diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 89fff3d..ea2495f 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -40,9 +40,16 @@ jobs:
- name: Checkout repository
uses: actions/checkout@v2
+ - name: Set up JDK 17
+ uses: actions/setup-java@v3
+ with:
+ distribution: 'zulu'
+ java-version: 17
+ cache: 'maven'
+
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@v1
+ uses: github/codeql-action/init@v2
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -50,21 +57,7 @@ jobs:
# Prefix the list here with "+" to use these queries and those in the config file.
# queries: ./path/to/local/query, your-org/your-repo/queries@main
- # Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
- # If this step fails, then you should remove it and run the build manually (see below)
- - name: Autobuild
- uses: github/codeql-action/autobuild@v1
-
- # âšī¸ Command-line programs to run using the OS shell.
- # đ https://git.io/JvXDl
-
- # âī¸ If the Autobuild fails above, remove it and uncomment the following three lines
- # and modify them (or add more) to build your code if your project
- # uses a compiled language
-
- #- run: |
- # make bootstrap
- # make release
+ - run: mvn -B package --file pom.xml -Dspring.profiles.active=test -DskipTests
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v1
+ uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/maven.yaml b/.github/workflows/maven.yaml
index a7bdb29..66f5310 100644
--- a/.github/workflows/maven.yaml
+++ b/.github/workflows/maven.yaml
@@ -17,10 +17,10 @@ jobs:
- "kindest/node:v1.22.15@sha256:7d9708c4b0873f0fe2e171e2b1b7f45ae89482617778c1c875f1053d4cef2e41"
steps:
- - uses: actions/checkout@v1
+ - uses: actions/checkout@v2
- name: Set up JDK 17
- uses: actions/setup-java@v2
+ uses: actions/setup-java@v3
with:
distribution: 'zulu'
java-version: 17
@@ -51,7 +51,7 @@ jobs:
needs: test
steps:
- - uses: actions/checkout@v1
+ - uses: actions/checkout@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
diff --git a/pom.xml b/pom.xml
index c1504cd..884310b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -14,7 +14,7 @@
org.springframework.boot
spring-boot-starter-parent
- 2.7.8
+ 3.0.2
@@ -42,7 +42,7 @@
org.springframework.vault
spring-vault-core
- 2.3.2
+ 3.0.0
org.springframework.boot
@@ -75,7 +75,7 @@
com.github.tomakehurst
wiremock
- 2.27.2
+ 3.0.0-beta-2
test
@@ -103,7 +103,7 @@
org.apache.maven.plugins
maven-compiler-plugin
- 3.8.1
+ 3.10.1
17
true
@@ -113,21 +113,4 @@
-
-
-
-
-
- org.springframework.vault
- spring-vault-dependencies
- 2.3.2
- import
- pom
-
-
-
-
-
-
-
diff --git a/src/main/java/de/koudingspawn/vault/Constants.java b/src/main/java/de/koudingspawn/vault/Constants.java
index 642d6ec..9722e08 100644
--- a/src/main/java/de/koudingspawn/vault/Constants.java
+++ b/src/main/java/de/koudingspawn/vault/Constants.java
@@ -1,7 +1,11 @@
package de.koudingspawn.vault;
public class Constants {
- public static String DATE_FORMAT = "yyyy-MM-dd'T'HH:mm'Z'";
- public static String COMPARE_ANNOTATION = "/compare";
- public static String LAST_UPDATE_ANNOTATION = "/lastUpdated";
+
+ private Constants() {
+ }
+
+ public static final String DATE_FORMAT = "yyyy-MM-dd'T'HH:mm'Z'";
+ public static final String COMPARE_ANNOTATION = "/compare";
+ public static final String LAST_UPDATE_ANNOTATION = "/lastUpdated";
}
diff --git a/src/main/java/de/koudingspawn/vault/admissionreview/AdmissionReviewRestService.java b/src/main/java/de/koudingspawn/vault/admissionreview/AdmissionReviewRestService.java
index ea74328..787f357 100644
--- a/src/main/java/de/koudingspawn/vault/admissionreview/AdmissionReviewRestService.java
+++ b/src/main/java/de/koudingspawn/vault/admissionreview/AdmissionReviewRestService.java
@@ -3,10 +3,6 @@
import io.fabric8.kubernetes.api.model.admission.v1.AdmissionResponse;
import io.fabric8.kubernetes.api.model.admission.v1.AdmissionReview;
import io.fabric8.kubernetes.api.model.admission.v1.AdmissionReviewBuilder;
-import io.fabric8.kubernetes.client.dsl.Resource;
-import io.fabric8.kubernetes.client.utils.ApiVersionUtil;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -16,8 +12,6 @@
@RequestMapping("/validation/vault-crd")
public class AdmissionReviewRestService {
- private static final Logger log = LoggerFactory.getLogger(AdmissionReviewRestService.class);
-
private final AdmissionReviewService admissionReviewService;
public AdmissionReviewRestService(AdmissionReviewService admissionReviewService) {
diff --git a/src/main/java/de/koudingspawn/vault/crd/Vault.java b/src/main/java/de/koudingspawn/vault/crd/Vault.java
index 925edb2..dcb9cb7 100644
--- a/src/main/java/de/koudingspawn/vault/crd/Vault.java
+++ b/src/main/java/de/koudingspawn/vault/crd/Vault.java
@@ -55,7 +55,7 @@ public boolean modifyHandlerEquals(Object o) {
HashMap annotations = new HashMap<>(getMetadata().getAnnotations());
annotations.remove("kubectl.kubernetes.io/last-applied-configuration");
- if (!Objects.equals(vaultAnnotations, annotations)) return false;
+ return Objects.equals(vaultAnnotations, annotations);
}
diff --git a/src/main/java/de/koudingspawn/vault/crd/VaultList.java b/src/main/java/de/koudingspawn/vault/crd/VaultList.java
index 219172a..7dfb910 100644
--- a/src/main/java/de/koudingspawn/vault/crd/VaultList.java
+++ b/src/main/java/de/koudingspawn/vault/crd/VaultList.java
@@ -1,6 +1,6 @@
package de.koudingspawn.vault.crd;
-import io.fabric8.kubernetes.client.CustomResourceList;
+import io.fabric8.kubernetes.api.model.DefaultKubernetesResourceList;
-public class VaultList extends CustomResourceList {
+public class VaultList extends DefaultKubernetesResourceList {
}
diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java b/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java
index c4ef82b..63468bf 100644
--- a/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java
+++ b/src/main/java/de/koudingspawn/vault/kubernetes/ChangeAdjustmentService.java
@@ -12,7 +12,7 @@
@Service
public class ChangeAdjustmentService {
- private static final Logger log = LoggerFactory.getLogger(KubernetesService.class);
+ private static final Logger log = LoggerFactory.getLogger(ChangeAdjustmentService.class);
private final KubernetesClient client;
@@ -24,15 +24,13 @@ public void handle(Vault resource) {
VaultChangeAdjustmentCallback changeAdjustmentCallback = resource.getSpec().getChangeAdjustmentCallback();
if (changeAdjustmentCallback != null && changeAdjustmentCallback.getType() != null && changeAdjustmentCallback.getName() != null) {
switch (changeAdjustmentCallback.getType().toLowerCase()) {
- case "deployment":
- rotateDeployment(resource.getMetadata().getNamespace(), changeAdjustmentCallback.getName());
- break;
- case "statefulset":
- rotateStatefulSet(resource.getMetadata().getNamespace(), changeAdjustmentCallback.getName());
- break;
- default:
- log.info("Currently a change adjustment is only supported for type deployment. Resource {} in namespace {} has type {}",
- resource.getMetadata().getName(), resource.getMetadata().getNamespace(), changeAdjustmentCallback.getType());
+ case "deployment" ->
+ rotateDeployment(resource.getMetadata().getNamespace(), changeAdjustmentCallback.getName());
+ case "statefulset" ->
+ rotateStatefulSet(resource.getMetadata().getNamespace(), changeAdjustmentCallback.getName());
+ default ->
+ log.info("Currently a change adjustment is only supported for type deployment. Resource {} in namespace {} has type {}",
+ resource.getMetadata().getName(), resource.getMetadata().getNamespace(), changeAdjustmentCallback.getType());
}
} else {
log.warn("Change adjustment callback for resource {} in namespace {} is invalid!", resource.getMetadata().getName(), resource.getMetadata().getNamespace());
diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesConnection.java b/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesConnection.java
index 21d8342..6b432c4 100644
--- a/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesConnection.java
+++ b/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesConnection.java
@@ -3,10 +3,7 @@
import de.koudingspawn.vault.crd.Vault;
import de.koudingspawn.vault.crd.VaultList;
import io.fabric8.kubernetes.api.model.apiextensions.v1.CustomResourceDefinition;
-import io.fabric8.kubernetes.client.Config;
-import io.fabric8.kubernetes.client.ConfigBuilder;
-import io.fabric8.kubernetes.client.DefaultKubernetesClient;
-import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.*;
import io.fabric8.kubernetes.client.dsl.MixedOperation;
import io.fabric8.kubernetes.client.dsl.Resource;
import io.fabric8.kubernetes.internal.KubernetesDeserializer;
@@ -27,13 +24,15 @@ public class KubernetesConnection {
@Profile("development")
public KubernetesClient testClient() {
Config config = new ConfigBuilder().withMasterUrl("http://localhost:8001").withWatchReconnectLimit(5).build();
- return new DefaultKubernetesClient(config);
+ return new KubernetesClientBuilder()
+ .withConfig(config)
+ .build();
}
@Bean
@Profile("!development")
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
@Bean
diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesService.java b/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesService.java
index a850523..ace0402 100644
--- a/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesService.java
+++ b/src/main/java/de/koudingspawn/vault/kubernetes/KubernetesService.java
@@ -59,7 +59,7 @@ void createSecret(Vault resource, VaultSecret vaultSecret) {
Secret secret = newSecretInstance(resource, vaultSecret);
secretCache.invalidate(secret.getMetadata().getNamespace(), secret.getMetadata().getName());
- client.secrets().inNamespace(resource.getMetadata().getNamespace()).create(secret);
+ client.secrets().inNamespace(resource.getMetadata().getNamespace()).resource(secret).create();
log.info("Created secret for vault resource {} in namespace {}", secret.getMetadata().getName(), secret.getMetadata().getNamespace());
}
@@ -86,7 +86,7 @@ void modifySecret(Vault resource, VaultSecret vaultSecret) {
secret.setData(vaultSecret.getData());
secretCache.invalidate(resource.getMetadata().getNamespace(), resource.getMetadata().getName());
- secretResource.createOrReplace(secret);
+ client.secrets().inNamespace(resource.getMetadata().getNamespace()).resource(secret).createOrReplace();
log.info("Modified secret {} in namespace {}", resource.getMetadata().getName(), resource.getMetadata().getNamespace());
}
@@ -145,9 +145,7 @@ public boolean hasBrokenOwnerReference(Vault resource) {
if (secret.getMetadata() != null && secret.getMetadata().getOwnerReferences() != null && secret.getMetadata().getOwnerReferences().size() == 1) {
OwnerReference ownerReference = secret.getMetadata().getOwnerReferences().get(0);
- if (ownerReference.getApiVersion().equals(crdName + "/v1")) {
- return true;
- }
+ return ownerReference.getApiVersion().equals(crdName + "/v1");
}
}
diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/cache/SecretCache.java b/src/main/java/de/koudingspawn/vault/kubernetes/cache/SecretCache.java
index 552eb9d..9548517 100644
--- a/src/main/java/de/koudingspawn/vault/kubernetes/cache/SecretCache.java
+++ b/src/main/java/de/koudingspawn/vault/kubernetes/cache/SecretCache.java
@@ -14,7 +14,7 @@ public class SecretCache {
private static final Logger log = LoggerFactory.getLogger(SecretCache.class);
- private Cache secretResourceCache = Caffeine.newBuilder().build();
+ private final Cache secretResourceCache = Caffeine.newBuilder().build();
private final KubernetesClient client;
public SecretCache(KubernetesClient client, boolean watch) {
@@ -28,23 +28,28 @@ public SecretCache(KubernetesClient client, boolean watch) {
public void watcher() {
client.secrets().inAnyNamespace().withLabel("vault.koudingspawn.de=vault").inform(
new ResourceEventHandler<>() {
+
+ private String cacheKey(String namespace, String name) {
+ return "%s/%s".formatted(namespace, name);
+ }
+
@Override
public void onAdd(Secret obj) {
- String key = String.format("%s/%s", obj.getMetadata().getNamespace(), obj.getMetadata().getName());
+ String key = cacheKey(obj.getMetadata().getNamespace(), obj.getMetadata().getName());
log.debug("Received create secret for {}", key);
secretResourceCache.put(key, obj);
}
@Override
public void onUpdate(Secret oldObj, Secret newObj) {
- String key = String.format("%s/%s", newObj.getMetadata().getNamespace(), newObj.getMetadata().getName());
+ String key = cacheKey(newObj.getMetadata().getNamespace(), newObj.getMetadata().getName());
log.debug("Received update for secret {}", key);
secretResourceCache.put(key, newObj);
}
@Override
public void onDelete(Secret obj, boolean deletedFinalStateUnknown) {
- String key = String.format("%s/%s", obj.getMetadata().getNamespace(), obj.getMetadata().getName());
+ String key = cacheKey(obj.getMetadata().getNamespace(), obj.getMetadata().getName());
log.debug("Invalidate secret cache for {} after delete", key);
secretResourceCache.invalidate(key);
}
diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/event/EventNotification.java b/src/main/java/de/koudingspawn/vault/kubernetes/event/EventNotification.java
index 832bc5e..9ff4169 100644
--- a/src/main/java/de/koudingspawn/vault/kubernetes/event/EventNotification.java
+++ b/src/main/java/de/koudingspawn/vault/kubernetes/event/EventNotification.java
@@ -59,7 +59,7 @@ public void storeNewEvent(EventType type, String message, Vault resource) {
.build();
try {
- client.v1().events().inNamespace(resource.getMetadata().getNamespace()).create(evt);
+ client.v1().events().inNamespace(resource.getMetadata().getNamespace()).resource(evt).create();
} catch (Exception ex) {
log.error("Failed to store event for {} in namespace {} next to resource with error",
resource.getMetadata().getName(), resource.getMetadata().getNamespace(), ex);
diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/event/EventType.java b/src/main/java/de/koudingspawn/vault/kubernetes/event/EventType.java
index 711c244..3f36bf3 100644
--- a/src/main/java/de/koudingspawn/vault/kubernetes/event/EventType.java
+++ b/src/main/java/de/koudingspawn/vault/kubernetes/event/EventType.java
@@ -12,7 +12,7 @@ public enum EventType {
private final String type;
private final String reason;
- private EventType(String type, String reason) {
+ EventType(String type, String reason) {
this.type = type;
this.reason = reason;
}
diff --git a/src/main/java/de/koudingspawn/vault/kubernetes/scheduler/ScheduledRefresh.java b/src/main/java/de/koudingspawn/vault/kubernetes/scheduler/ScheduledRefresh.java
index d1de474..1ec3dc0 100644
--- a/src/main/java/de/koudingspawn/vault/kubernetes/scheduler/ScheduledRefresh.java
+++ b/src/main/java/de/koudingspawn/vault/kubernetes/scheduler/ScheduledRefresh.java
@@ -1,12 +1,9 @@
package de.koudingspawn.vault.kubernetes.scheduler;
import de.koudingspawn.vault.crd.Vault;
-import de.koudingspawn.vault.crd.VaultList;
import de.koudingspawn.vault.kubernetes.EventHandler;
import de.koudingspawn.vault.kubernetes.event.EventNotification;
import de.koudingspawn.vault.vault.communication.SecretNotAccessibleException;
-import io.fabric8.kubernetes.client.dsl.MixedOperation;
-import io.fabric8.kubernetes.client.dsl.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;
diff --git a/src/main/java/de/koudingspawn/vault/vault/impl/EncryptionUtils.java b/src/main/java/de/koudingspawn/vault/vault/impl/EncryptionUtils.java
index df4f74e..592ff58 100644
--- a/src/main/java/de/koudingspawn/vault/vault/impl/EncryptionUtils.java
+++ b/src/main/java/de/koudingspawn/vault/vault/impl/EncryptionUtils.java
@@ -74,12 +74,6 @@ private static PrivateKey readPkcs1PrivateKey(byte[] pkcs1Bytes) throws GeneralS
return readPkcs8PrivateKey(pkcs8bytes);
}
- public static String sanitizeJson(String json) {
- return json.replace("\n", "")
- .replace("\r", "")
- .replace("\t", "");
- }
-
private static byte[] join(byte[] byteArray1, byte[] byteArray2) {
byte[] bytes = new byte[byteArray1.length + byteArray2.length];
System.arraycopy(byteArray1, 0, bytes, 0, byteArray1.length);
diff --git a/src/test/java/de/koudingspawn/vault/CertChainTest.java b/src/test/java/de/koudingspawn/vault/CertChainTest.java
index 84c88da..934b3d4 100644
--- a/src/test/java/de/koudingspawn/vault/CertChainTest.java
+++ b/src/test/java/de/koudingspawn/vault/CertChainTest.java
@@ -8,12 +8,14 @@
import de.koudingspawn.vault.kubernetes.EventHandler;
import de.koudingspawn.vault.kubernetes.scheduler.impl.CertRefresh;
import de.koudingspawn.vault.vault.communication.SecretNotAccessibleException;
-import io.fabric8.kubernetes.api.model.DeletionPropagation;
import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
import io.fabric8.kubernetes.api.model.Secret;
-import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
-import org.junit.*;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@@ -40,7 +42,7 @@
public class CertChainTest {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8206));
@Rule
@@ -58,7 +60,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -89,23 +91,24 @@ public void shouldGenerateCertFromVaultResource() {
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"ca_chain\": [\"ISSUINGCA\"],\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATE",
+ "issuing_ca": "ISSUINGCA",
+ "ca_chain": ["ISSUINGCA"],
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -141,23 +144,24 @@ public void shouldCheckIfCertificateHasChangedAndReturnFalse() throws SecretNotA
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"ca_chain\": [\"ISSUINGCA\"],\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATE",
+ "issuing_ca": "ISSUINGCA",
+ "ca_chain": ["ISSUINGCA"],
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -182,23 +186,24 @@ public void shouldCheckIfCertificateHasChangedAndReturnTrue() throws SecretNotAc
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"ca_chain\": [\"ISSUINGCA\"],\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATE",
+ "issuing_ca": "ISSUINGCA",
+ "ca_chain": ["ISSUINGCA"],
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
stubFor(get(urlEqualTo("/v1/secret/certificate"))
.inScenario("Cert secret change")
@@ -206,23 +211,24 @@ public void shouldCheckIfCertificateHasChangedAndReturnTrue() throws SecretNotAc
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATECHANGE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"ca_chain\": [\"ISSUINGCA\"],\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATECHANGE",
+ "issuing_ca": "ISSUINGCA",
+ "ca_chain": ["ISSUINGCA"],
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
diff --git a/src/test/java/de/koudingspawn/vault/CertTest.java b/src/test/java/de/koudingspawn/vault/CertTest.java
index 6028162..6504f54 100644
--- a/src/test/java/de/koudingspawn/vault/CertTest.java
+++ b/src/test/java/de/koudingspawn/vault/CertTest.java
@@ -8,12 +8,14 @@
import de.koudingspawn.vault.kubernetes.EventHandler;
import de.koudingspawn.vault.kubernetes.scheduler.impl.CertRefresh;
import de.koudingspawn.vault.vault.communication.SecretNotAccessibleException;
-import io.fabric8.kubernetes.api.model.DeletionPropagation;
import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
import io.fabric8.kubernetes.api.model.Secret;
-import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
-import org.junit.*;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@@ -40,7 +42,7 @@
public class CertTest {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8201));
@Rule
@@ -58,7 +60,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -89,22 +91,23 @@ public void shouldGenerateCertFromVaultResource() {
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATE",
+ "issuing_ca": "ISSUINGCA",
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -140,22 +143,23 @@ public void shouldCheckIfCertificateHasChangedAndReturnFalse() throws SecretNotA
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATE",
+ "issuing_ca": "ISSUINGCA",
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -180,22 +184,23 @@ public void shouldCheckIfCertificateHasChangedAndReturnTrue() throws SecretNotAc
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATE",
+ "issuing_ca": "ISSUINGCA",
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
stubFor(get(urlEqualTo("/v1/secret/certificate"))
.inScenario("Cert secret change")
@@ -203,22 +208,23 @@ public void shouldCheckIfCertificateHasChangedAndReturnTrue() throws SecretNotAc
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"certificate\": \"CERTIFICATECHANGE\",\n" +
- " \"issuing_ca\": \"ISSUINGCA\",\n" +
- " \"private_key\": \"PRIVATEKEY\"\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "data": {
+ "certificate": "CERTIFICATECHANGE",
+ "issuing_ca": "ISSUINGCA",
+ "private_key": "PRIVATEKEY"
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
diff --git a/src/test/java/de/koudingspawn/vault/DockerCfgTest.java b/src/test/java/de/koudingspawn/vault/DockerCfgTest.java
index 890afc2..cdcb4d2 100644
--- a/src/test/java/de/koudingspawn/vault/DockerCfgTest.java
+++ b/src/test/java/de/koudingspawn/vault/DockerCfgTest.java
@@ -17,6 +17,7 @@
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import org.junit.*;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -46,7 +47,7 @@
public class DockerCfgTest {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8202));
@Rule
@@ -67,7 +68,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -97,21 +98,22 @@ public void shouldGenerateDockerCfgFromVaultResource() throws IOException {
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"username\": \"username\",\n" +
- " \"password\": \"password\",\n" +
- " \"url\": \"hub.docker.com\",\n" +
- " \"email\": \"test-user@test.com\"\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "username": "username",
+ "password": "password",
+ "url": "hub.docker.com",
+ "email": "test-user@test.com"
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -210,29 +212,30 @@ public void shouldGenerateDockerCfgV2() throws JsonProcessingException {
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 0,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"username\": \"username\",\n" +
- " \"password\": \"password\",\n" +
- " \"url\": \"hub.docker.com\",\n" +
- " \"email\": \"test-user@test.com\"\n" +
- " },\n" +
- " \"metadata\": {\n" +
- " \"created_time\": \"2018-12-10T18:59:53.337997525Z\",\n" +
- " \"deletion_time\": \"\",\n" +
- " \"destroyed\": false,\n" +
- " \"version\": 1\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 0,
+ "data": {
+ "data": {
+ "username": "username",
+ "password": "password",
+ "url": "hub.docker.com",
+ "email": "test-user@test.com"
+ },
+ "metadata": {
+ "created_time": "2018-12-10T18:59:53.337997525Z",
+ "deletion_time": "",
+ "destroyed": false,
+ "version": 1
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
diff --git a/src/test/java/de/koudingspawn/vault/EventNotificationTest.java b/src/test/java/de/koudingspawn/vault/EventNotificationTest.java
index 21c5cbd..d88f4f2 100644
--- a/src/test/java/de/koudingspawn/vault/EventNotificationTest.java
+++ b/src/test/java/de/koudingspawn/vault/EventNotificationTest.java
@@ -6,6 +6,7 @@
import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -40,7 +41,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
diff --git a/src/test/java/de/koudingspawn/vault/KeyValueTest.java b/src/test/java/de/koudingspawn/vault/KeyValueTest.java
index adf2cc0..24dac9c 100644
--- a/src/test/java/de/koudingspawn/vault/KeyValueTest.java
+++ b/src/test/java/de/koudingspawn/vault/KeyValueTest.java
@@ -8,12 +8,15 @@
import de.koudingspawn.vault.kubernetes.EventHandler;
import de.koudingspawn.vault.kubernetes.scheduler.impl.KeyValueRefresh;
import de.koudingspawn.vault.vault.communication.SecretNotAccessibleException;
-import io.fabric8.kubernetes.api.model.DeletionPropagation;
import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
-import org.junit.*;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@@ -39,7 +42,7 @@
public class KeyValueTest {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8209));
@Rule
@@ -60,7 +63,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -84,10 +87,10 @@ public void shouldGenerateSimpleSecretFromVaultCustomResource() {
vault.setSpec(vaultSpec);
stubFor(get(urlPathMatching("/v1/secret/simple"))
- .willReturn(aResponse()
- .withStatus(200)
- .withHeader("Content-Type", "application/json")
- .withBody("{\"request_id\":\"6cc090a8-3821-8244-73e4-5ab62b605587\",\"lease_id\":\"\",\"renewable\":false,\"lease_duration\":2764800,\"data\":{\"key\":\"value\"},\"wrap_info\":null,\"warnings\":null,\"auth\":null}")));
+ .willReturn(aResponse()
+ .withStatus(200)
+ .withHeader("Content-Type", "application/json")
+ .withBody("{\"request_id\":\"6cc090a8-3821-8244-73e4-5ab62b605587\",\"lease_id\":\"\",\"renewable\":false,\"lease_duration\":2764800,\"data\":{\"key\":\"value\"},\"wrap_info\":null,\"warnings\":null,\"auth\":null}")));
handler.addHandler(vault);
diff --git a/src/test/java/de/koudingspawn/vault/KeyValueV2Test.java b/src/test/java/de/koudingspawn/vault/KeyValueV2Test.java
index 9c2162c..d884f47 100644
--- a/src/test/java/de/koudingspawn/vault/KeyValueV2Test.java
+++ b/src/test/java/de/koudingspawn/vault/KeyValueV2Test.java
@@ -8,12 +8,14 @@
import de.koudingspawn.vault.kubernetes.EventHandler;
import de.koudingspawn.vault.kubernetes.scheduler.impl.KeyValueV2Refresh;
import de.koudingspawn.vault.vault.communication.SecretNotAccessibleException;
-import io.fabric8.kubernetes.api.model.DeletionPropagation;
import io.fabric8.kubernetes.api.model.ObjectMetaBuilder;
import io.fabric8.kubernetes.api.model.Secret;
-import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
-import org.junit.*;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
@@ -41,7 +43,7 @@
public class KeyValueV2Test {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8207));
@Rule
@@ -62,7 +64,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -86,29 +88,30 @@ public void shouldGenerateSimpleSecretFromVaultCustomResource() {
vault.setSpec(vaultSpec);
stubFor(get(urlPathMatching("/v1/secret/data/simple"))
- .willReturn(aResponse()
- .withStatus(200)
- .withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 0,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"key\": \"value\"\n" +
- " },\n" +
- " \"metadata\": {\n" +
- " \"created_time\": \"2018-12-10T18:59:53.337997525Z\",\n" +
- " \"deletion_time\": \"\",\n" +
- " \"destroyed\": false,\n" +
- " \"version\": 1\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .willReturn(aResponse()
+ .withStatus(200)
+ .withHeader("Content-Type", "application/json")
+ .withBody("""
+ {
+ "request_id": "1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 0,
+ "data": {
+ "data": {
+ "key": "value"
+ },
+ "metadata": {
+ "created_time": "2018-12-10T18:59:53.337997525Z",
+ "deletion_time": "",
+ "destroyed": false,
+ "version": 1
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -138,26 +141,27 @@ public void shouldCheckIfSimpleSecretHasChangedAndReturnTrue() throws SecretNotA
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 0,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"key\": \"value\"\n" +
- " },\n" +
- " \"metadata\": {\n" +
- " \"created_time\": \"2018-12-10T18:59:53.337997525Z\",\n" +
- " \"deletion_time\": \"\",\n" +
- " \"destroyed\": false,\n" +
- " \"version\": 1\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 0,
+ "data": {
+ "data": {
+ "key": "value"
+ },
+ "metadata": {
+ "created_time": "2018-12-10T18:59:53.337997525Z",
+ "deletion_time": "",
+ "destroyed": false,
+ "version": 1
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
stubFor(get(urlPathMatching("/v1/secret/data/simple"))
.inScenario("Vault secret change")
@@ -165,26 +169,27 @@ public void shouldCheckIfSimpleSecretHasChangedAndReturnTrue() throws SecretNotA
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 0,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"key\": \"value1\"\n" +
- " },\n" +
- " \"metadata\": {\n" +
- " \"created_time\": \"2018-12-10T18:59:53.337997525Z\",\n" +
- " \"deletion_time\": \"\",\n" +
- " \"destroyed\": false,\n" +
- " \"version\": 1\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 0,
+ "data": {
+ "data": {
+ "key": "value1"
+ },
+ "metadata": {
+ "created_time": "2018-12-10T18:59:53.337997525Z",
+ "deletion_time": "",
+ "destroyed": false,
+ "version": 1
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -205,26 +210,27 @@ public void shouldCheckIfSimpleSecretHasChangedAndReturnFalse() throws SecretNot
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 0,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"key\": \"value\"\n" +
- " },\n" +
- " \"metadata\": {\n" +
- " \"created_time\": \"2018-12-10T18:59:53.337997525Z\",\n" +
- " \"deletion_time\": \"\",\n" +
- " \"destroyed\": false,\n" +
- " \"version\": 1\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 0,
+ "data": {
+ "data": {
+ "key": "value"
+ },
+ "metadata": {
+ "created_time": "2018-12-10T18:59:53.337997525Z",
+ "deletion_time": "",
+ "destroyed": false,
+ "version": 1
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
@@ -245,27 +251,28 @@ public void shouldSupportNestedPath() {
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 0,\n" +
- " \"data\": {\n" +
- " \"data\": {\n" +
- " \"key\": \"value\",\n" +
- " \"nested\": \"value2\"\n" +
- " },\n" +
- " \"metadata\": {\n" +
- " \"created_time\": \"2018-12-10T18:59:53.337997525Z\",\n" +
- " \"deletion_time\": \"\",\n" +
- " \"destroyed\": false,\n" +
- " \"version\": 1\n" +
- " }\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "1cfee2a6-318a-ea12-f5b5-6fd52d74d2c6",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 0,
+ "data": {
+ "data": {
+ "key": "value",
+ "nested": "value2"
+ },
+ "metadata": {
+ "created_time": "2018-12-10T18:59:53.337997525Z",
+ "deletion_time": "",
+ "destroyed": false,
+ "version": 1
+ }
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
handler.addHandler(vault);
diff --git a/src/test/java/de/koudingspawn/vault/OwnerReferenceBugfix.java b/src/test/java/de/koudingspawn/vault/OwnerReferenceBugfixTest.java
similarity index 93%
rename from src/test/java/de/koudingspawn/vault/OwnerReferenceBugfix.java
rename to src/test/java/de/koudingspawn/vault/OwnerReferenceBugfixTest.java
index 21dce5a..56d67b3 100644
--- a/src/test/java/de/koudingspawn/vault/OwnerReferenceBugfix.java
+++ b/src/test/java/de/koudingspawn/vault/OwnerReferenceBugfixTest.java
@@ -10,8 +10,8 @@
import io.fabric8.kubernetes.api.model.OwnerReference;
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.api.model.SecretBuilder;
-import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import io.fabric8.kubernetes.client.dsl.MixedOperation;
import io.fabric8.kubernetes.client.dsl.Resource;
import org.junit.Before;
@@ -41,10 +41,10 @@
}
)
-public class OwnerReferenceBugfix {
+public class OwnerReferenceBugfixTest {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8210));
@Rule
@@ -65,7 +65,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -113,7 +113,7 @@ public void fixOwnerReference() throws IOException {
)
.withData(Collections.singletonMap("key", "dmFsdWU="))
.build();
- client.secrets().inNamespace("default").withName("properties-correct-owner-2").create(secret);
+ client.secrets().inNamespace("default").resource(secret).create();
handler.addHandler(vault);
diff --git a/src/test/java/de/koudingspawn/vault/PKIChainTest.java b/src/test/java/de/koudingspawn/vault/PKIChainTest.java
index 3a57973..b5ff206 100644
--- a/src/test/java/de/koudingspawn/vault/PKIChainTest.java
+++ b/src/test/java/de/koudingspawn/vault/PKIChainTest.java
@@ -14,6 +14,7 @@
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import org.junit.*;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -44,7 +45,7 @@
public class PKIChainTest {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8205));
@Rule
@@ -62,7 +63,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -91,21 +92,22 @@ public void shouldGeneratePkiFromVaultChainResource() throws Exception {
.withStatus(200)
.withHeader("Content-Type", "application/json")
.withBody(
- String.format("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"certificate\": \"%s\",\n" +
- " \"ca_chain\": [\"%s\"],\n" +
- " \"issuing_ca\": \"%s\",\n" +
- " \"private_key\": \"%s\"\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}", keyPair.getCertificate(), keyPair.getCa_chain().get(0), keyPair.getIssuing_ca(), keyPair.getPrivate_key())
+ String.format("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "certificate": "%s",
+ "ca_chain": ["%s"],
+ "issuing_ca": "%s",
+ "private_key": "%s"
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""", keyPair.getCertificate(), keyPair.getCa_chain().get(0), keyPair.getIssuing_ca(), keyPair.getPrivate_key())
)));
handler.addHandler(vaultResource);
diff --git a/src/test/java/de/koudingspawn/vault/PKITest.java b/src/test/java/de/koudingspawn/vault/PKITest.java
index 2373538..853d470 100644
--- a/src/test/java/de/koudingspawn/vault/PKITest.java
+++ b/src/test/java/de/koudingspawn/vault/PKITest.java
@@ -14,6 +14,7 @@
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
@@ -63,7 +64,7 @@ public class PKITest {
}
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8204));
@Rule
@@ -81,7 +82,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
@@ -111,19 +112,20 @@ public void shouldGeneratePkiFromVaultResource() throws Exception {
.withStatus(200)
.withHeader("Content-Type", "application/json")
.withBody(
- String.format("{\n" +
- " \"request_id\": \"6cc090a8-3821-8244-73e4-5ab62b605587\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 2764800,\n" +
- " \"data\": {\n" +
- " \"certificate\": \"%s\",\n" +
- " \"private_key\": \"%s\"\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}", keyPair.getCertificate(), keyPair.getPrivate_key())
+ String.format("""
+ {
+ "request_id": "6cc090a8-3821-8244-73e4-5ab62b605587",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 2764800,
+ "data": {
+ "certificate": "%s",
+ "private_key": "%s"
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""", keyPair.getCertificate(), keyPair.getPrivate_key())
)));
handler.addHandler(vaultResource);
diff --git a/src/test/java/de/koudingspawn/vault/PropertiesTest.java b/src/test/java/de/koudingspawn/vault/PropertiesTest.java
index 3e8284b..e6d7320 100644
--- a/src/test/java/de/koudingspawn/vault/PropertiesTest.java
+++ b/src/test/java/de/koudingspawn/vault/PropertiesTest.java
@@ -16,6 +16,7 @@
import io.fabric8.kubernetes.api.model.Secret;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import org.junit.*;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
@@ -47,7 +48,7 @@
public class PropertiesTest {
@ClassRule
- public static WireMockClassRule wireMockClassRule =
+ public static final WireMockClassRule wireMockClassRule =
new WireMockClassRule(wireMockConfig().port(8208));
@Rule
@@ -68,7 +69,7 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
}
diff --git a/src/test/java/de/koudingspawn/vault/TestHelper.java b/src/test/java/de/koudingspawn/vault/TestHelper.java
index 6ecba45..eabe5bc 100644
--- a/src/test/java/de/koudingspawn/vault/TestHelper.java
+++ b/src/test/java/de/koudingspawn/vault/TestHelper.java
@@ -13,33 +13,34 @@ public static void generateLookupSelfStub() {
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\n" +
- " \"request_id\": \"200ef4ee-7ca7-9d38-2e63-6002454e00d7\",\n" +
- " \"lease_id\": \"\",\n" +
- " \"renewable\": false,\n" +
- " \"lease_duration\": 0,\n" +
- " \"data\": {\n" +
- " \"accessor\": \"c69c3bd7-c142-c655-2757-77bfdc86b04a\",\n" +
- " \"creation_time\": 1536033750,\n" +
- " \"creation_ttl\": 0,\n" +
- " \"display_name\": \"root\",\n" +
- " \"entity_id\": \"\",\n" +
- " \"expire_time\": null,\n" +
- " \"explicit_max_ttl\": 0,\n" +
- " \"id\": \"c73ab0cb-41e6-b89c-7af6-96b36f1ac87b\",\n" +
- " \"meta\": null,\n" +
- " \"num_uses\": 0,\n" +
- " \"orphan\": true,\n" +
- " \"path\": \"auth/token/root\",\n" +
- " \"policies\": [\n" +
- " \"root\"\n" +
- " ],\n" +
- " \"ttl\": 0\n" +
- " },\n" +
- " \"wrap_info\": null,\n" +
- " \"warnings\": null,\n" +
- " \"auth\": null\n" +
- "}")));
+ .withBody("""
+ {
+ "request_id": "200ef4ee-7ca7-9d38-2e63-6002454e00d7",
+ "lease_id": "",
+ "renewable": false,
+ "lease_duration": 0,
+ "data": {
+ "accessor": "c69c3bd7-c142-c655-2757-77bfdc86b04a",
+ "creation_time": 1536033750,
+ "creation_ttl": 0,
+ "display_name": "root",
+ "entity_id": "",
+ "expire_time": null,
+ "explicit_max_ttl": 0,
+ "id": "c73ab0cb-41e6-b89c-7af6-96b36f1ac87b",
+ "meta": null,
+ "num_uses": 0,
+ "orphan": true,
+ "path": "auth/token/root",
+ "policies": [
+ "root"
+ ],
+ "ttl": 0
+ },
+ "wrap_info": null,
+ "warnings": null,
+ "auth": null
+ }""")));
}
public static void generateKVStup(String path, Map value) {
@@ -50,7 +51,7 @@ public static void generateKVStup(String path, Map value) {
.willReturn(aResponse()
.withStatus(200)
.withHeader("Content-Type", "application/json")
- .withBody("{\"request_id\":\"6cc090a8-3821-8244-73e4-5ab62b605587\",\"lease_id\":\"\",\"renewable\":false,\"lease_duration\":2764800,\"data\":" + jsonObject.toString() + ",\"wrap_info\":null,\"warnings\":null,\"auth\":null}")));
+ .withBody("{\"request_id\":\"6cc090a8-3821-8244-73e4-5ab62b605587\",\"lease_id\":\"\",\"renewable\":false,\"lease_duration\":2764800,\"data\":" + jsonObject + ",\"wrap_info\":null,\"warnings\":null,\"auth\":null}")));
}
@@ -68,7 +69,7 @@ public static void generateKV2Stup(String path, Map value) {
" \"renewable\": false,\n" +
" \"lease_duration\": 0,\n" +
" \"data\": {\n" +
- " \"data\": " + jsonObject.toString() + ",\n" +
+ " \"data\": " + jsonObject + ",\n" +
" \"metadata\": {\n" +
" \"created_time\": \"2018-12-10T18:59:53.337997525Z\",\n" +
" \"deletion_time\": \"\",\n" +
diff --git a/src/test/java/de/koudingspawn/vault/kubernetes/KubernetesServiceTest.java b/src/test/java/de/koudingspawn/vault/kubernetes/KubernetesServiceTest.java
index b73f352..7153969 100644
--- a/src/test/java/de/koudingspawn/vault/kubernetes/KubernetesServiceTest.java
+++ b/src/test/java/de/koudingspawn/vault/kubernetes/KubernetesServiceTest.java
@@ -6,6 +6,7 @@
import io.fabric8.kubernetes.api.model.*;
import io.fabric8.kubernetes.client.DefaultKubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClient;
+import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import org.junit.After;
import org.junit.Before;
import org.junit.Test;
@@ -25,12 +26,12 @@
@RunWith(SpringRunner.class)
public class KubernetesServiceTest {
- private static String COMPARE = "COMPARE";
- private static String CRDNAME = "CRDNAME";
- private static String CRDGROUP = "CRDGROUP";
+ private static final String COMPARE = "COMPARE";
+ private static final String CRDNAME = "CRDNAME";
+ private static final String CRDGROUP = "CRDGROUP";
- private static String NAMESPACE = "test";
- private static String SECRETNAME = "testsecret";
+ private static final String NAMESPACE = "test";
+ private static final String SECRETNAME = "testsecret";
@Autowired
public KubernetesClient client;
@@ -43,9 +44,8 @@ static class KindConfig {
@Bean
@Primary
public KubernetesClient client() {
- return new DefaultKubernetesClient();
+ return new KubernetesClientBuilder().build();
}
-
}
@Before
@@ -54,7 +54,7 @@ public void setUp() {
kubernetesService = new KubernetesService(client, secretCache, CRDNAME, CRDGROUP);
Namespace ns = new NamespaceBuilder().withMetadata(new ObjectMetaBuilder().withName(NAMESPACE).build()).build();
- client.namespaces().createOrReplace(ns);
+ client.namespaces().resource(ns).createOrReplace();
}
@Test
@@ -62,7 +62,7 @@ public void shouldCheckIfResourceExists() {
Vault vault = generateVault();
Secret testsecret = generateSecret();
- client.secrets().inNamespace(NAMESPACE).create(testsecret);
+ client.secrets().inNamespace(NAMESPACE).resource(testsecret).create();
boolean exists = kubernetesService.exists(vault);
@@ -96,7 +96,7 @@ public void shouldCreateSecret() {
public void shouldDeleteSecret() {
Secret secret = generateSecret();
- client.secrets().inNamespace(NAMESPACE).create(secret);
+ client.secrets().inNamespace(NAMESPACE).resource(secret).create();
assertNotNull(client.secrets().inNamespace(NAMESPACE).withName(SECRETNAME).get());
@@ -108,7 +108,7 @@ public void shouldDeleteSecret() {
@Test
public void shouldModifySecret() {
Secret secret = generateSecret();
- client.secrets().inNamespace(NAMESPACE).create(secret);
+ client.secrets().inNamespace(NAMESPACE).resource(secret).create();
Vault vault = generateVault();
HashMap data = new HashMap<>();