Merge branch '2.1.x'

Author: ryanjbaxter

spring-cloud-kubernetes-client-discovery/src/main/java/org/springframework/cloud/kubernetes/client/discovery/KubernetesInformerDiscoveryClient.java

@@ -60,6 +60,10 @@ public class KubernetesInformerDiscoveryClient implements DiscoveryClient, Initi
 
 	private static final Log log = LogFactory.getLog(KubernetesInformerDiscoveryClient.class);
 
+	private static final String PRIMARY_PORT_NAME_LABEL_KEY = "primary-port-name";
+
+	private static final String SECURED_KEY = "secured";
+
 	private final SharedInformerFactory sharedInformerFactory;
 
 	private final Lister<V1Service> serviceLister;
@@ -146,6 +150,8 @@ private Stream<ServiceInstance> getServiceInstanceDetails(V1Service service, Str
 		}
 		final String primaryPortName = discoveredPrimaryPortName.orElse(this.properties.primaryPortName());
 
+		final boolean secured = isSecured(service);
+
 		return ep.getSubsets().stream().filter(subset -> subset.getPorts() != null && subset.getPorts().size() > 0) // safeguard
 				.flatMap(subset -> {
 					Map<String, String> metadata = new HashMap<>(svcMetadata);
@@ -168,11 +174,22 @@ private Stream<ServiceInstance> getServiceInstanceDetails(V1Service service, Str
 					return addresses.stream()
 							.map(addr -> new DefaultKubernetesServiceInstance(
 									addr.getTargetRef() != null ? addr.getTargetRef().getUid() : "", serviceId,
-									addr.getIp(), port, metadata, false, service.getMetadata().getNamespace(),
+									addr.getIp(), port, metadata, secured, service.getMetadata().getNamespace(),
 									service.getMetadata().getClusterName()));
 				});
 	}
 
+	private static boolean isSecured(V1Service service) {
+		Optional<String> securedOpt = Optional.empty();
+		if (service.getMetadata() != null && service.getMetadata().getAnnotations() != null) {
+			securedOpt = Optional.ofNullable(service.getMetadata().getAnnotations().get(SECURED_KEY));
+		}
+		if (!securedOpt.isPresent() && service.getMetadata() != null && service.getMetadata().getLabels() != null) {
+			securedOpt = Optional.ofNullable(service.getMetadata().getLabels().get(SECURED_KEY));
+		}
+		return Boolean.parseBoolean(securedOpt.orElse("false"));
+	}
+
 	private int findEndpointPort(List<V1EndpointPort> endpointPorts, String primaryPortName, String serviceId) {
 		if (endpointPorts.size() == 1) {
 			return endpointPorts.get(0).getPort();

spring-cloud-kubernetes-client-discovery/src/test/java/org/springframework/cloud/kubernetes/client/discovery/KubernetesInformerDiscoveryClientTests.java

@@ -36,6 +36,7 @@
 import org.mockito.Mock;
 import org.mockito.junit.MockitoJUnitRunner;
 
+import org.springframework.cloud.client.ServiceInstance;
 import org.springframework.cloud.kubernetes.commons.discovery.DefaultKubernetesServiceInstance;
 import org.springframework.cloud.kubernetes.commons.discovery.KubernetesDiscoveryProperties;
 
@@ -51,6 +52,15 @@ public class KubernetesInformerDiscoveryClientTests {
 			.metadata(new V1ObjectMeta().name("test-svc-1").namespace("namespace1"))
 			.spec(new V1ServiceSpec().loadBalancerIP("1.1.1.1")).status(new V1ServiceStatus());
 
+	private static final V1Service testServiceSecuredAnnotation1 = new V1Service()
+			.metadata(
+					new V1ObjectMeta().name("test-svc-1").namespace("namespace1").putAnnotationsItem("secured", "true"))
+			.spec(new V1ServiceSpec().loadBalancerIP("1.1.1.1")).status(new V1ServiceStatus());
+
+	private static final V1Service testServiceSecuredLabel1 = new V1Service()
+			.metadata(new V1ObjectMeta().name("test-svc-1").namespace("namespace1").putLabelsItem("secured", "true"))
+			.spec(new V1ServiceSpec().loadBalancerIP("1.1.1.1")).status(new V1ServiceStatus());
+
 	private static final V1Service testService2 = new V1Service()
 			.metadata(new V1ObjectMeta().name("test-svc-1").namespace("namespace2"))
 			.spec(new V1ServiceSpec().loadBalancerIP("1.1.1.1")).status(new V1ServiceStatus());
@@ -177,6 +187,37 @@ public void testDiscoveryInstancesWithServiceLabels() {
 						false, "namespace1", null));
 	}
 
+	@Test
+	public void testDiscoveryInstancesWithSecuredServiceByAnnotations() {
+		Lister<V1Service> serviceLister = setupServiceLister(testServiceSecuredAnnotation1);
+		Lister<V1Endpoints> endpointsLister = setupEndpointsLister(testEndpoints1);
+		KubernetesDiscoveryProperties kubernetesDiscoveryProperties = new KubernetesDiscoveryProperties(true, true,
+			Set.of(), true, 60, false, null, Set.of(), new HashMap<>(), null, null, 0);
+		KubernetesInformerDiscoveryClient discoveryClient = new KubernetesInformerDiscoveryClient("namespace1",
+				sharedInformerFactory, serviceLister, endpointsLister, null, null, kubernetesDiscoveryProperties);
+		assertThat(discoveryClient.getServices().toArray())
+				.containsOnly(testServiceSecuredAnnotation1.getMetadata().getName());
+		ServiceInstance serviceInstance = discoveryClient
+				.getInstances(testServiceSecuredAnnotation1.getMetadata().getName()).get(0);
+		assertThat(serviceInstance.isSecure()).isTrue();
+	}
+
+	@Test
+	public void testDiscoveryInstancesWithSecuredServiceByLabels() {
+		Lister<V1Service> serviceLister = setupServiceLister(testServiceSecuredLabel1);
+		Lister<V1Endpoints> endpointsLister = setupEndpointsLister(testEndpoints1);
+		KubernetesDiscoveryProperties kubernetesDiscoveryProperties = new KubernetesDiscoveryProperties(true, true,
+			Set.of(), true, 60, false, null, Set.of(), new HashMap<>(), null, null, 0);
+		KubernetesInformerDiscoveryClient discoveryClient = new KubernetesInformerDiscoveryClient("namespace1",
+				sharedInformerFactory, serviceLister, endpointsLister, null, null, kubernetesDiscoveryProperties);
+
+		assertThat(discoveryClient.getServices().toArray())
+				.containsOnly(testServiceSecuredLabel1.getMetadata().getName());
+		ServiceInstance serviceInstance = discoveryClient.getInstances(testServiceSecuredLabel1.getMetadata().getName())
+				.get(0);
+		assertThat(serviceInstance.isSecure()).isTrue();
+	}
+
 	@Test
 	public void testDiscoveryGetServicesOneNamespaceShouldWork() {
 		Lister<V1Service> serviceLister = setupServiceLister(testService1, testService2);