAccountRequest request = GetServiceAccountRequest.newBuilder().setProject(ProjectName.of("[PROJECT]").toString()).setCommonRequestParams(CommonRequestParams.newBuilder().build()).build();
        ServiceAccount response = storageClient.getServiceAccount(request);
    }
}
Also used : ServiceAccount(com.google.storage.v2.ServiceAccount) StorageClient(com.google.storage.v2.StorageClient) GetServiceAccountRequest(com.google.storage.v2.GetServiceAccountRequest)

Aggregations

ServiceAccount (com.google.storage.v2.ServiceAccount)4 StorageClient (com.google.storage.v2.StorageClient)4 ServiceAccount (com.marcnuri.yakc.model.io.k8s.api.core.v1.ServiceAccount)3 Test (org.junit.jupiter.api.Test)3 GetServiceAccountRequest (com.google.storage.v2.GetServiceAccountRequest)2 ServiceAccount (org.bf2.cos.fleet.manager.model.ServiceAccount)2 DisplayName (org.junit.jupiter.api.DisplayName)2 ProjectName (com.google.storage.v2.ProjectName)1 KC (com.marcnuri.yakc.KubernetesClientExtension.KC)1 CoreV1Api (com.marcnuri.yakc.api.core.v1.CoreV1Api)1 Configuration (com.marcnuri.yakc.config.Configuration)1 Node (com.marcnuri.yakc.model.io.k8s.api.core.v1.Node)1 ObjectReference (com.marcnuri.yakc.model.io.k8s.api.core.v1.ObjectReference)1 Secret (com.marcnuri.yakc.model.io.k8s.api.core.v1.Secret)1 ObjectMeta (com.marcnuri.yakc.model.io.k8s.apimachinery.pkg.apis.meta.v1.ObjectMeta)1 Quantity (io.fabric8.kubernetes.api.model.Quantity)1 IOException (java.io.IOException)1 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)1 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)1 ConnectorDeployment (org.bf2.cos.fleet.manager.model.ConnectorDeployment)1