本文整理汇总了Java中io.fabric8.kubernetes.api.model.Secret类的典型用法代码示例。如果您正苦于以下问题:Java Secret类的具体用法?Java Secret怎么用?Java Secret使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
Secret类属于io.fabric8.kubernetes.api.model包,在下文中一共展示了Secret类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createOrGetJacocoSecret
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
public static Secret createOrGetJacocoSecret() {
OpenshiftUtil openshift = OpenshiftUtil.getInstance();
// Create the jacoco secret with the jacoco agent if it doesn't exist yet
Secret jacocoSecret = openshift.withDefaultUser(c -> c.secrets().list().getItems().stream().filter(s -> "jacoco".equals(s.getMetadata().getName())).findAny())
.orElseGet(() -> {
SecretBuilder sb = new SecretBuilder();
sb.withNewMetadata().withName("jacoco").endMetadata();
try {
sb.addToData("jacocoagent.jar", Base64.encodeBase64String(Files.readAllBytes(Paths.get(TestConfiguration.jacocoPath(), "lib", "jacocoagent.jar"))));
Secret ret = sb.build();
openshift.createSecret(ret);
return ret;
} catch (IOException e) {
throw new RuntimeException(e);
}
});
return jacocoSecret;
}
示例2: getSourceCredentials
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
public static synchronized Secret getSourceCredentials(
BuildConfig buildConfig) {
if (buildConfig.getSpec() != null
&& buildConfig.getSpec().getSource() != null
&& buildConfig.getSpec().getSource().getSourceSecret() != null
&& !buildConfig.getSpec().getSource().getSourceSecret()
.getName().isEmpty()) {
Secret sourceSecret = getAuthenticatedOpenShiftClient()
.secrets()
.inNamespace(buildConfig.getMetadata().getNamespace())
.withName(
buildConfig.getSpec().getSource().getSourceSecret()
.getName()).get();
return sourceSecret;
}
return null;
}
示例3: updateSourceCredentials
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
public static synchronized String updateSourceCredentials(
BuildConfig buildConfig) throws IOException {
Secret sourceSecret = getSourceCredentials(buildConfig);
String credID = null;
if (sourceSecret != null) {
credID = upsertCredential(sourceSecret, sourceSecret
.getMetadata().getNamespace(), sourceSecret.getMetadata()
.getName());
if (credID != null)
BuildConfigSecretToCredentialsMap.linkBCSecretToCredential(
NamespaceName.create(buildConfig).toString(), credID);
} else {
// call delete and remove any credential that fits the
// project/bcname pattern
credID = BuildConfigSecretToCredentialsMap
.unlinkBCSecretToCrendential(NamespaceName.create(
buildConfig).toString());
if (credID != null)
deleteCredential(credID, NamespaceName.create(buildConfig),
buildConfig.getMetadata().getResourceVersion());
}
return credID;
}
示例4: onInitialSecrets
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
private synchronized void onInitialSecrets(SecretList secrets) {
if (secrets == null)
return;
if (trackedSecrets == null)
trackedSecrets = new ConcurrentHashMap<String, String>();
List<Secret> items = secrets.getItems();
if (items != null) {
for (Secret secret : items) {
try {
if (validSecret(secret) && shouldProcessSecret(secret)) {
upsertCredential(secret);
trackedSecrets.put(secret.getMetadata().getUid(),
secret.getMetadata().getResourceVersion());
}
} catch (Exception e) {
logger.log(SEVERE, "Failed to update job", e);
}
}
}
}
示例5: eventReceived
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@SuppressFBWarnings("SF_SWITCH_NO_DEFAULT")
@Override
public synchronized void eventReceived(Action action, Secret secret) {
try {
switch (action) {
case ADDED:
upsertCredential(secret);
break;
case DELETED:
deleteCredential(secret);
break;
case MODIFIED:
modifyCredential(secret);
break;
default:
if (logger.isLoggable(Level.FINE))
logger.fine("got event " + action + " for secret " + secret);
break;
}
} catch (Exception e) {
logger.log(Level.WARNING, "Caught: " + e, e);
}
}
示例6: shouldCreateServiceAccountKeysAndSecret
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@Test
public void shouldCreateServiceAccountKeysAndSecret() throws IsClosedException, IOException {
when(serviceAccountKeyManager.serviceAccountExists(SERVICE_ACCOUNT)).thenReturn(true);
ServiceAccountKey jsonKey = new ServiceAccountKey();
jsonKey.setName("key.json");
jsonKey.setPrivateKeyData("json-private-key-data");
ServiceAccountKey p12Key = new ServiceAccountKey();
p12Key.setName("key.p12");
p12Key.setPrivateKeyData("p12-private-key-data");
when(serviceAccountKeyManager.createJsonKey(any(String.class))).thenReturn(jsonKey);
when(serviceAccountKeyManager.createP12Key(any(String.class))).thenReturn(p12Key);
sut.ensureServiceAccountKeySecret(WORKFLOW_ID.toString(), SERVICE_ACCOUNT);
verify(serviceAccountKeyManager).createJsonKey(SERVICE_ACCOUNT);
verify(serviceAccountKeyManager).createP12Key(SERVICE_ACCOUNT);
verify(secrets).create(secretCaptor.capture());
final Secret createdSecret = secretCaptor.getValue();
assertThat(createdSecret.getMetadata().getAnnotations(), hasEntry("styx-wf-sa", SERVICE_ACCOUNT));
assertThat(createdSecret.getData(), hasEntry("styx-wf-sa.json", jsonKey.getPrivateKeyData()));
assertThat(createdSecret.getData(), hasEntry("styx-wf-sa.p12", p12Key.getPrivateKeyData()));
}
示例7: shouldRemoveServiceAccountSecretsAndKeys
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@Test
public void shouldRemoveServiceAccountSecretsAndKeys() throws Exception {
final Secret secret = fakeServiceAccountKeySecret(
SERVICE_ACCOUNT, SECRET_EPOCH, "json-key", "p12-key", EXPIRED_CREATION_TIMESTAMP.toString());
when(k8sClient.secrets()).thenReturn(secrets);
when(secrets.list()).thenReturn(secretList);
when(secretList.getItems()).thenReturn(ImmutableList.of(secret));
// Verify that an unused service account key secret is deleted
when(podList.getItems()).thenReturn(ImmutableList.of());
sut.cleanup();
verify(serviceAccountKeyManager).deleteKey(keyName(SERVICE_ACCOUNT, "json-key"));
verify(serviceAccountKeyManager).deleteKey(keyName(SERVICE_ACCOUNT, "p12-key"));
verify(secrets).delete(secret);
}
示例8: shouldRemoveServiceAccountSecretsAndKeysUsedByTerminatedPods
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@Test
@Parameters({"Failed", "Succeeded"})
public void shouldRemoveServiceAccountSecretsAndKeysUsedByTerminatedPods(String phase) throws Exception {
final Secret secret = fakeServiceAccountKeySecret(
SERVICE_ACCOUNT, SECRET_EPOCH, "json-key", "p12-key", EXPIRED_CREATION_TIMESTAMP.toString());
when(k8sClient.secrets()).thenReturn(secrets);
when(secrets.list()).thenReturn(secretList);
when(secretList.getItems()).thenReturn(ImmutableList.of(secret));
final KubernetesSecretSpec secretSpec = KubernetesSecretSpec.builder()
.serviceAccountSecret(secret.getMetadata().getName())
.build();
final Pod pod = KubernetesDockerRunner.createPod(WORKFLOW_INSTANCE, RUN_SPEC_WITH_SA, secretSpec);
final PodStatus podStatus = podStatus(phase);
pod.setStatus(podStatus);
when(podList.getItems()).thenReturn(ImmutableList.of());
sut.cleanup();
verify(serviceAccountKeyManager).deleteKey(keyName(SERVICE_ACCOUNT, "json-key"));
verify(serviceAccountKeyManager).deleteKey(keyName(SERVICE_ACCOUNT, "p12-key"));
verify(secrets).delete(secret);
}
示例9: shouldNotRemoveServiceAccountSecretsAndKeysInUse
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@Test
public void shouldNotRemoveServiceAccountSecretsAndKeysInUse() throws Exception {
final Secret secret = fakeServiceAccountKeySecret(
SERVICE_ACCOUNT, SECRET_EPOCH, "json-key", "p12-key", EXPIRED_CREATION_TIMESTAMP.toString());
when(k8sClient.secrets()).thenReturn(secrets);
when(secrets.list()).thenReturn(secretList);
when(secretList.getItems()).thenReturn(ImmutableList.of(secret));
final KubernetesSecretSpec secretSpec = KubernetesSecretSpec.builder()
.serviceAccountSecret(secret.getMetadata().getName())
.build();
final Pod pod = KubernetesDockerRunner.createPod(WORKFLOW_INSTANCE, RUN_SPEC_WITH_SA, secretSpec);
pod.setStatus(podStatus("Running"));
when(podList.getItems()).thenReturn(ImmutableList.of(pod));
sut.cleanup();
verify(serviceAccountKeyManager, never()).deleteKey(anyString());
verify(secrets, never()).delete(any(Secret.class));
}
示例10: shouldRemoveServiceAccountSecretsInPastEpoch
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@Test
public void shouldRemoveServiceAccountSecretsInPastEpoch() throws Exception {
final Secret secret = fakeServiceAccountKeySecret(
SERVICE_ACCOUNT, PAST_SECRET_EPOCH, "old-json-key", "old-p12-key", EXPIRED_CREATION_TIMESTAMP.toString());
when(k8sClient.secrets()).thenReturn(secrets);
when(secrets.list()).thenReturn(secretList);
when(secretList.getItems()).thenReturn(ImmutableList.of(secret));
when(podList.getItems()).thenReturn(ImmutableList.of());
sut.cleanup();
verify(serviceAccountKeyManager).deleteKey(keyName(SERVICE_ACCOUNT, "old-json-key"));
verify(serviceAccountKeyManager).deleteKey(keyName(SERVICE_ACCOUNT, "old-p12-key"));
verify(secrets).delete(secret);
}
示例11: shouldNotRemoveServiceAccountSecretsCreatedWithin48Hours
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@Test
public void shouldNotRemoveServiceAccountSecretsCreatedWithin48Hours() throws Exception {
final String creationTimestamp = CLOCK.instant().minus(Duration.ofHours(48)).toString();
final Secret secret1 = fakeServiceAccountKeySecret(
SERVICE_ACCOUNT, PAST_SECRET_EPOCH, "json-key-1", "p12-key-1", creationTimestamp);
final Secret secret2 = fakeServiceAccountKeySecret(
SERVICE_ACCOUNT, SECRET_EPOCH, "json-key-2", "p12-key-2", creationTimestamp);
when(k8sClient.secrets()).thenReturn(secrets);
when(secrets.list()).thenReturn(secretList);
when(secretList.getItems()).thenReturn(ImmutableList.of(secret1, secret2));
sut.cleanup();
verify(serviceAccountKeyManager, never()).deleteKey(anyString());
verify(secrets, never()).delete(any(Secret.class));
}
示例12: fakeServiceAccountKeySecret
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
private static Secret fakeServiceAccountKeySecret(String serviceAccount, long epoch, String jsonKeyId,
String p12KeyId, String creationTimestamp) {
final String jsonKeyName = keyName(serviceAccount, jsonKeyId);
final String p12KeyName = keyName(serviceAccount, p12KeyId);
final ObjectMeta metadata = new ObjectMeta();
metadata.setCreationTimestamp(creationTimestamp);
metadata.setName("styx-wf-sa-keys-" + epoch + "-" + Hashing.sha256().hashString(serviceAccount, UTF_8));
metadata.setAnnotations(ImmutableMap.of(
"styx-wf-sa", serviceAccount,
"styx-wf-sa-json-key-name", jsonKeyName,
"styx-wf-sa-p12-key-name", p12KeyName));
return new SecretBuilder()
.withMetadata(metadata)
.withData(ImmutableMap.of(
"styx-wf-sa.json", "json-private-key-data",
"styx-wf-sa.p12", "p12-private-key-data"))
.build();
}
示例13: createSecretFromCertAndKeyFiles
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
private static Secret createSecretFromCertAndKeyFiles(final String secretName,
final String namespace,
final String keyKey,
final String certKey,
final File keyFile,
final File certFile,
final OpenShiftClient client)
throws IOException {
Map<String, String> data = new LinkedHashMap<>();
Base64.Encoder encoder = Base64.getEncoder();
data.put(keyKey, encoder.encodeToString(FileUtils.readFileToByteArray(keyFile)));
data.put(certKey, encoder.encodeToString(FileUtils.readFileToByteArray(certFile)));
return client.secrets().inNamespace(namespace).withName(secretName).createOrReplaceWithNew()
.editOrNewMetadata()
.withName(secretName)
.endMetadata()
.addToData(data)
.done();
}
示例14: createSecret
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
@Override
public void createSecret(Cert cert, final String caSecretName) {
try {
Map<String, String> data = new LinkedHashMap<>();
Base64.Encoder encoder = Base64.getEncoder();
data.put("tls.key", encoder.encodeToString(FileUtils.readFileToByteArray(cert.getKeyFile())));
data.put("tls.crt", encoder.encodeToString(FileUtils.readFileToByteArray(cert.getCertFile())));
Secret caSecret = client.secrets().inNamespace(this.globalNamespace).withName(caSecretName).get();
data.put("ca.crt", caSecret.getData().get("tls.crt"));
client.secrets().inNamespace(cert.getComponent().getNamespace()).createNew()
.editOrNewMetadata()
.withName(cert.getComponent().getSecretName())
.endMetadata()
.withType("kubernetes.io/tls")
.addToData(data)
.done();
} catch (IOException e) {
throw new UncheckedIOException(e);
}
}
示例15: doGetSecret
import io.fabric8.kubernetes.api.model.Secret; //导入依赖的package包/类
protected void doGetSecret(Exchange exchange, String operation)
throws Exception {
Secret secret = null;
String secretName = exchange.getIn().getHeader(
KubernetesConstants.KUBERNETES_SECRET_NAME, String.class);
String namespaceName = exchange.getIn().getHeader(
KubernetesConstants.KUBERNETES_NAMESPACE_NAME, String.class);
if (ObjectHelper.isEmpty(secretName)) {
LOG.error("Get a specific Secret require specify a Secret name");
throw new IllegalArgumentException(
"Get a specific Secret require specify a Secret name");
}
if (ObjectHelper.isEmpty(namespaceName)) {
LOG.error("Get a specific Secret require specify a namespace name");
throw new IllegalArgumentException(
"Get a specific Secret require specify a namespace name");
}
secret = getEndpoint().getKubernetesClient().secrets()
.inNamespace(namespaceName).withName(secretName).get();
exchange.getOut().setBody(secret);
}