This is an automated email from the ASF dual-hosted git repository.
lhotari pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pulsar-helm-chart.git
The following commit(s) were added to refs/heads/master by this push:
new 89c5987 Bugfix/pulsar manager init (#463)
89c5987 is described below
commit 89c5987b17fa460177e1b284dd373f4e8522db3f
Author: Martin <[email protected]>
AuthorDate: Thu Feb 22 16:37:25 2024 +0100
Bugfix/pulsar manager init (#463)
* add some more logs to the pulsar manager test
* fix admin secret "double-encoding"
* make pulsar-manager-cluster-initialize.yaml "rerunnable"
---
.ci/helm.sh | 10 ++--
.../templates/pulsar-manager-admin-secret.yaml | 8 ++--
.../pulsar-manager-cluster-initialize.yaml | 53 ++++++++++++++++------
3 files changed, 50 insertions(+), 21 deletions(-)
diff --git a/.ci/helm.sh b/.ci/helm.sh
index 9945d19..d7b48b4 100644
--- a/.ci/helm.sh
+++ b/.ci/helm.sh
@@ -355,8 +355,10 @@ function ci::test_pulsar_manager() {
echo "Testing pulsar manager"
until ${KUBECTL} get jobs -n ${NAMESPACE} ${CLUSTER}-pulsar-manager-init -o
json | jq -r '.status.conditions[] | select (.type | test("Complete")).status'
| grep True; do sleep 3; done
-
-
+ ${KUBECTL} describe job -n ${NAMESPACE} ${CLUSTER}-pulsar-manager-init
+ ${KUBECTL} logs -n ${NAMESPACE} job.batch/${CLUSTER}-pulsar-manager-init
+ # this line errors in some tests? - i do not know why, but is really useful
for debugging, try: cat ./pulsar-manager.log otherwise
+ # ${KUBECTL} exec -n ${NAMESPACE} ${CLUSTER}-pulsar-manager-0 -- cat
/pulsar-manager/pulsar-manager/pulsar-manager.log
echo "Checking Podname"
podname=$(${KUBECTL} get pods -n ${NAMESPACE} -l component=pulsar-manager
--no-headers -o custom-columns=":metadata.name")
echo "Getting pulsar manager UI password"
@@ -377,7 +379,7 @@ function ci::test_pulsar_manager() {
LOGIN_JSESSIONID=$(${KUBECTL} exec -n ${NAMESPACE} ${podname} -- grep -o
"JSESSIONID=[a-zA-Z0-9_]*" headers.txt | sed 's/^.*=//')
echo "Checking environment"
- envs=$(${KUBECTL} exec -n ${NAMESPACE} ${podname} -- curl -X GET
http://localhost:9527/pulsar-manager/environments \
+ envs=$(${KUBECTL} exec -n ${NAMESPACE} ${podname} -- curl -X GET
http://127.0.0.1:9527/pulsar-manager/environments \
-H 'Content-Type: application/json' \
-H "token: $LOGIN_TOKEN" \
-H "X-XSRF-TOKEN: $CSRF_TOKEN" \
@@ -393,7 +395,7 @@ function ci::test_pulsar_manager() {
# Force manager to query broker for tenant info. This will require use of
the manager's JWT, if JWT authentication is enabled.
echo "Checking tenants"
pulsar_env=$(echo $envs | jq -r '.data[0].name')
- tenants=$(${KUBECTL} exec -n ${NAMESPACE} ${podname} -- curl -X GET
http://localhost:9527/pulsar-manager/admin/v2/tenants \
+ tenants=$(${KUBECTL} exec -n ${NAMESPACE} ${podname} -- curl -X GET
http://127.0.0.1:9527/pulsar-manager/admin/v2/tenants \
-H 'Content-Type: application/json' \
-H "token: $LOGIN_TOKEN" \
-H "X-XSRF-TOKEN: $CSRF_TOKEN" \
diff --git a/charts/pulsar/templates/pulsar-manager-admin-secret.yaml
b/charts/pulsar/templates/pulsar-manager-admin-secret.yaml
index 90cf91f..8d20b26 100644
--- a/charts/pulsar/templates/pulsar-manager-admin-secret.yaml
+++ b/charts/pulsar/templates/pulsar-manager-admin-secret.yaml
@@ -40,13 +40,13 @@ data:
{{- $secretObj := lookup "v1" "Secret" $namespace $secretName | default dict
}}
{{- $secretData := (get $secretObj "data") | default dict }}
- {{- $ui_user := (get $secretData "UI_USERNAME") | default
(.Values.pulsar_manager.admin.ui_username) | default ("pulsar") | b64enc }}
- {{- $ui_password := (get $secretData "UI_PASSWORD") | default
(.Values.pulsar_manager.admin.ui_password) | default (randAlphaNum 32) | b64enc
}}
+ {{- $ui_user := ((get $secretData "UI_USERNAME") | b64dec) | default
(.Values.pulsar_manager.admin.ui_username) | default ("pulsar") | b64enc }}
+ {{- $ui_password := ((get $secretData "UI_PASSWORD") | b64dec) | default
(.Values.pulsar_manager.admin.ui_password) | default (randAlphaNum 32) | b64enc
}}
UI_USERNAME: {{ $ui_user | quote }}
UI_PASSWORD: {{ $ui_password | quote }}
- {{- $db_user := (get $secretData "DB_USERNAME") | default
(.Values.pulsar_manager.admin.db_username) | default ("pulsar") | b64enc }}
- {{- $db_password := (get $secretData "DB_PASSWORD") | default
(.Values.pulsar_manager.admin.db_password) | default (randAlphaNum 32) | b64enc
}}
+ {{- $db_user := ((get $secretData "DB_USERNAME") | b64dec) | default
(.Values.pulsar_manager.admin.db_username) | default ("pulsar") | b64enc }}
+ {{- $db_password := ((get $secretData "DB_PASSWORD") | b64dec) | default
(.Values.pulsar_manager.admin.db_password) | default (randAlphaNum 32) | b64enc
}}
DB_USERNAME: {{ $db_user | quote }}
DB_PASSWORD: {{ $db_password | quote }}
diff --git a/charts/pulsar/templates/pulsar-manager-cluster-initialize.yaml
b/charts/pulsar/templates/pulsar-manager-cluster-initialize.yaml
index 14ff169..419391f 100644
--- a/charts/pulsar/templates/pulsar-manager-cluster-initialize.yaml
+++ b/charts/pulsar/templates/pulsar-manager-cluster-initialize.yaml
@@ -82,24 +82,41 @@ spec:
- |
ADMIN_URL={{ template "pulsar.fullname" . }}-{{
.Values.pulsar_manager.component }}-admin:{{
.Values.pulsar_manager.adminService.port }}
CSRF_TOKEN=$(curl http://${ADMIN_URL}/pulsar-manager/csrf-token)
- {{/* set admin credentials */}}
- curl -v \
- -X PUT http://${ADMIN_URL}/pulsar-manager/users/superuser \
- -H "X-XSRF-TOKEN: $CSRF_TOKEN" \
- -H "Cookie: XSRF-TOKEN=$CSRF_TOKEN;" \
- -H 'Content-Type: application/json' \
- -d '{"name": "'"${USERNAME}"'", "password": "'"${PASSWORD}"'",
"description": "Helm-managed Admin Account", "email":
"'"${USERNAME}"'@pulsar.org"}'
-
UI_URL={{ template "pulsar.fullname" . }}-{{
.Values.pulsar_manager.component }}:{{ .Values.pulsar_manager.service.port }}
- {{/* login as admin */}}
- curl -v \
+
+ {{/* check if account is already existing */}}
+ LOGIN_REPLY=$(curl -v \
-X POST http://${UI_URL}/pulsar-manager/login \
-H 'Accept: application/json, text/plain, */*' \
-H 'Content-Type: application/json' \
-H "X-XSRF-TOKEN: $CSRF_TOKEN" \
-H "Cookie: XSRF-TOKEN=$CSRF_TOKEN" \
-sS -D headers.txt \
- -d '{"username": "'${USERNAME}'", "password": "'${PASSWORD}'"}'
+ -d '{"username": "'${USERNAME}'", "password":
"'${PASSWORD}'"}')
+ echo "$LOGIN_REPLY"
+
+ if [ -n "$(echo "$LOGIN_REPLY" | grep 'success')" ]; then
+ echo "account already exists"
+ else
+ echo "creating account"
+ {{/* set admin credentials */}}
+ curl -v \
+ -X PUT http://${ADMIN_URL}/pulsar-manager/users/superuser \
+ -H "X-XSRF-TOKEN: $CSRF_TOKEN" \
+ -H "Cookie: XSRF-TOKEN=$CSRF_TOKEN;" \
+ -H 'Content-Type: application/json' \
+ -d '{"name": "'"${USERNAME}"'", "password":
"'"${PASSWORD}"'", "description": "Helm-managed Admin Account", "email":
"'"${USERNAME}"'@pulsar.org"}'
+ {{/* login as admin */}}
+ LOGIN_REPLY=$(curl -v \
+ -X POST http://${UI_URL}/pulsar-manager/login \
+ -H 'Accept: application/json, text/plain, */*' \
+ -H 'Content-Type: application/json' \
+ -H "X-XSRF-TOKEN: $CSRF_TOKEN" \
+ -H "Cookie: XSRF-TOKEN=$CSRF_TOKEN" \
+ -sS -D headers.txt \
+ -d '{"username": "'${USERNAME}'", "password":
"'${PASSWORD}'"}')
+ echo "$LOGIN_REPLY"
+ fi
LOGIN_TOKEN=$(grep "token:" headers.txt | sed 's/^.*: //')
LOGIN_JSESSSIONID=$(grep -o "JSESSIONID=[a-zA-Z0-9_]*"
headers.txt | sed 's/^.*=//')
@@ -111,15 +128,25 @@ spec:
BROKER_URL="https://{{ template "pulsar.fullname" . }}-{{
.Values.broker.component }}:{{ .Values.broker.ports.https }}"
{{- end }}
BOOKIE_URL="http://{{ template "pulsar.fullname" . }}-{{
.Values.bookkeeper.component }}:{{ .Values.bookkeeper.ports.http }}"
+ echo '{ "name": "{{ template "pulsar.fullname" . }}", "broker":
"'$BROKER_URL'", "bookie": "'$BOOKIE_URL'"}'
- curl -v \
+ ENVIRONMENT_REPLY=$(curl -v \
-X PUT
http://${UI_URL}/pulsar-manager/environments/environment \
-H 'Content-Type: application/json' \
-H "token: $LOGIN_TOKEN" \
-H "X-XSRF-TOKEN: $CSRF_TOKEN" \
-H "username: $USERNAME" \
-H "Cookie: XSRF-TOKEN=$CSRF_TOKEN;
JSESSIONID=$LOGIN_JSESSSIONID;" \
- -d '{ "name": "{{ template "pulsar.fullname" . }}", "broker":
"'$BROKER_URL'", "bookie": "'$BOOKIE_URL'"}'
+ -d '{ "name": "{{ template "pulsar.fullname" . }}", "broker":
"'$BROKER_URL'", "bookie": "'$BOOKIE_URL'"}')
+ echo "$ENVIRONMENT_REPLY"
+
+ if [ -n "$(echo "$ENVIRONMENT_REPLY" | grep -e 'success' -e
'exist')" ]; then
+ echo "Successfully created / found existing environment"
+ exit 0
+ else
+ echo "Error creating environment"
+ exit 1
+ fi
env:
- name: USERNAME
valueFrom:
