diff --git a/ozgcloud-elastic-operator/src/main/java/de/ozgcloud/operator/common/kubernetes/KubernetesService.java b/ozgcloud-elastic-operator/src/main/java/de/ozgcloud/operator/common/kubernetes/KubernetesService.java
index ef03ab17b6676cec9ce0c5c3e0718180aa18e8f0..c0cffc712d6d1992d92e190741353f4ab317dc6d 100644
--- a/ozgcloud-elastic-operator/src/main/java/de/ozgcloud/operator/common/kubernetes/KubernetesService.java
+++ b/ozgcloud-elastic-operator/src/main/java/de/ozgcloud/operator/common/kubernetes/KubernetesService.java
@@ -1,15 +1,8 @@
package de.ozgcloud.operator.common.kubernetes;
-import java.util.Objects;
-
import org.springframework.stereotype.Component;
-import io.fabric8.kubernetes.api.model.EnvVar;
-import io.fabric8.kubernetes.api.model.EnvVarBuilder;
-import io.fabric8.kubernetes.api.model.Pod;
import io.fabric8.kubernetes.api.model.Secret;
-import io.fabric8.kubernetes.api.model.batch.v1.Job;
-import io.fabric8.kubernetes.api.model.batch.v1.JobBuilder;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.dsl.Resource;
import lombok.RequiredArgsConstructor;
@@ -20,165 +13,7 @@ public class KubernetesService {
private final KubernetesClient client;
- public boolean existNamespace(String namespace) {
- return Objects.nonNull(client.namespaces().withName(namespace).get());
- }
-
public Resource<Secret> getSecretResource(String namespace, String name) {
return client.secrets().inNamespace(namespace).withName(name);
}
-
-
- //PoC
- public Pod doInPod(String namespace, String podName) {
-
-// client.batch().v1().jobs().inNamespace(namespace).createOrReplace(job);
- client.batch().v1().raw(podName);
-
-
- return client.pods().inNamespace(namespace).withName(podName).get();
- }
-
- public void executeJob(String namespace) {
- var ELASTIC_USER_SECRET_NAME = "ozg-search-cluster-es-elastic-user";
- var ELASTIC_SYSTEM_NAMESPACE = "elastic-system";
- var ELASTIC_USER_SECRET_ELASTIC = "elastic";
- var secretResource = getSecretResource(ELASTIC_SYSTEM_NAMESPACE, ELASTIC_USER_SECRET_NAME);
-
- if(Objects.isNull(secretResource.get())) {
- //Error - elastic-system namespace secret not exists
- }
-
-
- var password = secretResource.get().getStringData().get(ELASTIC_USER_SECRET_ELASTIC);
- var jobEnvs = buildEnvVars(namespace, password);
- }
-
- private Job buildJob(String jobName) {
- return new JobBuilder()
- .withApiVersion("batch/v1")
- .withNewMetadata()
- .withName(jobName)
- .endMetadata()
- .withNewSpec()
- .withBackoffLimit(4)//TOCHECK: notwendig? wofür?
- .withNewTemplate()
- .withNewSpec()
- .withRestartPolicy("Never")
- //containers START
- .addNewContainer()
- .withName("es-create-access")
- .withImage("manusant/curl-jq")
- .withEnv(buildEnvVars("password", "namespace"))
-
-
-
-
- .withCommand("/bin/sh", "-c")
- .withArgs("echo \"Job started\"; i=1; while [ $i -le $MAX_COUNT ]; do echo $i; i=$((i+1)) ; sleep 1;done; echo \"Job Done!\"")
- .endContainer()
- //containers END
- .endSpec()
- .endTemplate()
- .endSpec().build();
- }
-
- static final String ELASTICSEARCH_NAMESPACE_PASSWORD_FIELD = "ES_NS_PASSWORD";
- static final String ELASTICSEARCH_NAMESPACE_USER_FIELD = "ES_NS_USER";
- static final String ELASTICSEARCH_CLUSTER_FIELD = "ES_CLUSTER";
- static final String ELASTICSEARCH_PASSWORD_FIELD = "ELASTICSEARCH_PASSWORD";
-
- private EnvVar buildEnvVars(String namespace, String password) {
-// - name: ES_NS_PASSWORD
-// value: "{{ elasticsearch_user_password }}"
-// - name: ES_NS_USER
-// value: "{{ kommune }}"
-// - name: ES_CLUSTER
-// value: "{{ kommune }}"
-// - name: ELASTICSEARCH_PASSWORD
-// valueFrom:
-// secretKeyRef:
-// name: ozg-search-cluster-es-elastic-user
-// key: elastic
-// command:
- return new EnvVarBuilder()
- .withName(ELASTICSEARCH_NAMESPACE_PASSWORD_FIELD).withValue(password)
- .withName(ELASTICSEARCH_NAMESPACE_USER_FIELD).withValue(namespace)
- .withName(ELASTICSEARCH_CLUSTER_FIELD).withValue(namespace)
- .withName(ELASTICSEARCH_PASSWORD_FIELD).withValue(password)
- .build();
- }
-}
-
-
-//apiVersion: batch/v1
-//kind: Job
-//metadata:
-// name: es-create-access-{{ kommune }}
-//spec:
-// parallelism: 1
-// completions: 1
-// template:
-// metadata:
-// name: es-create-access-{{ kommune }}
-// spec:
-// restartPolicy: Never
-// containers:
-// - name: es-create-access
-// image: manusant/curl-jq
-// env:
-// - name: ES_NS_PASSWORD
-// value: "{{ elasticsearch_user_password }}"
-// - name: ES_NS_USER
-// value: "{{ kommune }}"
-// - name: ES_CLUSTER
-// value: "{{ kommune }}"
-// - name: ELASTICSEARCH_PASSWORD
-// valueFrom:
-// secretKeyRef:
-// name: ozg-search-cluster-es-elastic-user
-// key: elastic
-// command:
-// - /bin/sh
-// - -c
-// - |
-// curl -k -X PUT -u elastic:$ELASTICSEARCH_PASSWORD -H 'Content-Type: application/json' 'https://ozg-search-cluster-es-http:9200/'$ES_NS_USER
-// initContainers:
-// - name: create-es-role
-// image: manusant/curl-jq
-// env:
-// - name: ES_NS_PASSWORD
-// value: "{{ elasticsearch_user_password }}"
-// - name: ES_NS_USER
-// value: "{{ kommune }}"
-// - name: ES_CLUSTER
-// value: "{{ kommune }}"
-// - name: ELASTICSEARCH_PASSWORD
-// valueFrom:
-// secretKeyRef:
-// name: ozg-search-cluster-es-elastic-user
-// key: elastic
-// command:
-// - /bin/sh
-// - -c
-// - |
-// curl -k -X POST -u elastic:$ELASTICSEARCH_PASSWORD -H 'Content-Type: application/json' 'https://ozg-search-cluster-es-http:9200/_security/role/'$ES_NS_USER -d '{ "indices": [ { "names": [ "'$ES_NS_USER'*" ], "privileges": ["all"] } ] }'
-// - name: create-es-user
-// image: manusant/curl-jq
-// env:
-// - name: ES_NS_PASSWORD
-// value: "{{ elasticsearch_user_password }}"
-// - name: ES_NS_USER
-// value: "{{ kommune }}"
-// - name: ES_CLUSTER
-// value: "{{ kommune }}"
-// - name: ELASTICSEARCH_PASSWORD
-// valueFrom:
-// secretKeyRef:
-// name: ozg-search-cluster-es-elastic-user
-// key: elastic
-// command:
-// - /bin/sh
-// - -c
-// - |
-// curl -k -X POST -u elastic:$ELASTICSEARCH_PASSWORD -H 'Content-Type: application/json' 'https://ozg-search-cluster-es-http:9200/_security/user/'$ES_NS_USER -d '{"password" : "'$ES_NS_PASSWORD'" ,"roles" : [ "'$ES_NS_USER'" ]}'
\ No newline at end of file
+}
\ No newline at end of file
diff --git a/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/common/kubernetes/KubernetesServiceTest.java b/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/common/kubernetes/KubernetesServiceTest.java
index bcbbb653398c6a416e066204c267936aa245f007..98cdd53276f540dce2ffb793fb30cf7ad0436488 100644
--- a/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/common/kubernetes/KubernetesServiceTest.java
+++ b/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/common/kubernetes/KubernetesServiceTest.java
@@ -2,8 +2,6 @@ package de.ozgcloud.operator.common.kubernetes;
import static org.assertj.core.api.Assertions.*;
-import java.net.HttpURLConnection;
-
import org.junit.Rule;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
@@ -11,7 +9,6 @@ import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import de.ozgcloud.operator.user.ObjectMetaTestFactory;
-import io.fabric8.kubernetes.api.model.Namespace;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.extension.ResourceAdapter;
@@ -32,57 +29,25 @@ class KubernetesServiceTest {
service = new KubernetesService(client);
}
- @DisplayName("Exist namespace")
- @Nested
- class TestExistNamespace {
-
- private final Namespace namespace = NamespaceTestFactory.create();
-
- @Test
- public void shouldReturnTrueIfExistsWithCrud() {
- var namespaceResource = client.namespaces().withName(ObjectMetaTestFactory.NAMESPACE);
- var adapter = new ResourceAdapter<>(namespaceResource);
- adapter.create(namespace);
-
- var exists = service.existNamespace(ObjectMetaTestFactory.NAMESPACE);
-
- assertThat(exists).isTrue();
- }
-
- @Test
- public void shouldReturnTrueIfExists() {
- server.expect().get().withPath("/api/v1/namespaces/" + ObjectMetaTestFactory.NAMESPACE)
- .andReturn(HttpURLConnection.HTTP_OK, namespace)
- .once();
-
- var exists = service.existNamespace(ObjectMetaTestFactory.NAMESPACE);
-
- assertThat(exists).isTrue();
- }
-
- @Test
- public void shouldReturnFalseIfMissing() {
- var exists = service.existNamespace(ObjectMetaTestFactory.NAMESPACE);
-
- assertThat(exists).isFalse();
- }
- }
-
@DisplayName("Get secret")
@Nested
class TestGetSecret {
- private final Secret secret = SecretTestFactory.create();
-
+ private Secret secret = SecretTestFactory.create();
+
@Test
void shouldReturnExistingResourceIfExists() {
- server.expect().get().withPath("/api/v1/namespaces/" + ObjectMetaTestFactory.NAMESPACE + "/secrets/" + SecretTestFactory.NAME)
- .andReturn(HttpURLConnection.HTTP_OK, secret)
- .once();
-
+ createSecret();
+
var secret = getSecret();
- assertThat(secret).isNotNull();
+ assertThat(secret).isNotNull().isEqualTo(secret);
+ }
+
+ private void createSecret() {
+ var secretResource = client.secrets().withName(SecretTestFactory.NAME);
+ var adapter = new ResourceAdapter<>(secretResource);
+ adapter.create(secret);
}
@Test
@@ -96,14 +61,4 @@ class KubernetesServiceTest {
return service.getSecretResource(ObjectMetaTestFactory.NAMESPACE, SecretTestFactory.NAME).get();
}
}
-
- //PoC
- @Nested
- class TestDoInPod {
-
- @Test
- void doSomething() {
- var pod = service.doInPod("test", "pod");
- }
- }
-}
+}
\ No newline at end of file
diff --git a/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserReconcilerTest.java b/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserReconcilerTest.java
index 20915e53c9a5bea0fe02a5c6b020c1477f743889..97e47dcc0d897cefb8b7e434e96258467e33ab39 100644
--- a/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserReconcilerTest.java
+++ b/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserReconcilerTest.java
@@ -7,22 +7,17 @@ import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import org.mockito.InjectMocks;
import org.mockito.Mock;
-import org.mockito.Spy;
-import de.ozgcloud.operator.common.kubernetes.KubernetesService;
import io.javaoperatorsdk.operator.api.reconciler.Context;
import io.javaoperatorsdk.operator.api.reconciler.UpdateControl;
import lombok.SneakyThrows;
class ElasticUserReconcilerTest {
- @Spy
@InjectMocks
private ElasticUserReconciler reconciler;
@Mock
private ElasticUserService service;
- @Mock
- private KubernetesService kubernetesService;
@DisplayName("Reconcile")
@Nested
diff --git a/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserSecretBuilderTest.java b/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserSecretBuilderTest.java
index 7795ab6468acacbc153975b61f59e9bd2777ef0a..5172cb9b746a0ffd7ee46bff1dc64ab65f593d86 100644
--- a/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserSecretBuilderTest.java
+++ b/ozgcloud-elastic-operator/src/test/java/de/ozgcloud/operator/user/ElasticUserSecretBuilderTest.java
@@ -33,7 +33,7 @@ class ElasticUserSecretBuilderTest {
void shouldContainName() {
var secret = builder.build(resource, secretName);
- assertThat(secret.getMetadata().getName()).isEqualTo(ElasticUserSecretBuilder.SECRET_TYPE);
+ assertThat(secret.getMetadata().getName()).isEqualTo(secretName);
}
@Test