Search in sources :

Example 46 with RuntimeIdentityImpl

use of org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl in project devspaces-images by redhat-developer.

the class KubernetesNamespaceFactoryTest method shouldNotCreatePreferencesConfigmapIfExists.

@Test
public void shouldNotCreatePreferencesConfigmapIfExists() throws Exception {
    // given
    namespaceFactory = spy(new KubernetesNamespaceFactory("<username>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, emptySet(), clientFactory, cheClientFactory, userManager, preferenceManager, pool));
    KubernetesNamespace toReturnNamespace = mock(KubernetesNamespace.class);
    prepareNamespace(toReturnNamespace);
    doReturn(toReturnNamespace).when(namespaceFactory).doCreateNamespaceAccess(any(), any());
    MixedOperation mixedOperation = mock(MixedOperation.class);
    lenient().when(k8sClient.configMaps()).thenReturn(mixedOperation);
    lenient().when(mixedOperation.inNamespace(anyString())).thenReturn(namespaceOperation);
    // when
    RuntimeIdentity identity = new RuntimeIdentityImpl("workspace123", null, USER_ID, "workspace123");
    namespaceFactory.getOrCreate(identity);
    // then
    verify(namespaceOperation, never()).create(any());
}
Also used : RuntimeIdentity(org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity) MixedOperation(io.fabric8.kubernetes.client.dsl.MixedOperation) RuntimeIdentityImpl(org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl) Test(org.testng.annotations.Test)

Example 47 with RuntimeIdentityImpl

use of org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl in project devspaces-images by redhat-developer.

the class KubernetesNamespaceFactoryTest method shouldCreateExecAndViewRolesAndBindings.

@Test
public void shouldCreateExecAndViewRolesAndBindings() throws Exception {
    // given
    namespaceFactory = spy(new KubernetesNamespaceFactory("<username>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, Set.of(new WorkspaceServiceAccountConfigurator("serviceAccount", "", clientFactory)), clientFactory, cheClientFactory, userManager, preferenceManager, pool));
    KubernetesNamespace toReturnNamespace = mock(KubernetesNamespace.class);
    prepareNamespace(toReturnNamespace);
    when(toReturnNamespace.getName()).thenReturn("workspace123");
    doReturn(toReturnNamespace).when(namespaceFactory).doCreateNamespaceAccess(any(), any());
    when(k8sClient.supportsApiPath(eq("/apis/metrics.k8s.io"))).thenReturn(true);
    when(clientFactory.create(any())).thenReturn(k8sClient);
    when(cheClientFactory.create()).thenReturn(k8sClient);
    // when
    RuntimeIdentity identity = new RuntimeIdentityImpl("workspace123", null, USER_ID, "workspace123");
    namespaceFactory.getOrCreate(identity);
    // then
    ServiceAccountList sas = k8sClient.serviceAccounts().inNamespace("workspace123").list();
    assertEquals(sas.getItems().size(), 1);
    assertEquals(sas.getItems().get(0).getMetadata().getName(), "serviceAccount");
    RoleList roles = k8sClient.rbac().roles().inNamespace("workspace123").list();
    assertEquals(roles.getItems().stream().map(r -> r.getMetadata().getName()).collect(Collectors.toSet()), Sets.newHashSet("workspace-configmaps", "workspace-view", "workspace-metrics", "workspace-secrets", "exec"));
    Role role1 = roles.getItems().get(0);
    Role role2 = roles.getItems().get(1);
    assertFalse(role1.getRules().containsAll(role2.getRules()) && role2.getRules().containsAll(role1.getRules()), "exec and view roles should not be the same");
    RoleBindingList bindings = k8sClient.rbac().roleBindings().inNamespace("workspace123").list();
    assertEquals(bindings.getItems().stream().map(r -> r.getMetadata().getName()).collect(Collectors.toSet()), Sets.newHashSet("serviceAccount-metrics", "serviceAccount-view", "serviceAccount-exec", "serviceAccount-configmaps", "serviceAccount-secrets"));
}
Also used : RuntimeIdentity(org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity) Role(io.fabric8.kubernetes.api.model.rbac.Role) WorkspaceServiceAccountConfigurator(org.eclipse.che.workspace.infrastructure.kubernetes.namespace.configurator.WorkspaceServiceAccountConfigurator) RoleList(io.fabric8.kubernetes.api.model.rbac.RoleList) RoleBindingList(io.fabric8.kubernetes.api.model.rbac.RoleBindingList) RuntimeIdentityImpl(org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl) ServiceAccountList(io.fabric8.kubernetes.api.model.ServiceAccountList) Test(org.testng.annotations.Test)

Example 48 with RuntimeIdentityImpl

use of org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl in project devspaces-images by redhat-developer.

the class KubernetesNamespaceFactoryTest method testAllConfiguratorsAreCalledWhenCreatingNamespace.

@Test
public void testAllConfiguratorsAreCalledWhenCreatingNamespace() throws InfrastructureException {
    // given
    String namespaceName = "testNamespaceName";
    NamespaceConfigurator configurator1 = Mockito.mock(NamespaceConfigurator.class);
    NamespaceConfigurator configurator2 = Mockito.mock(NamespaceConfigurator.class);
    Set<NamespaceConfigurator> namespaceConfigurators = Set.of(configurator1, configurator2);
    namespaceFactory = spy(new KubernetesNamespaceFactory("<username>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, namespaceConfigurators, clientFactory, cheClientFactory, userManager, preferenceManager, pool));
    EnvironmentContext.getCurrent().setSubject(new SubjectImpl("jondoe", "123", null, false));
    KubernetesNamespace toReturnNamespace = mock(KubernetesNamespace.class);
    when(toReturnNamespace.getName()).thenReturn(namespaceName);
    RuntimeIdentity identity = new RuntimeIdentityImpl("workspace123", null, USER_ID, "old-che");
    doReturn(toReturnNamespace).when(namespaceFactory).get(identity);
    // when
    KubernetesNamespace namespace = namespaceFactory.getOrCreate(identity);
    // then
    NamespaceResolutionContext resolutionCtx = new NamespaceResolutionContext("workspace123", "123", "jondoe");
    verify(configurator1).configure(resolutionCtx, namespaceName);
    verify(configurator2).configure(resolutionCtx, namespaceName);
    assertEquals(namespace, toReturnNamespace);
}
Also used : RuntimeIdentity(org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity) NamespaceResolutionContext(org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext) NamespaceConfigurator(org.eclipse.che.workspace.infrastructure.kubernetes.namespace.configurator.NamespaceConfigurator) ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString) SubjectImpl(org.eclipse.che.commons.subject.SubjectImpl) RuntimeIdentityImpl(org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl) Test(org.testng.annotations.Test)

Example 49 with RuntimeIdentityImpl

use of org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl in project devspaces-images by redhat-developer.

the class KubernetesNamespaceFactoryTest method shouldCreateCredentialsSecretIfNotExists.

@Test
public void shouldCreateCredentialsSecretIfNotExists() throws Exception {
    // given
    namespaceFactory = spy(new KubernetesNamespaceFactory("<username>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, Set.of(new CredentialsSecretConfigurator(clientFactory)), clientFactory, cheClientFactory, userManager, preferenceManager, pool));
    KubernetesNamespace toReturnNamespace = mock(KubernetesNamespace.class);
    when(toReturnNamespace.getName()).thenReturn("namespaceName");
    doReturn(toReturnNamespace).when(namespaceFactory).doCreateNamespaceAccess(any(), any());
    MixedOperation mixedOperation = mock(MixedOperation.class);
    when(k8sClient.secrets()).thenReturn(mixedOperation);
    when(mixedOperation.inNamespace(anyString())).thenReturn(namespaceOperation);
    when(namespaceResource.get()).thenReturn(null);
    when(cheClientFactory.create()).thenReturn(k8sClient);
    when(clientFactory.create()).thenReturn(k8sClient);
    // when
    RuntimeIdentity identity = new RuntimeIdentityImpl("workspace123", null, USER_ID, "workspace123");
    namespaceFactory.getOrCreate(identity);
    // then
    ArgumentCaptor<Secret> secretsCaptor = ArgumentCaptor.forClass(Secret.class);
    verify(namespaceOperation).create(secretsCaptor.capture());
    Secret secret = secretsCaptor.getValue();
    Assert.assertEquals(secret.getMetadata().getName(), CREDENTIALS_SECRET_NAME);
    Assert.assertEquals(secret.getType(), "opaque");
}
Also used : CredentialsSecretConfigurator(org.eclipse.che.workspace.infrastructure.kubernetes.namespace.configurator.CredentialsSecretConfigurator) RuntimeIdentity(org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity) Secret(io.fabric8.kubernetes.api.model.Secret) MixedOperation(io.fabric8.kubernetes.client.dsl.MixedOperation) RuntimeIdentityImpl(org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl) Test(org.testng.annotations.Test)

Example 50 with RuntimeIdentityImpl

use of org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl in project devspaces-images by redhat-developer.

the class KubernetesNamespaceFactoryTest method shouldNotCreateCredentialsSecretIfExists.

@Test
public void shouldNotCreateCredentialsSecretIfExists() throws Exception {
    // given
    namespaceFactory = spy(new KubernetesNamespaceFactory("<username>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, emptySet(), clientFactory, cheClientFactory, userManager, preferenceManager, pool));
    KubernetesNamespace toReturnNamespace = mock(KubernetesNamespace.class);
    prepareNamespace(toReturnNamespace);
    doReturn(toReturnNamespace).when(namespaceFactory).doCreateNamespaceAccess(any(), any());
    MixedOperation mixedOperation = mock(MixedOperation.class);
    lenient().when(k8sClient.secrets()).thenReturn(mixedOperation);
    lenient().when(mixedOperation.inNamespace(anyString())).thenReturn(namespaceOperation);
    // when
    RuntimeIdentity identity = new RuntimeIdentityImpl("workspace123", null, USER_ID, "workspace123");
    namespaceFactory.getOrCreate(identity);
    // then
    verify(namespaceOperation, never()).create(any());
}
Also used : RuntimeIdentity(org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity) MixedOperation(io.fabric8.kubernetes.client.dsl.MixedOperation) RuntimeIdentityImpl(org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl) Test(org.testng.annotations.Test)

Aggregations

RuntimeIdentityImpl (org.eclipse.che.api.workspace.server.model.impl.RuntimeIdentityImpl)98 Test (org.testng.annotations.Test)92 RuntimeIdentity (org.eclipse.che.api.core.model.workspace.runtime.RuntimeIdentity)68 WorkspaceImpl (org.eclipse.che.api.workspace.server.model.impl.WorkspaceImpl)22 MixedOperation (io.fabric8.kubernetes.client.dsl.MixedOperation)18 RuntimeContext (org.eclipse.che.api.workspace.server.spi.RuntimeContext)18 InternalEnvironment (org.eclipse.che.api.workspace.server.spi.environment.InternalEnvironment)16 InfrastructureException (org.eclipse.che.api.workspace.server.spi.InfrastructureException)14 SubjectImpl (org.eclipse.che.commons.subject.SubjectImpl)12 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)12 NonNamespaceOperation (io.fabric8.kubernetes.client.dsl.NonNamespaceOperation)10 ConfigMap (io.fabric8.kubernetes.api.model.ConfigMap)8 Secret (io.fabric8.kubernetes.api.model.Secret)8 ValidationException (org.eclipse.che.api.core.ValidationException)8 Environment (org.eclipse.che.api.core.model.workspace.config.Environment)8 EventService (org.eclipse.che.api.core.notification.EventService)8 InternalInfrastructureException (org.eclipse.che.api.workspace.server.spi.InternalInfrastructureException)8 CredentialsSecretConfigurator (org.eclipse.che.workspace.infrastructure.kubernetes.namespace.configurator.CredentialsSecretConfigurator)8 PreferencesConfigMapConfigurator (org.eclipse.che.workspace.infrastructure.kubernetes.namespace.configurator.PreferencesConfigMapConfigurator)8 WorkspaceServiceAccountConfigurator (org.eclipse.che.workspace.infrastructure.kubernetes.namespace.configurator.WorkspaceServiceAccountConfigurator)8