merge to the origin/develop branch

Author: [email protected]

README.md

@@ -1,8 +1,8 @@
 # Oracle WebLogic Server Kubernetes Operator
 
-Built with [Wercker](http://www.wercker.com)
+Built with [Jenkins](http://build.weblogick8s.org:8080/job/weblogic-kubernetes-operator/)
 
-[![wercker status](https://app.wercker.com/status/68ce42623fce7fb2e52d304de8ea7530/m/develop "wercker status")](https://app.wercker.com/project/byKey/68ce42623fce7fb2e52d304de8ea7530)
+[![Build Status](http://build.weblogick8s.org:8080/buildStatus/icon?job=weblogic-kubernetes-operator)](http://build.weblogick8s.org:8080/job/weblogic-kubernetes-operator/)
 
 Oracle is finding ways for organizations using WebLogic Server to run important workloads, to move those workloads into the cloud. By certifying on industry standards, such as Docker and Kubernetes, WebLogic now runs in a cloud neutral infrastructure. In addition, we've provided an open-source Oracle WebLogic Server Kubernetes Operator (the “operator”) which has several key features to assist you with deploying and managing WebLogic domains in a Kubernetes environment. You can:
 
@@ -18,7 +18,7 @@ Oracle is finding ways for organizations using WebLogic Server to run important
 * Scale WebLogic domains by starting and stopping Managed Servers on demand, or by integrating with a REST API to initiate scaling based on WLDF, Prometheus, Grafana, or other rules.
 * Publish operator and WebLogic Server logs into Elasticsearch and interact with them in Kibana.
 
-The fastest way to experience the operator is to follow the [Quick Start guide](site/quickstart.md), or you can peruse our [documentation](site), read our [blogs](https://blogs.oracle.com/weblogicserver/how-to-weblogic-server-on-kubernetes), or try out the [samples](kubernetes/samples/README.md).
+The fastest way to experience the operator is to follow the [Quick Start guide](site/quickstart.md), or you can peruse our [documentation](site), read our [blogs](https://blogs.oracle.com/fusionmiddlewaresupport/updated-weblogic-kubernetes-support-with-operator-20-v2), or try out the [samples](kubernetes/samples/README.md).
 
 ```diff
 + The current release of the operator is 2.0-rc2, a release candidate for our 2.0 release.
@@ -81,7 +81,7 @@ The [User guide](site/user-guide.md) provides detailed information about all asp
 
 Please refer to our [samples](kubernetes/samples/README.md) for information about the available sample code.
 
-# Need more help? Have a suggestion? Come and say "Hello!"
+# Need more help? Have a suggestion? Come and say, "Hello!"
 
 We have a **public Slack channel** where you can get in touch with us to ask questions about using the operator or give us feedback
 or suggestions about what features and improvements you would like to see.  We would love to hear from you. To join our channel,
@@ -100,7 +100,7 @@ Please take a look at our [wish list](https://github.com/oracle/weblogic-kuberne
 
 ## API documentation
 
-Documentation for APIs is provided here:
+Documentation for APIs:
 
 * The operator provides a REST API that you can use to obtain configuration information and to initiate scaling actions. For details about how to use the REST APIs, see [Using the operator's REST services](site/rest.md).
 

integration-tests/src/test/java/oracle/kubernetes/operator/ITOperator.java

@@ -65,8 +65,12 @@ public class Domain {
   private static int waitTime = BaseTest.getWaitTimePod();
 
   public Domain(String inputYaml) throws Exception {
+    // read input domain yaml to test
+    this(TestUtils.loadYaml(inputYaml));
+  }
 
-    initialize(inputYaml);
+  public Domain(Map<String, Object> inputDomainMap) throws Exception {
+    initialize(inputDomainMap);
     createPV();
     createSecret();
     generateInputYaml();
@@ -699,16 +703,8 @@ private void createPV() throws Exception {
     weblogicDomainStorageReclaimPolicy = (String) pvMap.get("weblogicDomainStorageReclaimPolicy");
     weblogicDomainStorageSize = (String) pvMap.get("weblogicDomainStorageSize");
 
-    // test NFS for domain5 on JENKINS
-    if (domainUid.equals("domain6")
-        && (System.getenv("JENKINS") != null
-            && System.getenv("JENKINS").equalsIgnoreCase("true"))) {
-      pvMap.put("weblogicDomainStorageType", "NFS");
-      pvMap.put("weblogicDomainStorageNFSServer", TestUtils.getHostName());
-    } else {
-      pvMap.put("weblogicDomainStorageType", "HOST_PATH");
-      pvMap.put("weblogicDomainStorageNFSServer", TestUtils.getHostName());
-    }
+    pvMap.put("weblogicDomainStorageNFSServer", TestUtils.getHostName());
+
     // set pv path
     domainMap.put(
         "weblogicDomainStoragePath",
@@ -837,7 +833,7 @@ private void createLoadBalancer() throws Exception {
       lbMap.put("name", "traefik-ingress-" + domainUid);
     }
 
-    if (domainUid.equals("domain7") && loadBalancer.equals("APACHE")) {
+    if (loadBalancer.equals("APACHE")) {
       /* lbMap.put("loadBalancerAppPrepath", "/weblogic");
       lbMap.put("loadBalancerExposeAdminPort", new Boolean(true)); */
     }
@@ -960,12 +956,11 @@ private void callWebAppAndCheckForServerNameInResponse(
     }
   }
 
-  private void initialize(String inputYaml) throws Exception {
+  private void initialize(Map<String, Object> inputDomainMap) throws Exception {
+    domainMap = inputDomainMap;
     this.userProjectsDir = BaseTest.getUserProjectsDir();
     this.projectRoot = BaseTest.getProjectRoot();
 
-    // read input domain yaml to test
-    domainMap = TestUtils.loadYaml(inputYaml);
     domainMap.put("domainName", domainMap.get("domainUID"));
 
     // read sample domain inputs
@@ -1000,7 +995,7 @@ private void initialize(String inputYaml) throws Exception {
     clusterName = (String) domainMap.get("clusterName");
     clusterType = (String) domainMap.get("clusterType");
     serverStartPolicy = (String) domainMap.get("serverStartPolicy");
-    /*
+    /*TODO remove mhe
     if (domainMap.containsKey("ingressPerDomain")) {
       ingressPerDomain = ((Boolean) domainMap.get("ingressPerDomain")).booleanValue();
     }
@@ -1014,9 +1009,9 @@ private void initialize(String inputYaml) throws Exception {
 
     domainMap.put("domainHome", "/shared/domains/" + domainUid);
     domainMap.put("logHome", "/shared/logs/" + domainUid);
-    domainMap.put(
-        "createDomainFilesDir",
-        BaseTest.getProjectRoot() + "/integration-tests/src/test/resources/domain-home-on-pv");
+    /* domainMap.put(
+    "createDomainFilesDir",
+    BaseTest.getProjectRoot() + "/integration-tests/src/test/resources/domain-home-on-pv"); */
     String imageName = "store/oracle/weblogic";
     if (System.getenv("IMAGE_NAME_WEBLOGIC") != null) {
       imageName = System.getenv("IMAGE_NAME_WEBLOGIC");

integration-tests/src/test/java/oracle/kubernetes/operator/utils/Domain.java

@@ -17,6 +17,16 @@
 /** Operator class with all the utility methods for Operator. */
 public class Operator {
 
+  public static enum RESTCertType {
+    /*self-signed certificate and public key stored in a kubernetes tls secret*/
+    SELF_SIGNED,
+    /*Certificate signed by an auto-created CA signed by an auto-created root certificate,
+     * both and stored in a kubernetes tls secret*/
+    CHAIN,
+    /*Certificate and public key, and stored in a kubernetes tls secret*/
+    LEGACY
+  };
+
   public static final String CREATE_OPERATOR_SCRIPT_MESSAGE =
       "The Oracle WebLogic Server Kubernetes Operator is deployed";
 
@@ -36,6 +46,7 @@ public class Operator {
 
   private static int maxIterationsOp = BaseTest.getMaxIterationsPod(); // 50 * 5 = 250 seconds
   private static int waitTimeOp = BaseTest.getWaitTimePod();
+  private static RESTCertType restCertType = RESTCertType.SELF_SIGNED;
 
   /**
    * Takes operator input properties which needs to be customized and generates a operator input
@@ -44,9 +55,10 @@ public class Operator {
    * @param inputYaml
    * @throws Exception
    */
-  public Operator(String inputYaml, boolean useLegacyRESTIdentity) throws Exception {
+  public Operator(String inputYaml, RESTCertType restCertType) throws Exception {
+    this.restCertType = restCertType;
     initialize(inputYaml);
-    generateInputYaml(useLegacyRESTIdentity);
+    generateInputYaml();
     callHelmInstall();
   }
 
@@ -195,8 +207,7 @@ public void scale(String domainUid, String clusterName, int numOfMS) throws Exce
             .append(clusterName)
             .append("/scale");
 
-    TestUtils.makeOperatorPostRestCall(
-        operatorNS, myOpRestApiUrl.toString(), myJsonObjStr, userProjectsDir);
+    TestUtils.makeOperatorPostRestCall(this, myOpRestApiUrl.toString(), myJsonObjStr);
     // give sometime to complete
     logger.info("Wait 30 sec for scaling to complete...");
     Thread.sleep(30 * 1000);
@@ -217,7 +228,23 @@ public void verifyDomainExists(String domainUid) throws Exception {
             .append(externalRestHttpsPort)
             .append("/operator/latest/domains/")
             .append(domainUid);
-    TestUtils.makeOperatorGetRestCall(operatorNS, myOpRestApiUrl.toString(), userProjectsDir);
+    TestUtils.makeOperatorGetRestCall(this, myOpRestApiUrl.toString());
+  }
+
+  /**
+   * Verify the Operator's REST Api is working fine over TLS
+   *
+   * @throws Exception
+   */
+  public void verifyOperatorExternalRESTEndpoint() throws Exception {
+    // Operator REST external API URL to scale
+    StringBuffer myOpRestApiUrl =
+        new StringBuffer("https://")
+            .append(TestUtils.getHostName())
+            .append(":")
+            .append(externalRestHttpsPort)
+            .append("/operator/");
+    TestUtils.makeOperatorGetRestCall(this, myOpRestApiUrl.toString());
   }
 
   public Map<String, Object> getOperatorMap() {
@@ -258,23 +285,28 @@ private String getExecFailure(String cmd, ExecResult result) throws Exception {
   }
 
   private void generateInputYaml() throws Exception {
-    generateInputYaml(false);
-  }
-
-  private void generateInputYaml(boolean useLegacyRESTIdentity) throws Exception {
     Path parentDir =
         Files.createDirectories(Paths.get(userProjectsDir + "/weblogic-operators/" + operatorNS));
     generatedInputYamlFile = parentDir + "/weblogic-operator-values.yaml";
     TestUtils.createInputFile(operatorMap, generatedInputYamlFile);
     StringBuilder sb = new StringBuilder(200);
     sb.append(BaseTest.getProjectRoot());
-    if (useLegacyRESTIdentity) {
-      sb.append(
-          "/integration-tests/src/test/resources/scripts/legacy-generate-external-rest-identity.sh ");
-    } else {
-      sb.append("/kubernetes/samples/scripts/rest/generate-external-rest-identity.sh ");
-      sb.append(" -n ");
-      sb.append(operatorNS);
+    switch (restCertType) {
+      case LEGACY:
+        sb.append(
+            "/integration-tests/src/test/resources/scripts/legacy-generate-external-rest-identity.sh ");
+        break;
+      case CHAIN:
+        sb.append(
+            "/integration-tests/src/test/resources/scripts/generate-external-rest-identity-chain.sh ");
+        sb.append(" -n ");
+        sb.append(operatorNS);
+        break;
+      case SELF_SIGNED:
+        sb.append("/kubernetes/samples/scripts/rest/generate-external-rest-identity.sh ");
+        sb.append(" -n ");
+        sb.append(operatorNS);
+        break;
     }
     sb.append(" DNS:");
     sb.append(TestUtils.getHostName());
@@ -395,4 +427,16 @@ private void initialize(String yamlFile) throws Exception {
           operatorNS);
     }
   }
+
+  public String getOperatorNamespace() {
+    return operatorNS;
+  }
+
+  public String getUserProjectsDir() {
+    return userProjectsDir;
+  }
+
+  public RESTCertType getRestCertType() {
+    return restCertType;
+  }
 }

integration-tests/src/test/java/oracle/kubernetes/operator/utils/Operator.java

@@ -14,6 +14,7 @@
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
+import java.security.cert.Certificate;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
@@ -34,12 +35,11 @@ public class PEMImporter {
    * @param certificatePem the certificate(s) PEM file
    * @param the password to set to protect the private key
    */
-  public static KeyStore createKeyStore(
-      File privateKeyPem, File certificatePem, final String password)
+  public static KeyStore createKeyStore(File certificatePem, final String password)
       throws Exception, KeyStoreException, IOException, NoSuchAlgorithmException,
           CertificateException {
     // Import certificate pem file
-    final X509Certificate[] cert = createCertificates(certificatePem);
+    final X509Certificate[] certChain = createCertificates(certificatePem);
 
     // Create a Keystore obj if the type "JKS"
     final KeyStore keystore = KeyStore.getInstance(KeyStore.getDefaultType());
@@ -48,10 +48,13 @@ public static KeyStore createKeyStore(
     keystore.load(null);
 
     // Import private key
-    final PrivateKey key = createPrivateKey(privateKeyPem);
+    //    final PrivateKey key = createPrivateKey(privateKeyPem);
 
     // Load cert and key files into the Keystore obj and create it
-    keystore.setKeyEntry(privateKeyPem.getName(), key, password.toCharArray(), cert);
+    //    keystore.setKeyEntry(privateKeyPem.getName(), key, password.toCharArray(), cert);
+    for (Certificate cert : certChain) {
+      keystore.setCertificateEntry("operator", cert);
+    }
 
     return keystore;
   }