Use the entire podTemplateSpec to spawn the realm-import job
This commit is contained in:
parent
8e1f67b0c4
commit
76f83f0ab2
4 changed files with 34 additions and 28 deletions
|
@ -134,6 +134,7 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu
|
||||||
|
|
||||||
if (overlayTemplate.getSpec() != null &&
|
if (overlayTemplate.getSpec() != null &&
|
||||||
overlayTemplate.getSpec().getContainers() != null &&
|
overlayTemplate.getSpec().getContainers() != null &&
|
||||||
|
overlayTemplate.getSpec().getContainers().size() > 0 &&
|
||||||
overlayTemplate.getSpec().getContainers().get(0) != null &&
|
overlayTemplate.getSpec().getContainers().get(0) != null &&
|
||||||
overlayTemplate.getSpec().getContainers().get(0).getName() != null) {
|
overlayTemplate.getSpec().getContainers().get(0).getName() != null) {
|
||||||
status.addWarningMessage("The name of the keycloak container cannot be modified");
|
status.addWarningMessage("The name of the keycloak container cannot be modified");
|
||||||
|
@ -141,6 +142,7 @@ public class KeycloakDeployment extends OperatorManagedResource implements Statu
|
||||||
|
|
||||||
if (overlayTemplate.getSpec() != null &&
|
if (overlayTemplate.getSpec() != null &&
|
||||||
overlayTemplate.getSpec().getContainers() != null &&
|
overlayTemplate.getSpec().getContainers() != null &&
|
||||||
|
overlayTemplate.getSpec().getContainers().size() > 0 &&
|
||||||
overlayTemplate.getSpec().getContainers().get(0) != null &&
|
overlayTemplate.getSpec().getContainers().get(0) != null &&
|
||||||
overlayTemplate.getSpec().getContainers().get(0).getImage() != null) {
|
overlayTemplate.getSpec().getContainers().get(0).getImage() != null) {
|
||||||
status.addWarningMessage("The image of the keycloak container cannot be modified using podTemplate");
|
status.addWarningMessage("The image of the keycloak container cannot be modified using podTemplate");
|
||||||
|
|
|
@ -18,6 +18,7 @@ package org.keycloak.operator.v2alpha1;
|
||||||
|
|
||||||
import io.fabric8.kubernetes.api.model.Container;
|
import io.fabric8.kubernetes.api.model.Container;
|
||||||
import io.fabric8.kubernetes.api.model.HasMetadata;
|
import io.fabric8.kubernetes.api.model.HasMetadata;
|
||||||
|
import io.fabric8.kubernetes.api.model.PodTemplateSpec;
|
||||||
import io.fabric8.kubernetes.api.model.SecretVolumeSourceBuilder;
|
import io.fabric8.kubernetes.api.model.SecretVolumeSourceBuilder;
|
||||||
import io.fabric8.kubernetes.api.model.Volume;
|
import io.fabric8.kubernetes.api.model.Volume;
|
||||||
import io.fabric8.kubernetes.api.model.VolumeBuilder;
|
import io.fabric8.kubernetes.api.model.VolumeBuilder;
|
||||||
|
@ -86,20 +87,16 @@ public class KeycloakRealmImportJob extends OperatorManagedResource {
|
||||||
.get();
|
.get();
|
||||||
}
|
}
|
||||||
|
|
||||||
private Job buildJob(Container keycloakContainer, List<Volume> volumes) {
|
private Job buildJob(PodTemplateSpec keycloakPodTemplate) {
|
||||||
|
keycloakPodTemplate.getSpec().setRestartPolicy("Never");
|
||||||
|
|
||||||
return new JobBuilder()
|
return new JobBuilder()
|
||||||
.withNewMetadata()
|
.withNewMetadata()
|
||||||
.withName(getName())
|
.withName(getName())
|
||||||
.withNamespace(getNamespace())
|
.withNamespace(getNamespace())
|
||||||
.endMetadata()
|
.endMetadata()
|
||||||
.withNewSpec()
|
.withNewSpec()
|
||||||
.withNewTemplate()
|
.withTemplate(keycloakPodTemplate)
|
||||||
.withNewSpec()
|
|
||||||
.withContainers(keycloakContainer)
|
|
||||||
.withVolumes(volumes)
|
|
||||||
.withRestartPolicy("Never")
|
|
||||||
.endSpec()
|
|
||||||
.endTemplate()
|
|
||||||
.endSpec()
|
.endSpec()
|
||||||
.build();
|
.build();
|
||||||
}
|
}
|
||||||
|
@ -114,25 +111,18 @@ public class KeycloakRealmImportJob extends OperatorManagedResource {
|
||||||
}
|
}
|
||||||
|
|
||||||
private Job createImportJob() {
|
private Job createImportJob() {
|
||||||
var keycloakContainer = buildKeycloakJobContainer();
|
var keycloakPodTemplate = this
|
||||||
|
|
||||||
var volumes = this.existingDeployment.getSpec().getTemplate().getSpec().getVolumes();
|
|
||||||
volumes.add(buildSecretVolume());
|
|
||||||
var importJob = buildJob(keycloakContainer, volumes);
|
|
||||||
|
|
||||||
return importJob;
|
|
||||||
}
|
|
||||||
|
|
||||||
private Container buildKeycloakJobContainer() {
|
|
||||||
var keycloakContainer =
|
|
||||||
this
|
|
||||||
.existingDeployment
|
.existingDeployment
|
||||||
.getSpec()
|
.getSpec()
|
||||||
.getTemplate()
|
.getTemplate();
|
||||||
.getSpec()
|
|
||||||
.getContainers()
|
|
||||||
.get(0);
|
|
||||||
|
|
||||||
|
buildKeycloakJobContainer(keycloakPodTemplate.getSpec().getContainers().get(0));
|
||||||
|
keycloakPodTemplate.getSpec().getVolumes().add(buildSecretVolume());
|
||||||
|
|
||||||
|
return buildJob(keycloakPodTemplate);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void buildKeycloakJobContainer(Container keycloakContainer) {
|
||||||
var importMntPath = "/mnt/realm-import/";
|
var importMntPath = "/mnt/realm-import/";
|
||||||
|
|
||||||
var command = List.of("/bin/bash");
|
var command = List.of("/bin/bash");
|
||||||
|
@ -158,8 +148,6 @@ public class KeycloakRealmImportJob extends OperatorManagedResource {
|
||||||
// Disable probes since we are not really starting the server
|
// Disable probes since we are not really starting the server
|
||||||
keycloakContainer.setReadinessProbe(null);
|
keycloakContainer.setReadinessProbe(null);
|
||||||
keycloakContainer.setLivenessProbe(null);
|
keycloakContainer.setLivenessProbe(null);
|
||||||
|
|
||||||
return keycloakContainer;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -50,7 +50,7 @@ public class ClusteringE2EIT extends ClusterOperatorTest {
|
||||||
.untilAsserted(() -> CRAssert.assertKeycloakStatusCondition(crSelector.get(), KeycloakStatusCondition.READY, false));
|
.untilAsserted(() -> CRAssert.assertKeycloakStatusCondition(crSelector.get(), KeycloakStatusCondition.READY, false));
|
||||||
|
|
||||||
Awaitility.await()
|
Awaitility.await()
|
||||||
.atMost(Duration.ofSeconds(5))
|
.atMost(Duration.ofSeconds(60))
|
||||||
.ignoreExceptions()
|
.ignoreExceptions()
|
||||||
.untilAsserted(() -> assertThat(kcPodsSelector.list().getItems().size()).isEqualTo(3));
|
.untilAsserted(() -> assertThat(kcPodsSelector.list().getItems().size()).isEqualTo(3));
|
||||||
|
|
||||||
|
@ -118,6 +118,8 @@ public class ClusteringE2EIT extends ClusterOperatorTest {
|
||||||
Log.info("Checking Keycloak is stable.");
|
Log.info("Checking Keycloak is stable.");
|
||||||
CRAssert.assertKeycloakStatusCondition(crSelector.get(), KeycloakStatusCondition.READY, true);
|
CRAssert.assertKeycloakStatusCondition(crSelector.get(), KeycloakStatusCondition.READY, true);
|
||||||
});
|
});
|
||||||
|
// Remove the completed pod for the job
|
||||||
|
realmImportSelector.delete();
|
||||||
|
|
||||||
Log.info("Testing the Keycloak Cluster");
|
Log.info("Testing the Keycloak Cluster");
|
||||||
Awaitility.await().atMost(5, MINUTES).ignoreExceptions().untilAsserted(() -> {
|
Awaitility.await().atMost(5, MINUTES).ignoreExceptions().untilAsserted(() -> {
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
package org.keycloak.operator;
|
package org.keycloak.operator;
|
||||||
|
|
||||||
|
import io.fabric8.kubernetes.api.model.LocalObjectReferenceBuilder;
|
||||||
|
import io.fabric8.kubernetes.api.model.PodTemplateSpecBuilder;
|
||||||
import io.quarkus.logging.Log;
|
import io.quarkus.logging.Log;
|
||||||
import io.quarkus.test.junit.QuarkusTest;
|
import io.quarkus.test.junit.QuarkusTest;
|
||||||
import org.awaitility.Awaitility;
|
import org.awaitility.Awaitility;
|
||||||
|
@ -7,6 +9,7 @@ import org.junit.jupiter.api.Test;
|
||||||
import org.keycloak.operator.utils.CRAssert;
|
import org.keycloak.operator.utils.CRAssert;
|
||||||
import org.keycloak.operator.v2alpha1.KeycloakService;
|
import org.keycloak.operator.v2alpha1.KeycloakService;
|
||||||
import org.keycloak.operator.v2alpha1.crds.KeycloakRealmImport;
|
import org.keycloak.operator.v2alpha1.crds.KeycloakRealmImport;
|
||||||
|
import org.keycloak.operator.v2alpha1.crds.keycloakspec.Unsupported;
|
||||||
|
|
||||||
import static java.util.concurrent.TimeUnit.MINUTES;
|
import static java.util.concurrent.TimeUnit.MINUTES;
|
||||||
import static java.util.concurrent.TimeUnit.SECONDS;
|
import static java.util.concurrent.TimeUnit.SECONDS;
|
||||||
|
@ -25,7 +28,14 @@ public class RealmImportE2EIT extends ClusterOperatorTest {
|
||||||
@Test
|
@Test
|
||||||
public void testWorkingRealmImport() {
|
public void testWorkingRealmImport() {
|
||||||
// Arrange
|
// Arrange
|
||||||
deployKeycloak(k8sclient, getDefaultKeycloakDeployment(), false);
|
var kc = getDefaultKeycloakDeployment();
|
||||||
|
var podTemplate = new PodTemplateSpecBuilder()
|
||||||
|
.withNewSpec()
|
||||||
|
.withImagePullSecrets(new LocalObjectReferenceBuilder().withName("my-empty-secret").build())
|
||||||
|
.endSpec()
|
||||||
|
.build();
|
||||||
|
kc.getSpec().setUnsupported(new Unsupported(podTemplate));
|
||||||
|
deployKeycloak(k8sclient, kc, false);
|
||||||
|
|
||||||
// Act
|
// Act
|
||||||
k8sclient.load(getClass().getResourceAsStream("/example-realm.yaml")).inNamespace(namespace).createOrReplace();
|
k8sclient.load(getClass().getResourceAsStream("/example-realm.yaml")).inNamespace(namespace).createOrReplace();
|
||||||
|
@ -54,6 +64,10 @@ public class RealmImportE2EIT extends ClusterOperatorTest {
|
||||||
CRAssert.assertKeycloakRealmImportStatusCondition(crSelector.get(), STARTED, false);
|
CRAssert.assertKeycloakRealmImportStatusCondition(crSelector.get(), STARTED, false);
|
||||||
CRAssert.assertKeycloakRealmImportStatusCondition(crSelector.get(), HAS_ERRORS, false);
|
CRAssert.assertKeycloakRealmImportStatusCondition(crSelector.get(), HAS_ERRORS, false);
|
||||||
});
|
});
|
||||||
|
var job = k8sclient.batch().v1().jobs().inNamespace(namespace).withName("example-count0-kc").get();
|
||||||
|
assertThat(job.getSpec().getTemplate().getSpec().getImagePullSecrets().size()).isEqualTo(1);
|
||||||
|
assertThat(job.getSpec().getTemplate().getSpec().getImagePullSecrets().get(0).getName()).isEqualTo("my-empty-secret");
|
||||||
|
|
||||||
var service = new KeycloakService(k8sclient, getDefaultKeycloakDeployment());
|
var service = new KeycloakService(k8sclient, getDefaultKeycloakDeployment());
|
||||||
String url =
|
String url =
|
||||||
"https://" + service.getName() + "." + namespace + ":" + KEYCLOAK_HTTPS_PORT + "/realms/count0";
|
"https://" + service.getName() + "." + namespace + ":" + KEYCLOAK_HTTPS_PORT + "/realms/count0";
|
||||||
|
|
Loading…
Reference in a new issue