diff --git a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/installation/vault/Vault.java b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/installation/vault/Vault.java index 6df46813a9..47a370b3b2 100644 --- a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/installation/vault/Vault.java +++ b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/installation/vault/Vault.java @@ -44,16 +44,19 @@ public class Vault { private static final String VAULT_CMD = "vault"; private final String deploymentNamespace; private final String vaultRootToken; + private final boolean openshiftCluster; /** * Instantiates a new Vault. * * @param deploymentNamespace the deployment namespace * @param vaultRootToken root token to be used for the vault install + * @param openshiftCluster the boolean for openshift cluster */ - public Vault(String deploymentNamespace, String vaultRootToken) { + public Vault(String deploymentNamespace, String vaultRootToken, boolean openshiftCluster) { this.deploymentNamespace = deploymentNamespace; this.vaultRootToken = vaultRootToken; + this.openshiftCluster = openshiftCluster; } /** @@ -124,7 +127,7 @@ public String getVersionInstalled() { * */ public void deploy() { - LOGGER.info("Deploy HashiCorp Vault in {} namespace", deploymentNamespace); + LOGGER.info("Deploy HashiCorp Vault in {} namespace, openshift: {}", deploymentNamespace, openshiftCluster); if (isDeployed()) { LOGGER.warn("Skipping Vault deployment. It is already deployed!"); return; @@ -134,7 +137,8 @@ public void deploy() { ResourceManager.helmClient().namespace(deploymentNamespace).install(VAULT_HELM_CHART_NAME, VAULT_SERVICE_NAME, Optional.of(Environment.VAULT_CHART_VERSION), Optional.of(getHelmOverridePath()), - Optional.of(Map.of("server.dev.devRootToken", vaultRootToken))); + Optional.of(Map.of("server.dev.devRootToken", vaultRootToken, + "global.openshift", String.valueOf(openshiftCluster)))); DeploymentUtils.waitForDeploymentRunning(deploymentNamespace, VAULT_POD_NAME, Duration.ofMinutes(1)); } diff --git a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/KubeClusterResource.java b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/KubeClusterResource.java index 130740c6d5..7b1a4daceb 100644 --- a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/KubeClusterResource.java +++ b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/KubeClusterResource.java @@ -152,4 +152,13 @@ public synchronized KubeCluster cluster() { } return kubeCluster; } + + /** + * Return true if this kind of cluster is openshift. + * + * @return the boolean + */ + public boolean isOpenshift() { + return kubeCluster.isOpenshift(); + } } diff --git a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/KubeCluster.java b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/KubeCluster.java index 4627d0d925..ade9502f31 100644 --- a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/KubeCluster.java +++ b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/KubeCluster.java @@ -27,18 +27,25 @@ public interface KubeCluster { Config CONFIG = Config.autoConfigure(null); /** Return true iff this kind of cluster installed on the local machine. - * @return the boolean - * */ + * @return the boolean + */ boolean isAvailable(); /** Return true iff this kind of cluster is running on the local machine * @return the boolean - * */ + */ boolean isClusterUp(); + /** + * Return true if this kind of cluster is openshift + * + * @return the boolean + */ + boolean isOpenshift(); + /** Return a default CMD cmdClient for this kind of cluster. * @return the kube cmd client - * */ + */ KubeCmdClient defaultCmdClient(); /** diff --git a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/Kubernetes.java b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/Kubernetes.java index aaff065c27..7e9efb9d23 100644 --- a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/Kubernetes.java +++ b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/k8s/cluster/Kubernetes.java @@ -13,6 +13,7 @@ import org.slf4j.LoggerFactory; import io.kroxylicious.systemtests.executor.Exec; +import io.kroxylicious.systemtests.executor.ExecResult; import io.kroxylicious.systemtests.k8s.cmd.KubeCmdClient; import io.kroxylicious.systemtests.k8s.cmd.Kubectl; import io.kroxylicious.systemtests.k8s.exception.KubeClusterException; @@ -54,4 +55,19 @@ public KubeCmdClient defaultCmdClient() { public String toString() { return CMD; } + + public boolean isOpenshift() { + List cmd = Arrays.asList(CMD, "api-versions"); + try { + ExecResult result = Exec.exec(cmd); + if (!result.isSuccess()) { + throw new KubeClusterException("Something went wrong when executing " + cmd + " command: " + result.err()); + } + return result.out().contains("openshift.io"); + } + catch (KubeClusterException e) { + LOGGER.error("Failed whilst sniffing for OpenShift: ", e); + throw e; + } + } } diff --git a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacade.java b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacade.java index a63873da71..bd90761312 100644 --- a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacade.java +++ b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacade.java @@ -55,11 +55,12 @@ public class KubeVaultTestKmsFacade extends AbstractVaultTestKmsFacade { * * @param namespace the namespace * @param podName the pod name + * @param openshiftCluster the boolean for openshift cluster */ - public KubeVaultTestKmsFacade(String namespace, String podName) { + public KubeVaultTestKmsFacade(String namespace, String podName, boolean openshiftCluster) { this.namespace = namespace; this.podName = podName; - this.vault = new Vault(namespace, VAULT_ROOT_TOKEN); + this.vault = new Vault(namespace, VAULT_ROOT_TOKEN, openshiftCluster); } @Override diff --git a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacadeFactory.java b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacadeFactory.java index c5afdb3d91..85d3394337 100644 --- a/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacadeFactory.java +++ b/kroxylicious-systemtests/src/main/java/io/kroxylicious/systemtests/resources/vault/KubeVaultTestKmsFacadeFactory.java @@ -14,8 +14,16 @@ */ public class KubeVaultTestKmsFacadeFactory extends AbstractVaultTestKmsFacadeFactory { - public KubeVaultTestKmsFacade build(String namespace, String podName) { - return new KubeVaultTestKmsFacade(namespace, podName); + /** + * Build kube vault test kms facade. + * + * @param namespace the namespace + * @param podName the pod name + * @param openshiftCluster the boolean for openshift cluster + * @return the kube vault test kms facade + */ + public KubeVaultTestKmsFacade build(String namespace, String podName, boolean openshiftCluster) { + return new KubeVaultTestKmsFacade(namespace, podName, openshiftCluster); } /** diff --git a/kroxylicious-systemtests/src/test/java/io/kroxylicious/systemtests/EnvelopeEncryptionST.java b/kroxylicious-systemtests/src/test/java/io/kroxylicious/systemtests/EnvelopeEncryptionST.java index 4623404e78..90c23fa58d 100644 --- a/kroxylicious-systemtests/src/test/java/io/kroxylicious/systemtests/EnvelopeEncryptionST.java +++ b/kroxylicious-systemtests/src/test/java/io/kroxylicious/systemtests/EnvelopeEncryptionST.java @@ -46,7 +46,7 @@ class EnvelopeEncryptionST extends AbstractST { @BeforeAll void setUp() { - kubeVaultTestKmsFacade = new KubeVaultTestKmsFacadeFactory().build(Vault.VAULT_DEFAULT_NAMESPACE, Vault.VAULT_POD_NAME); + kubeVaultTestKmsFacade = new KubeVaultTestKmsFacadeFactory().build(Vault.VAULT_DEFAULT_NAMESPACE, Vault.VAULT_POD_NAME, cluster.isOpenshift()); List vaultPods = kubeClient().listPodsByPrefixInName(Vault.VAULT_DEFAULT_NAMESPACE, Vault.VAULT_SERVICE_NAME); if (!vaultPods.isEmpty()) { LOGGER.warn("Skipping vault deployment. It is already deployed!");