From 97703ddad4de02e8fb2b068dd4844ed16a4ab103 Mon Sep 17 00:00:00 2001
From: OZGCloud <ozgcloud@mgm-tp.com>
Date: Wed, 10 Jan 2024 12:49:54 +0100
Subject: [PATCH] OZG-4453 make elasticsearch calls for user/role creation
 idempotent

---
 .../OzgCloudElasticsearchService.java         | 10 ++-------
 .../ElasticsearchRemoteService.java           | 12 +++++-----
 .../OzgCloudElasticsearchServiceTest.java     | 22 ++-----------------
 .../ElasticsearchRemoteServiceITCase.java     |  4 ++--
 4 files changed, 12 insertions(+), 36 deletions(-)

diff --git a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
index d7207e4..3d6a0c8 100644
--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/OzgCloudElasticsearchService.java
@@ -61,10 +61,7 @@ public class OzgCloudElasticsearchService {
 	}
 
 	public void createSecurityRoleIfMissing(String roleName) throws Exception {
-		LOG.debug("{}: Check elasticsearch role...", roleName);
-		if (!remoteService.existsSecurityRole(roleName)) {
-			remoteService.createSecurityRole(buildPutRoleRequestData(roleName));
-		}
+		remoteService.createOrUpdateSecurityRole(buildPutRoleRequestData(roleName));
 	}
 
 	PutRoleRequestData buildPutRoleRequestData(String roleName) {
@@ -76,10 +73,7 @@ public class OzgCloudElasticsearchService {
 	}
 
 	public void createSecurityUserIfMissing(String namespace, String password) throws Exception {
-		LOG.debug("{}: Check elasticsearch user...", namespace);
-		if (!remoteService.existsSecurityUser(namespace)) {
-			remoteService.createSecurityUser(buildPutUserRequestData(namespace, password));
-		}
+		remoteService.createOrUpdateSecurityUser(buildPutUserRequestData(namespace, password));
 	}
 
 	PutUserRequestData buildPutUserRequestData(String namespace, String password) {
diff --git a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteService.java b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteService.java
index 12c4c5d..958c9f0 100644
--- a/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteService.java
+++ b/ozgcloud-elasticsearch-operator/src/main/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteService.java
@@ -46,11 +46,11 @@ public class ElasticsearchRemoteService {
 		return !client.security().getRole(builder -> builder.name(roleName)).result().isEmpty();
 	}
 
-	public void createSecurityRole(PutRoleRequestData requestData) throws Exception {
+	public void createOrUpdateSecurityRole(PutRoleRequestData requestData) throws Exception {
 		try {
-			LOG.info("{}: Create elasticsearch role ", requestData.getName());
+			LOG.info("{}: Create or update elasticsearch role ", requestData.getName());
 			client.security().putRole(createPutRoleRequest(requestData));
-			LOG.info("{}: Create elasticsearch role successful", requestData.getName());
+			LOG.info("{}: Create or update elasticsearch role successful", requestData.getName());
 		} catch (Exception e) {
 			throw new RuntimeException("Create elasticsearch role " + requestData.getName() + "failed.", e);
 		}
@@ -78,11 +78,11 @@ public class ElasticsearchRemoteService {
 		return !client.security().getUser(builder -> builder.username(userName)).result().isEmpty();
 	}
 
-	public void createSecurityUser(PutUserRequestData requestData) throws Exception {
+	public void createOrUpdateSecurityUser(PutUserRequestData requestData) throws Exception {
 		try {
-			LOG.info("{}: Create elasticsearch user", requestData.getUsername());
+			LOG.info("{}: Create or update elasticsearch user", requestData.getUsername());
 			client.security().putUser(createPutUserRequest(requestData));
-			LOG.info("{}: Create elasticsearch user successful", requestData.getUsername());
+			LOG.info("{}: Create or update elasticsearch user successful", requestData.getUsername());
 		} catch (Exception e) {
 			throw new RuntimeException("Create elasticsearch user " + requestData.getUsername() + "failed.", e);
 		}
diff --git a/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java b/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
index 8d0c373..e9ac1e2 100644
--- a/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
+++ b/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/OzgCloudElasticsearchServiceTest.java
@@ -139,23 +139,14 @@ class OzgCloudElasticsearchServiceTest {
 
 		private final PutRoleRequestData putRoleRequest = PutRoleRequestDataTestFactory.create();
 
-		@SneakyThrows
-		@Test
-		void shouldCheckIfSecurityRoleExists() {
-			service.createSecurityRoleIfMissing(NAMESPACE);
-
-			verify(remoteService).existsSecurityRole(NAMESPACE);
-		}
-
 		@SneakyThrows
 		@Test
 		void shouldCreateSecurityRoleIfMissing() {
-			when(remoteService.existsSecurityRole(any())).thenReturn(false);
 			doReturn(putRoleRequest).when(service).buildPutRoleRequestData(any());
 
 			service.createSecurityRoleIfMissing(NAMESPACE);
 
-			verify(remoteService).createSecurityRole(putRoleRequest);
+			verify(remoteService).createOrUpdateSecurityRole(putRoleRequest);
 		}
 
 		@DisplayName("create put role request data")
@@ -200,23 +191,14 @@ class OzgCloudElasticsearchServiceTest {
 
 		private final PutUserRequestData putUserRequestData = PutUserRequestDataTestFactory.create();
 
-		@SneakyThrows
-		@Test
-		void shouldCheckIfSecurityUserExists() {
-			service.createSecurityUserIfMissing(NAMESPACE, PutUserRequestDataTestFactory.PASSWORD);
-
-			verify(remoteService).existsSecurityUser(NAMESPACE);
-		}
-
 		@SneakyThrows
 		@Test
 		void shouldCreateSecurityUserIfMissing() {
-			when(remoteService.existsSecurityUser(any())).thenReturn(false);
 			doReturn(putUserRequestData).when(service).buildPutUserRequestData(any(), any());
 
 			service.createSecurityUserIfMissing(NAMESPACE, PutUserRequestDataTestFactory.PASSWORD);
 
-			verify(remoteService).createSecurityUser(putUserRequestData);
+			verify(remoteService).createOrUpdateSecurityUser(putUserRequestData);
 		}
 
 		@DisplayName("create put user request data")
diff --git a/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteServiceITCase.java b/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteServiceITCase.java
index 5ac49af..f5914e9 100644
--- a/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteServiceITCase.java
+++ b/ozgcloud-elasticsearch-operator/src/test/java/de/ozgcloud/operator/common/elasticsearch/ElasticsearchRemoteServiceITCase.java
@@ -142,7 +142,7 @@ class ElasticsearchRemoteServiceITCase {
 		@SneakyThrows
 		@Test
 		void shouldCreateSecurityRole() {
-			service.createSecurityRole(PutRoleRequestDataTestFactory.create());
+			service.createOrUpdateSecurityRole(PutRoleRequestDataTestFactory.create());
 			
 			assertThat(existsSecurityRole()).isTrue();
 		}
@@ -213,7 +213,7 @@ class ElasticsearchRemoteServiceITCase {
 		@SneakyThrows
 		@Test
 		void shouldCreateSecurityUser() {
-			service.createSecurityUser(PutUserRequestDataTestFactory.create());
+			service.createOrUpdateSecurityUser(PutUserRequestDataTestFactory.create());
 			
 			assertThat(existsSecurityUser()).isTrue();
 		}
-- 
GitLab