Example 16 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project devspaces-images by redhat-developer.
the class KubernetesGitCredentialManagerTest method testCreateAndSaveNewOAuthGitCredential.
@Test
public void testCreateAndSaveNewOAuthGitCredential() throws Exception {
KubernetesNamespaceMeta meta = new KubernetesNamespaceMetaImpl("test");
when(namespaceFactory.list()).thenReturn(Collections.singletonList(meta));
when(clientFactory.create()).thenReturn(kubeClient);
when(kubeClient.secrets()).thenReturn(secretsMixedOperation);
when(secretsMixedOperation.inNamespace(eq(meta.getName()))).thenReturn(nonNamespaceOperation);
when(nonNamespaceOperation.withLabels(anyMap())).thenReturn(filterWatchDeletable);
when(filterWatchDeletable.list()).thenReturn(secretList);
when(secretList.getItems()).thenReturn(emptyList());
ArgumentCaptor<Secret> captor = ArgumentCaptor.forClass(Secret.class);
PersonalAccessToken token = new PersonalAccessToken("https://bitbucket.com", "cheUser", "username", "userId", "oauth2-token-name", "tid-23434", "token123");
// when
kubernetesGitCredentialManager.createOrReplace(token);
// then
verify(nonNamespaceOperation).createOrReplace(captor.capture());
Secret createdSecret = captor.getValue();
assertNotNull(createdSecret);
assertEquals(new String(Base64.getDecoder().decode(createdSecret.getData().get("credentials"))), "https://oauth2:token123@bitbucket.com");
assertTrue(createdSecret.getMetadata().getName().startsWith(NAME_PATTERN));
assertFalse(createdSecret.getMetadata().getName().contains(token.getScmUserName()));
}
Also used :
Secret(io.fabric8.kubernetes.api.model.Secret)
KubernetesNamespaceMetaImpl(org.eclipse.che.workspace.infrastructure.kubernetes.api.server.impls.KubernetesNamespaceMetaImpl)
PersonalAccessToken(org.eclipse.che.api.factory.server.scm.PersonalAccessToken)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
Test(org.testng.annotations.Test)
Example 17 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project devspaces-images by redhat-developer.
the class OpenShiftProjectFactoryTest method shouldReturnDefaultProjectWhenItExistsAndUserDefinedIsNotAllowed.
@Test
public void shouldReturnDefaultProjectWhenItExistsAndUserDefinedIsNotAllowed() throws Exception {
prepareNamespaceToBeFoundByName(USER_NAME + "-che", new ProjectBuilder().withNewMetadata().withName(USER_NAME + "-che").withAnnotations(ImmutableMap.of(PROJECT_DISPLAY_NAME_ANNOTATION, "Default Che Project", PROJECT_DESCRIPTION_ANNOTATION, "some description")).endMetadata().withNewStatus().withPhase("Active").endStatus().build());
projectFactory = new OpenShiftProjectFactory("<username>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, true, emptySet(), clientFactory, cheClientFactory, cheServerOpenshiftClientFactory, userManager, preferenceManager, pool, NO_OAUTH_IDENTITY_PROVIDER);
List<KubernetesNamespaceMeta> availableNamespaces = projectFactory.list();
assertEquals(availableNamespaces.size(), 1);
KubernetesNamespaceMeta defaultNamespace = availableNamespaces.get(0);
assertEquals(defaultNamespace.getName(), USER_NAME + "-che");
assertEquals(defaultNamespace.getAttributes().get(DEFAULT_ATTRIBUTE), "true");
assertEquals(defaultNamespace.getAttributes().get(PROJECT_DISPLAY_NAME_ATTRIBUTE), "Default Che Project");
assertEquals(defaultNamespace.getAttributes().get(PROJECT_DESCRIPTION_ATTRIBUTE), "some description");
assertEquals(defaultNamespace.getAttributes().get(PHASE_ATTRIBUTE), "Active");
}
Also used :
ProjectBuilder(io.fabric8.openshift.api.model.ProjectBuilder)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
Test(org.testng.annotations.Test)
Example 18 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project devspaces-images by redhat-developer.
the class OpenShiftProjectFactoryTest method shouldNotThrowAnExceptionWhenNotAllowedToListNamespaces.
@Test
public void shouldNotThrowAnExceptionWhenNotAllowedToListNamespaces() throws Exception {
// given
Project p = createProject("ns1", "project1", "desc1", "Active");
doThrow(new KubernetesClientException("Not allowed.", 403, new Status())).when(projectList).getItems();
prepareNamespaceToBeFoundByName("u123-che", p);
projectFactory = new OpenShiftProjectFactory("<userid>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, true, emptySet(), clientFactory, cheClientFactory, cheServerOpenshiftClientFactory, userManager, preferenceManager, pool, NO_OAUTH_IDENTITY_PROVIDER);
EnvironmentContext.getCurrent().setSubject(new SubjectImpl("jondoe", "u123", null, false));
// when
List<KubernetesNamespaceMeta> availableNamespaces = projectFactory.list();
// then
assertEquals(availableNamespaces.get(0).getName(), "ns1");
}
Also used :
Status(io.fabric8.kubernetes.api.model.Status)
Project(io.fabric8.openshift.api.model.Project)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
SubjectImpl(org.eclipse.che.commons.subject.SubjectImpl)
KubernetesClientException(io.fabric8.kubernetes.client.KubernetesClientException)
Test(org.testng.annotations.Test)
Example 19 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project devspaces-images by redhat-developer.
the class KubernetesNamespaceFactory method list.
/**
* Returns list of k8s namespaces names where a user is able to run workspaces.
*/
public List<KubernetesNamespaceMeta> list() throws InfrastructureException {
NamespaceResolutionContext resolutionCtx = new NamespaceResolutionContext(EnvironmentContext.getCurrent().getSubject());
List<KubernetesNamespaceMeta> labeledNamespaces = findPreparedNamespaces(resolutionCtx);
if (!labeledNamespaces.isEmpty()) {
return labeledNamespaces;
} else {
return singletonList(getDefaultNamespace(resolutionCtx));
}
}
Also used :
NamespaceResolutionContext(org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
Example 20 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project devspaces-images by redhat-developer.
the class KubernetesNamespaceFactory method checkIfNamespaceIsAllowed.
/**
* Checks if the current user is able to use the specified namespace for their new workspaces.
*
* @param namespaceName namespace name to check
* @throws ValidationException if the specified namespace is not permitted for the current user
*/
public void checkIfNamespaceIsAllowed(String namespaceName) throws ValidationException {
NamespaceResolutionContext context = new NamespaceResolutionContext(EnvironmentContext.getCurrent().getSubject());
final String defaultNamespace = findStoredNamespace(context).orElse(evalPlaceholders(defaultNamespaceName, context));
if (!namespaceName.equals(defaultNamespace)) {
try {
List<KubernetesNamespaceMeta> labeledNamespaces = findPreparedNamespaces(context);
if (labeledNamespaces.stream().noneMatch(n -> n.getName().equals(namespaceName))) {
throw new ValidationException(format("User defined namespaces are not allowed. Only the default namespace '%s' is available.", defaultNamespace));
}
} catch (InfrastructureException e) {
throw new ValidationException("Some infrastructure failure caused failed validation.", e);
}
}
}
Also used :
NamespaceResolutionContext(org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext)
ValidationException(org.eclipse.che.api.core.ValidationException)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)
Aggregations
KubernetesNamespaceMeta (org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)42
Test (org.testng.annotations.Test)34
KubernetesNamespaceMetaImpl (org.eclipse.che.workspace.infrastructure.kubernetes.api.server.impls.KubernetesNamespaceMetaImpl)20
Secret (io.fabric8.kubernetes.api.model.Secret)18
PersonalAccessToken (org.eclipse.che.api.factory.server.scm.PersonalAccessToken)18
SubjectImpl (org.eclipse.che.commons.subject.SubjectImpl)16
ObjectMeta (io.fabric8.kubernetes.api.model.ObjectMeta)10
ObjectMetaBuilder (io.fabric8.kubernetes.api.model.ObjectMetaBuilder)10
SecretBuilder (io.fabric8.kubernetes.api.model.SecretBuilder)10
LabelSelector (io.fabric8.kubernetes.api.model.LabelSelector)8
KubernetesNamespace (org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespace)8
KubernetesSecrets (org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesSecrets)8
NamespaceBuilder (io.fabric8.kubernetes.api.model.NamespaceBuilder)6
KubernetesClientException (io.fabric8.kubernetes.client.KubernetesClientException)6
NamespaceResolutionContext (org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext)6
Namespace (io.fabric8.kubernetes.api.model.Namespace)4
Status (io.fabric8.kubernetes.api.model.Status)4
InfrastructureException (org.eclipse.che.api.workspace.server.spi.InfrastructureException)4
Project (io.fabric8.openshift.api.model.Project)3
SecretList (io.fabric8.kubernetes.api.model.SecretList)2
