Saturday, August 15, 2020

Kubernetes application

 Kubernetes Java based openapi automation of creating and using self-signed certificates:

 Kubernetes Java based openapi automation of creating and using self-signed certificates: 

 

    private static V1beta1CustomResourceDefinition getCertificateManagerResourceDefinition() throws IOException { 

        String data = ""; 

        String yamlInputPath = "https://github.com/jetstack/cert-manager/releases/download/v0.16.1/cert-manager.yaml"; 

        data = new String(Resources.toByteArray(new URL(yamlInputPath))); 

        // data = new String(Files.readAllBytes(java.nio.file.Paths.get(new File(yamlInputPath).toURI()))); 

        final V1beta1CustomResourceDefinition customResourceDefinition = Yaml.loadAs(data, V1beta1CustomResourceDefinition.class); 

        log.info("crd={}", customResourceDefinition); 

        return customResourceDefinition; 

    } 

  

    private CompletableFuture<Object> registerCertificateCRD() { 

        V1beta1CustomResourceDefinition crd = getCertificateManagerResourceDefinition(); 

        return k8sClient.createCRD(crd) 

                .thenCompose(v -> deployTLSCertificates()); 

  

    } 

 

    CompletableFuture<Object> deployTLSCertificates() { 

        return k8sClient.createCRD(getCertificateCRD()) 

                .thenCompose(v -> k8sClient.createAndUpdateCustomObject("certificates.cert-manager.io", "v1alpha2", 

                        NAMESPACE, "Certificates", 

                        getCertificateDeployment())); 

    }  

 

private V1beta1CustomResourceDefinition getCertificateCRD() { 
 
    return new V1beta1CustomResourceDefinitionBuilder() 
            .withApiVersion("apiextensions.k8s.io/v1beta1") 
            .withKind("CustomResourceDefinition") 
            .withMetadata(new V1ObjectMetaBuilder().withName("certificates.cert-manager.io").build()) 
            .withSpec(new V1beta1CustomResourceDefinitionSpecBuilder() 
                    .withGroup("cert-manager.io") 
                    .withNames(new V1beta1CustomResourceDefinitionNamesBuilder() 
                            .withKind("Certificate") 
                            .withListKind("CertificateList") 
                            .withPlural("Certificates") 
                            .withSingular("certificate") 
                            .build()) 
                    .withScope("Namespaced") 
                    .withVersion("v1alpha2") 
                    .withNewSubresources() 
                    .withStatus(new V1beta1CustomResourceDefinitionStatus()) 
                    .endSubresources() 
                    .build()) 
            .build(); 
} 
 
private Map<String, Object> getCertificateDeployment() { 
    return ImmutableMap.<String, Object>builder() 
            .put("apiVersion", "certificates.cert-manager.io/v1alpha2") 
            .put("kind", "Certificate") 
            .put("metadata", ImmutableMap.of("name", "selfsigned-cert", "namespace", NAMESPACE)) 
            .put("spec", buildCertificateSpec()) 
            .build(); 
} 
 
private Map<String, Object> buildCertificateSpec() { 
    ImmutableMap<String, Object> issuerRefSpec = ImmutableMap.<String, Object>builder() 
            .put("name", "test-selfsigned") 
            .build(); 
    ImmutableMap<String, Object> commonEntries = ImmutableMap.<String, Object>builder() 
            .put("dnsNames", singletonList("example.com")) 
            .put("secretName", "selfsigned-cert-tls") 
            .put("issuerRef", issuerRefSpec) 
            .build(); 
 
    return ImmutableMap.<String, Object>builder() 
            .putAll(commonEntries) 
            .build(); 
} 
 

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)