Issue-403

.github/workflows/e2e-atomic-fruits-vault-crossplane.yml

@@ -85,7 +85,7 @@ jobs:
           ./scripts/data/services.sh url=$PRIMAZA_URL service_name=activemq-artemis version=2.26 type=activemq endpoint=tcp:8161
           ./scripts/data/services.sh url=$PRIMAZA_URL service_name=mariadb version=10.9 type=mariadb endpoint=tcp:3306
 
-          ./scripts/data/credentials.sh url=$PRIMAZA_URL credential_name=fruits_database-vault-creds service_name=postgresql vault_kv=primaza/fruits
+          ./scripts/data/credentials.sh url=$PRIMAZA_URL credential_type=vault credential_name=fruits_database-vault-creds service_name=postgresql vault_kv=primaza/fruits
 
       - name: Installing Vault
         run: |

.github/workflows/e2e-atomic-fruits-vault.yml

@@ -84,7 +84,7 @@ jobs:
           ./scripts/data/services.sh url=$PRIMAZA_URL service_name=activemq-artemis version=2.26 type=activemq endpoint=tcp:8161
           ./scripts/data/services.sh url=$PRIMAZA_URL service_name=mariadb version=10.9 type=mariadb endpoint=tcp:3306
 
-          ./scripts/data/credentials.sh url=$PRIMAZA_URL credential_name=fruits_database-vault-creds service_name=postgresql vault_kv=primaza/fruits
+          ./scripts/data/credentials.sh url=$PRIMAZA_URL credential_type=vault credential_name=fruits_database-vault-creds service_name=postgresql vault_kv=primaza/fruits
 
       - name: Installing Vault
         run: |

app/src/main/java/io/halkyon/model/Credential.java

@@ -38,6 +38,8 @@ public class Credential extends PanacheEntityBase {
     @JoinColumn(name = "service_id", nullable = false)
     public Service service;
 
+    public String type;
+
     public String vaultKvPath;
 
     public String username;

app/src/main/java/io/halkyon/resource/requests/CredentialRequest.java

@@ -16,6 +16,10 @@ public class CredentialRequest {
     @FormParam
     public String name;
 
+    @NotBlank
+    @FormParam
+    public String type;
+
     @NotNull
     @FormParam
     public Long serviceId;

app/src/test/java/io/halkyon/ApplicationsPageTest.java

@@ -148,13 +148,14 @@ public void testBindApplication() throws ClusterConnectException {
         String claimName = prefix + "claim";
         String serviceName = prefix + "service";
         String credentialName = prefix + "credential";
+        String credentialType = "basic";
         String appName = prefix + "app";
         // mock data
         configureMockServiceFor(clusterName, "testbind", "1111", "ns1");
         configureMockApplicationFor(clusterName, appName, "image2", "ns1");
         // create data
         Service service = createService(serviceName, "version", "type", "testbind:1111");
-        createCredential(credentialName, service.id, "user1", "pass1", null);
+        createCredential(credentialName, credentialType, service.id, "user1", "pass1", null);
         createCluster(clusterName, "host:9999");
         serviceDiscoveryJob.execute(); // this action will change the service to available
         Claim claim = createClaim(claimName, serviceName + "-version");
@@ -209,6 +210,7 @@ public void testBindApplicationUsingServiceFromAnotherCluster() throws ClusterCo
         String claimName = prefix + "claim";
         String serviceName = prefix + "service";
         String credentialName = prefix + "credential";
+        String credentialType = "basic";
         String appName = prefix + "app";
         String externalServiceIp = serviceName + "ip";
 
@@ -218,7 +220,7 @@ public void testBindApplicationUsingServiceFromAnotherCluster() throws ClusterCo
 
         // create data
         Service service = createService(serviceName, "version", "type", "testbind:1111");
-        createCredential(credentialName, service.id, "user1", "pass1", null);
+        createCredential(credentialName, credentialType, service.id, "user1", "pass1", null);
         createCluster(clusterNameOfService, "host:9999");
         createCluster(clusterNameOfApplication, "host:9999");
         serviceDiscoveryJob.execute(); // this action will change the service to available
@@ -314,6 +316,7 @@ public void testBindApplicationGettingCredentialsFromVault() throws ClusterConne
         String claimName = prefix + "claim";
         String serviceName = prefix + "service";
         String credentialName = prefix + "credential";
+        String credentialType = "vault";
         String appName = prefix + "app";
         String username = "user1";
         String password = "pass1";
@@ -323,7 +326,7 @@ public void testBindApplicationGettingCredentialsFromVault() throws ClusterConne
         configureMockApplicationFor(clusterName, appName, "image2", "ns1");
         // create data
         Service service = createService(serviceName, "version", "type", "testbind:1111");
-        createCredential(credentialName, service.id, null, null, "myapps/app");
+        createCredential(credentialName, credentialType, service.id, null, null, "myapps/app");
         createCluster(clusterName, "host:9999");
 
         Map<String, String> newsecrets = new HashMap<>();

app/src/test/java/io/halkyon/CredentialsPageTest.java

@@ -15,9 +15,12 @@
 public class CredentialsPageTest extends BaseTest {
 
     @Test
-    public void testCreateNewCredential() {
+    public void testCreateNewBasicCredential() {
         createService("postgresql-credential1", "8", "postgresql");
         page.goTo("/credentials/new");
+
+        page.select("credential_type", "basic");
+
         // add param a=1
         page.type("new-param-name", "a");
         page.type("new-param-value", "1");
@@ -26,12 +29,13 @@ public void testCreateNewCredential() {
         page.type("new-param-name", "b");
         page.type("new-param-value", "2");
         page.clickById("add-param-to-credential-button");
+
         // set data
         page.select("credential_service", "postgresql-credential1-8");
         page.type("credential_name", "Credential1");
         page.type("credential_username", "Admin");
         page.type("credential_password", "Supersecret");
-        page.type("credential_vault_path", "myapps/vault-quickstart/private");
+
         // submit credential
         page.clickById("credential-button");
 
@@ -42,7 +46,7 @@ public void testCreateNewCredential() {
                 .as(Credential.class);
         assertEquals("Admin", credential.username);
         assertEquals("Supersecret", credential.password);
-        assertEquals("myapps/vault-quickstart/private", credential.vaultKvPath);
+
         assertEquals(2, credential.params.size());
         assertEquals("a", credential.params.get(0).paramName);
         assertEquals("1", credential.params.get(0).paramValue);
@@ -56,12 +60,41 @@ public void testCreateNewCredential() {
         assertEquals("Credential1", service.credentials.get(0).name);
     }
 
+    @Test
+    public void testCreateNewVaultCredential() {
+        createService("postgresql-credential1", "8", "postgresql");
+        page.goTo("/credentials/new");
+
+        page.select("credential_type", "vault");
+
+        // set data
+        page.select("credential_service", "postgresql-credential1-8");
+        page.type("credential_name", "Credential1");
+
+        page.type("credential_vault_path", "myapps/vault-quickstart/private");
+        // submit credential
+        page.clickById("credential-button");
+
+        // then, the new credential should be listed:
+        page.goTo("/credentials");
+        page.assertContentContains("Credential1");
+        Credential credential = given().when().get("/credentials/name/Credential1").then().statusCode(200).extract()
+                .as(Credential.class);
+        assertEquals("myapps/vault-quickstart/private", credential.vaultKvPath);
+
+        // and the service should have been linked to it.
+        Service service = given().when().get("/services/name/postgresql-credential1").then().statusCode(200).extract()
+                .as(Service.class);
+        assertEquals(1, service.credentials.size());
+        assertEquals("Credential1", service.credentials.get(0).name);
+    }
+
     @Test
     public void testEditCredentialFromPage() {
         // Create data
         String prefix = "CredentialsPageTest-testEditCredentialFromPage-";
         Service service = createService(prefix + "service", "8", "type");
-        Credential credential = createCredential(prefix + "credential", service.id, "user", "pass",
+        Credential credential = createCredential(prefix + "credential", "basic", service.id, "user", "pass",
                 "myapps/vault-quickstart/private");
         // Go to the page
         page.goTo("/credentials");
@@ -85,7 +118,7 @@ public void testEditCredentialFromPage() {
     public void testDeleteCredential() {
         String prefix = "CredentialsPageTest-testDeleteCredential-";
         Service service = createService(prefix + "service", "8", "postgresql");
-        Credential credential = createCredential(prefix + "credential", service.id, "user", "pass",
+        Credential credential = createCredential(prefix + "credential", "basic", service.id, "user", "pass",
                 "myapps/vault-quickstart/private");
 
         // When, we go to the credentials page

app/src/test/java/io/halkyon/utils/TestUtils.java

@@ -48,7 +48,7 @@ public static Service createService(String serviceName, String serviceVersion, S
     public static Service createServiceWithCredential(String serviceName, String serviceVersion, String serviceType,
             String endpoint) {
         Service service = createService(serviceName, serviceVersion, serviceType, endpoint);
-        createCredential(serviceName + "-credential", service.id, "username", "password", null);
+        createCredential(serviceName + "-credential", "basic", service.id, "username", "password", null);
         return service;
     }
 
@@ -110,11 +110,12 @@ public static Application createApplication(String applicationName, String clust
         return app;
     }
 
-    public static Credential createCredential(String credentialName, long serviceId, String username, String password,
-            String vaultPath) {
+    public static Credential createCredential(String credentialName, String credentialType, long serviceId,
+            String username, String password, String vaultPath) {
         given().contentType(MediaType.APPLICATION_FORM_URLENCODED).formParam("name", credentialName)
-                .formParam("serviceId", serviceId).formParam("username", username).formParam("password", password)
-                .formParam("vaultKvPath", vaultPath).when().post("/credentials").then().statusCode(201);
+                .formParam("credentialType", credentialType).formParam("serviceId", serviceId)
+                .formParam("username", username).formParam("password", password).formParam("vaultKvPath", vaultPath)
+                .when().post("/credentials").then().statusCode(201);
 
         return given().contentType(MediaType.APPLICATION_JSON).get("/credentials/name/" + credentialName).then()
                 .statusCode(200).extract().as(Credential.class);

scripts/data/credentials.sh

@@ -18,6 +18,7 @@ NO_WAIT=true
 # Default parameter values
 DEFAULT_PRIMAZA_URL="localhost:8080"
 
+DEFAULT_CREDENTIAL_TYPE="basic"
 DEFAULT_CREDENTIAL_NAME=""
 DEFAULT_SERVICE_NAME=""
 DEFAULT_USERNAME=""
@@ -35,6 +36,9 @@ parse_parameters() {
       credential_name=*)
         CREDENTIAL_NAME="${arg#*=}"
         ;;
+      credential_type=*)
+        CREDENTIAL_TYPE="${arg#*=}"
+        ;;
       service_name=*)
         SERVICE_NAME="${arg#*=}"
         ;;
@@ -65,6 +69,7 @@ parse_parameters "$@"
 # Set defaults if parameters are not provided
 PRIMAZA_URL=${PRIMAZA_URL:-$DEFAULT_PRIMAZA_URL}
 CREDENTIAL_NAME=${CREDENTIAL_NAME:-$DEFAULT_CREDENTIAL_NAME}
+CREDENTIAL_TYPE=${CREDENTIAL_TYPE:-$DEFAULT_CREDENTIAL_TYPE}
 SERVICE_ID=${SERVICE_ID:-$DEFAULT_SERVICE_ID}
 SERVICE_NAME=${SERVICE_NAME:-$DEFAULT_SERVICE_NAME}
 USERNAME=${USERNAME:-$DEFAULT_USERNAME}
@@ -83,14 +88,13 @@ else
   note "Service id found: $SERVICE_ID"
 fi
 
-if [ -z "$USERNAME" ] && [ -z "$PASSWORD" ]; then
-  BODY="name=$CREDENTIAL_NAME&serviceId=$SERVICE_ID&vaultKvPath=primaza/fruits"
-else
-  BODY="name=$CREDENTIAL_NAME&serviceId=$SERVICE_ID&username=$USERNAME&password=$PASSWORD&params=database:$DATABASE_NAME"
-fi
-
-note "Creating the credential using as body: $BODY"
-note "curl -X POST -s -k -d \"${BODY}\" ${PRIMAZA_URL}/credentials" >&2
+case $CREDENTIAL_TYPE in
+   basic)
+     BODY="type=$CREDENTIAL_TYPE&name=$CREDENTIAL_NAME&serviceId=$SERVICE_ID&username=$USERNAME&password=$PASSWORD&params=database:$DATABASE_NAME"
+     ;;
+   vault)
+     BODY="type=$CREDENTIAL_TYPE&name=$CREDENTIAL_NAME&serviceId=$SERVICE_ID&vaultKvPath=$VAULT_KV"
+esac
 
 RESPONSE=$(curl -s -k -o response.txt -w '%{http_code}' \
   -X POST \