✅ Add redis and ldap system-x for openshift

tnb-software · Jul 26, 2023 · 678349d · 678349d
1 parent fec35d5
commit 678349d
Show file tree

Hide file tree

Showing 7 changed files with 343 additions and 11 deletions.
diff --git a/system-x/services/ldap/src/main/java/software/tnb/ldap/resource/local/LDAPContainer.java b/system-x/services/ldap/src/main/java/software/tnb/ldap/resource/local/LDAPContainer.java
@@ -3,11 +3,14 @@
 import org.testcontainers.containers.GenericContainer;
 import org.testcontainers.containers.wait.strategy.Wait;
 
+import java.util.Map;
+
 public class LDAPContainer extends GenericContainer<LDAPContainer> {
 
-    public LDAPContainer(String image, int port) {
+    public LDAPContainer(String image, int port, Map<String, String> env) {
         super(image);
         this.withExposedPorts(port);
-        this.waitingFor(Wait.forListeningPort());
+        this.withEnv(env);
+        this.waitingFor(Wait.forLogMessage(".*slapd starting.*", 2));
     }
 }
diff --git a/system-x/services/ldap/src/main/java/software/tnb/ldap/resource/local/LocalLDAP.java b/system-x/services/ldap/src/main/java/software/tnb/ldap/resource/local/LocalLDAP.java
@@ -3,7 +3,6 @@
 import software.tnb.common.deployment.Deployable;
 import software.tnb.ldap.service.LDAP;
 
-import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -16,13 +15,12 @@
 public class LocalLDAP extends LDAP implements Deployable {
 
     private static final Logger LOG = LoggerFactory.getLogger(LocalLDAP.class);
-    private static final int PORT = 389;
     private LDAPContainer ldapContainer;
 
     @Override
     public void deploy() {
         LOG.info("Starting LDAP container");
-        ldapContainer = new LDAPContainer(defaultImage(), PORT);
+        ldapContainer = new LDAPContainer(defaultImage(), PORT, environmentVariables());
         ldapContainer.start();
         LOG.info("LDAP container started");
     }
@@ -44,17 +42,19 @@ public String url() {
     public void openResources() {
         final LDAPConnection ldapConnection = new LDAPConnection();
         try {
-            ldapConnection.connect(StringUtils.substringBetween(url(), "ldap://", ":"), Integer.parseInt(StringUtils.substringAfterLast(url(), ':')));
+            ldapConnection.connect(ldapContainer.getHost(), ldapContainer.getMappedPort(PORT), 20000);
             ldapConnection.bind(account().username(), account().password());
             client = new LDAPConnectionPool(ldapConnection, 1);
         } catch (LDAPException e) {
-            LOG.error("Error when connecting to LDAP server");
-            throw new RuntimeException("Error when connecting to LDAP server");
+            LOG.error("Error when connecting to LDAP server: " + e.getMessage());
+            throw new RuntimeException("Error when connecting to LDAP server", e);
         }
     }
 
     @Override
     public void closeResources() {
-        client.close();
+        if (client != null) {
+            client.close();
+        }
     }
 }
diff --git a/system-x/services/ldap/src/main/java/software/tnb/ldap/resource/openshift/OpenshiftLDAP.java b/system-x/services/ldap/src/main/java/software/tnb/ldap/resource/openshift/OpenshiftLDAP.java
@@ -0,0 +1,177 @@
+package software.tnb.ldap.resource.openshift;
+
+import software.tnb.common.config.OpenshiftConfiguration;
+import software.tnb.common.deployment.ReusableOpenshiftDeployable;
+import software.tnb.common.deployment.WithName;
+import software.tnb.common.openshift.OpenshiftClient;
+import software.tnb.common.utils.IOUtils;
+import software.tnb.common.utils.MapUtils;
+import software.tnb.common.utils.NetworkUtils;
+import software.tnb.common.utils.WaitUtils;
+import software.tnb.ldap.service.LDAP;
+
+import com.google.auto.service.AutoService;
+import com.unboundid.ldap.sdk.LDAPConnection;
+import com.unboundid.ldap.sdk.LDAPConnectionPool;
+import com.unboundid.ldap.sdk.LDAPException;
+
+import java.util.function.Predicate;
+
+import io.fabric8.kubernetes.api.model.IntOrString;
+import io.fabric8.kubernetes.api.model.Pod;
+import io.fabric8.kubernetes.api.model.Probe;
+import io.fabric8.kubernetes.api.model.ProbeBuilder;
+import io.fabric8.kubernetes.api.model.ServiceAccountBuilder;
+import io.fabric8.kubernetes.api.model.ServiceBuilder;
+import io.fabric8.kubernetes.api.model.TCPSocketActionBuilder;
+import io.fabric8.kubernetes.client.PortForward;
+import io.fabric8.openshift.api.model.DeploymentConfigBuilder;
+
+@AutoService(LDAP.class)
+public class OpenshiftLDAP extends LDAP implements ReusableOpenshiftDeployable, WithName {
+
+    private PortForward portForward;
+    private int localPort;
+    private String sccName;
+    private String serviceAccountName;
+
+    @Override
+    public void undeploy() {
+        OpenshiftClient.get().deploymentConfigs().withName(name()).delete();
+        OpenshiftClient.get().services().withLabel(OpenshiftConfiguration.openshiftDeploymentLabel(), name()).delete();
+        WaitUtils.waitFor(() -> servicePod() == null, "Waiting until the pod is removed");
+    }
+
+    @Override
+    public void openResources() {
+
+        localPort = NetworkUtils.getFreePort();
+        portForward = OpenshiftClient.get().services().withName(name()).portForward(PORT, localPort);
+        final LDAPConnection ldapConnection = new LDAPConnection();
+        try {
+            ldapConnection.connect("localhost", localPort, 20000);
+            ldapConnection.bind(account().username(), account().password());
+            client = new LDAPConnectionPool(ldapConnection, 1);
+        } catch (LDAPException e) {
+            throw new RuntimeException("Error when connecting to LDAP server: " + e.getMessage());
+        }
+    }
+
+    @Override
+    public void closeResources() {
+
+        if (client != null) {
+            client.close();
+        }
+
+        if (portForward != null && portForward.isAlive()) {
+            IOUtils.closeQuietly(portForward);
+        }
+    }
+
+    @Override
+    public void create() {
+
+        sccName = "tnb-ldap-" + OpenshiftClient.get().getNamespace();
+
+        serviceAccountName = name() + "-sa";
+
+        OpenshiftClient.get().serviceAccounts()
+            .createOrReplace(new ServiceAccountBuilder()
+                .withNewMetadata()
+                .withName(serviceAccountName)
+                .endMetadata()
+                .build()
+            );
+
+        OpenshiftClient.get().addUsersToSecurityContext(
+            OpenshiftClient.get().createSecurityContext(sccName, "anyuid", "SYS_CHROOT"),
+            OpenshiftClient.get().getServiceAccountRef(serviceAccountName));
+
+        final Probe probe = new ProbeBuilder()
+            .withTcpSocket(new TCPSocketActionBuilder().withPort(new IntOrString(PORT)).build())
+            .withTimeoutSeconds(15)
+            .build();
+
+        OpenshiftClient.get().deploymentConfigs().createOrReplace(new DeploymentConfigBuilder()
+            .withNewMetadata()
+                .withName(name())
+                .addToLabels(OpenshiftConfiguration.openshiftDeploymentLabel(), name())
+                .addToAnnotations("openshift.io/scc", sccName)
+            .endMetadata()
+                .editOrNewSpec()
+                    .addToSelector(OpenshiftConfiguration.openshiftDeploymentLabel(), name())
+                    .withReplicas(1)
+                    .editOrNewTemplate()
+                        .editOrNewMetadata()
+                            .addToLabels(OpenshiftConfiguration.openshiftDeploymentLabel(), name())
+                        .endMetadata()
+                        .editOrNewSpec()
+                            .withServiceAccount(serviceAccountName)
+                            .addNewContainer()
+                                .withName(name())
+                                .withImage(defaultImage())
+                                .addNewPort()
+                                    .withContainerPort(PORT)
+                                    .withName(name())
+                                .endPort()
+                                .editOrNewSecurityContext()
+                                    .editOrNewCapabilities()
+                                        .addNewAdd("SYS_CHROOT")
+                                    .endCapabilities()
+                                .endSecurityContext()
+                                .withEnv(MapUtils.toEnvVars(environmentVariables()))
+                                .withReadinessProbe(probe)
+                                .withLivenessProbe(probe)
+                            .endContainer()
+                        .endSpec()
+                    .endTemplate()
+                    .addNewTrigger()
+                        .withType("ConfigChange")
+                    .endTrigger()
+                .endSpec()
+            .build());
+
+        OpenshiftClient.get().services().createOrReplace(new ServiceBuilder()
+            .editOrNewMetadata()
+                .withName(name())
+                .addToLabels(OpenshiftConfiguration.openshiftDeploymentLabel(), name())
+            .endMetadata()
+            .editOrNewSpec()
+                .addToSelector(OpenshiftConfiguration.openshiftDeploymentLabel(), name())
+                .addNewPort()
+                    .withName(name())
+                    .withProtocol("TCP")
+                    .withPort(PORT)
+                    .withTargetPort(new IntOrString(PORT))
+                .endPort()
+            .endSpec()
+            .build());
+    }
+
+    @Override
+    public boolean isDeployed() {
+        return OpenshiftClient.get().apps().deployments().withLabel(OpenshiftConfiguration.openshiftDeploymentLabel(), name()).list()
+            .getItems().size() > 0;
+    }
+
+    @Override
+    public Predicate<Pod> podSelector() {
+        return WithName.super.podSelector();
+    }
+
+    @Override
+    public void cleanup() {
+
+    }
+
+    @Override
+    public String name() {
+        return "ldap";
+    }
+
+    @Override
+    public String url() {
+        return String.format("ldap://%s:%d", name(), PORT);
+    }
+}
diff --git a/system-x/services/ldap/src/main/java/software/tnb/ldap/service/LDAP.java b/system-x/services/ldap/src/main/java/software/tnb/ldap/service/LDAP.java
@@ -5,10 +5,16 @@
 import software.tnb.ldap.account.LDAPAccount;
 import software.tnb.ldap.validation.LDAPValidation;
 
+import org.apache.commons.lang3.StringUtils;
+
 import com.unboundid.ldap.sdk.LDAPConnectionPool;
 
+import java.util.Map;
+
 public abstract class LDAP extends Service<LDAPAccount, LDAPConnectionPool, LDAPValidation> implements WithDockerImage {
 
+    protected static final int PORT = 389;
+
     public abstract String url();
 
     public LDAPValidation validation() {
@@ -20,6 +26,16 @@ public LDAPValidation validation() {
 
     @Override
     public String defaultImage() {
-        return "quay.io/fuse_qe/openldap:1.5.0";
+        return "quay.io/fuse_qe/ocp-openldap:latest";
+    }
+
+    public Map<String, String> environmentVariables() {
+        return Map.of("OPENLDAP_ROOT_DN_SUFFIX"
+            , StringUtils.substringAfter(account().username(), ",")
+            , "OPENLDAP_ROOT_DN_PREFIX"
+            , StringUtils.substringBefore(account().username(), ",")
+            , "OPENLDAP_ROOT_PASSWORD"
+            , account().password()
+        );
     }
 }
diff --git a/system-x/services/redis/src/main/java/software/tnb/redis/resource/local/LocalRedis.java b/system-x/services/redis/src/main/java/software/tnb/redis/resource/local/LocalRedis.java
@@ -15,7 +15,6 @@
 public class LocalRedis extends Redis implements Deployable {
 
     private static final Logger LOG = LoggerFactory.getLogger(LocalRedis.class);
-    private static final int PORT = 6379;
     private RedisContainer redisContainer;
 
     @Override