diff --git a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java index 61a77d9fcd71..b7b015b30865 100644 --- a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java +++ b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultResource.java @@ -31,7 +31,9 @@ import jakarta.ws.rs.Produces; import jakarta.ws.rs.core.MediaType; import jakarta.ws.rs.core.Response; +import org.apache.camel.CamelContext; import org.apache.camel.ProducerTemplate; +import org.apache.camel.ResolveEndpointFailedException; import org.apache.camel.component.azure.key.vault.KeyVaultConstants; import org.apache.camel.impl.event.CamelContextReloadedEvent; @@ -41,47 +43,86 @@ public class AzureKeyVaultResource { @Inject ProducerTemplate producerTemplate; + @Inject + CamelContext camelContext; + static final AtomicBoolean contextReloaded = new AtomicBoolean(false); void onReload(@Observes CamelContextReloadedEvent event) { contextReloaded.set(true); } - @Path("/secret/{secretName}") + @Path("/secret/routes/{command}") + @POST + public void startRoutes(@PathParam("command") String cmd) throws Exception { + if ("start".equals(cmd)) { + camelContext.getRouteController().startRoute("createSecret"); + camelContext.getRouteController().startRoute("getSecret"); + camelContext.getRouteController().startRoute("deleteSecret"); + camelContext.getRouteController().startRoute("purgeDeletedSecret"); + } + if ("stop".equals(cmd)) { + camelContext.getRouteController().stopRoute("createSecret"); + camelContext.getRouteController().stopRoute("getSecret"); + camelContext.getRouteController().stopRoute("deleteSecret"); + camelContext.getRouteController().stopRoute("purgeDeletedSecret"); + } + } + + @Path("/secret/{identity}/{secretName}") @POST @Consumes(MediaType.TEXT_PLAIN) @Produces(MediaType.TEXT_PLAIN) - public Response createSecret(@PathParam("secretName") String secretName, String secret) { - KeyVaultSecret result = producerTemplate.requestBodyAndHeader("direct:createSecret", secret, + public Response createSecret(@PathParam("secretName") String secretName, @PathParam("identity") boolean identity, + String secret) { + KeyVaultSecret result = producerTemplate.requestBodyAndHeader("direct:createSecret" + (identity ? "Identity" : ""), + secret, KeyVaultConstants.SECRET_NAME, secretName, KeyVaultSecret.class); return Response.ok(result.getName()).build(); } - @Path("/secret/{secretName}") + @Path("/secret/wrongClient/{secretName}") + @POST + @Consumes(MediaType.TEXT_PLAIN) + @Produces(MediaType.TEXT_PLAIN) + public Response createSecretWithWrongClient(@PathParam("secretName") String secretName, + String secret) { + try { + KeyVaultSecret result = producerTemplate.requestBodyAndHeader("azure-key-vault://{{camel.vault.azure.vaultName}}" + + "?operation=createSecret", + secret, + KeyVaultConstants.SECRET_NAME, secretName, KeyVaultSecret.class); + return Response.ok(result.getName()).build(); + } catch (ResolveEndpointFailedException e) { + return Response.status(500).entity("ResolveEndpointFailedException").build(); + } + } + + @Path("/secret/{identity}/{secretName}") @GET @Produces(MediaType.TEXT_PLAIN) - public String getSecret(@PathParam("secretName") String secretName) { - return producerTemplate.requestBodyAndHeader("direct:getSecret", null, + public String getSecret(@PathParam("secretName") String secretName, @PathParam("identity") boolean identity) { + return producerTemplate.requestBodyAndHeader("direct:getSecret" + (identity ? "Identity" : ""), null, KeyVaultConstants.SECRET_NAME, secretName, String.class); } - @Path("/secret/{secretName}") + @Path("/secret/{identity}/{secretName}") @DELETE - public Response deleteSecret(@PathParam("secretName") String secretName) { - producerTemplate.requestBodyAndHeader("direct:deleteSecret", null, + public Response deleteSecret(@PathParam("secretName") String secretName, @PathParam("identity") boolean identity) { + producerTemplate.requestBodyAndHeader("direct:deleteSecret" + (identity ? "Identity" : ""), null, KeyVaultConstants.SECRET_NAME, secretName, Void.class); return Response.ok().build(); } - @Path("/secret/{secretName}/purge") + @Path("/secret/{identity}/{secretName}/purge") @DELETE - public Response purgeSecret(@PathParam("secretName") String secretName) { - producerTemplate.requestBodyAndHeader("direct:purgeDeletedSecret", null, + public Response purgeSecret(@PathParam("secretName") String secretName, @PathParam("identity") boolean identity) { + producerTemplate.requestBodyAndHeader("direct:purgeDeletedSecret" + (identity ? "Identity" : ""), null, KeyVaultConstants.SECRET_NAME, secretName, Void.class); return Response.ok().build(); } - @Path("/secret/from/placeholder") + @Path("/secret/fromPlaceholder") @GET public String getSecretFromPropertyPlaceholder() { return producerTemplate.requestBody("direct:propertyPlaceholder", null, String.class); diff --git a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java index 534aea1b403b..e53139bc5553 100644 --- a/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java +++ b/integration-test-groups/azure/azure-key-vault/src/main/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultRoutes.java @@ -24,17 +24,37 @@ public class AzureKeyVaultRoutes extends RouteBuilder { @Override public void configure() throws Exception { from("direct:createSecret") - .to(azureKeyVault("createSecret", true)); + .autoStartup(false) + .id("createSecret") + .to(azureKeyVault("createSecret", false)); from("direct:getSecret") + .autoStartup(false) + .id("getSecret") .to(azureKeyVault("getSecret", false)); from("direct:deleteSecret") - .to(azureKeyVault("deleteSecret", true)); + .autoStartup(false) + .id("deleteSecret") + .to(azureKeyVault("deleteSecret", false)); from("direct:purgeDeletedSecret") + .autoStartup(false) + .id("purgeDeletedSecret") .to(azureKeyVault("purgeDeletedSecret", false)); + from("direct:createSecretIdentity") + .to(azureKeyVault("createSecret", true)); + + from("direct:getSecretIdentity") + .to(azureKeyVault("getSecret", true)); + + from("direct:deleteSecretIdentity") + .to(azureKeyVault("deleteSecret", true)); + + from("direct:purgeDeletedSecretIdentity") + .to(azureKeyVault("purgeDeletedSecret", true)); + from("direct:propertyPlaceholder") .process(exchange -> { Message message = exchange.getMessage(); @@ -45,13 +65,15 @@ public void configure() throws Exception { private String azureKeyVault(String operation, boolean useIdentity) { StringBuilder sb = new StringBuilder("azure-key-vault://{{camel.vault.azure.vaultName}}" + - "?clientId=RAW({{camel.vault.azure.clientId}})" + - "&clientSecret=RAW({{camel.vault.azure.clientSecret}})" + - "&tenantId=RAW({{camel.vault.azure.tenantId}})" + - "&operation=" + operation); + "?operation=" + operation); if (useIdentity) { sb.append("&credentialType=AZURE_IDENTITY"); + } else { + //can not use i.e. RAW({{camel.vault.azure.clientSecret}}) as the value is not set in identity profiles + sb.append("&clientId=").append(System.getenv("AZURE_CLIENT_ID")) + .append("&clientSecret=").append(System.getenv("AZURE_CLIENT_SECRET")) + .append("&tenantId=").append(System.getenv("AZURE_TENANT_ID")); } return sb.toString(); } diff --git a/integration-test-groups/azure/azure-key-vault/src/main/resources/application.properties b/integration-test-groups/azure/azure-key-vault/src/main/resources/application.properties index b1a4b92e9006..14e9f961cc65 100644 --- a/integration-test-groups/azure/azure-key-vault/src/main/resources/application.properties +++ b/integration-test-groups/azure/azure-key-vault/src/main/resources/application.properties @@ -14,8 +14,8 @@ ## See the License for the specific language governing permissions and ## limitations under the License. ## --------------------------------------------------------------------------- -# -camel.vault.azure.tenantId = ${AZURE_TENANT_ID:placeholderTenantId} -camel.vault.azure.clientId = ${AZURE_CLIENT_ID:placeholderClientId} -camel.vault.azure.clientSecret = ${AZURE_CLIENT_SECRET:placeholderClientSecret} -camel.vault.azure.vaultName = ${AZURE_VAULT_NAME:cq-vault-testing} \ No newline at end of file +camel.vault.azure.vaultName = ${AZURE_VAULT_NAME:cq-vault-testing} +#following properties are added by the test profile if needed +#camel.vault.azure.tenantId = ${AZURE_TENANT_ID:placeholderTenantId} +#camel.vault.azure.clientId = ${AZURE_CLIENT_ID:placeholderClientId} +#camel.vault.azure.clientSecret = ${AZURE_CLIENT_SECRET:placeholderClientSecret} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AbstractAzureKeyVaultContextReloadTest.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AbstractAzureKeyVaultContextReloadTest.java new file mode 100644 index 000000000000..0b494c289795 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AbstractAzureKeyVaultContextReloadTest.java @@ -0,0 +1,124 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import java.util.LinkedList; +import java.util.List; +import java.util.UUID; +import java.util.concurrent.TimeUnit; + +import com.azure.messaging.eventhubs.EventData; +import com.azure.messaging.eventhubs.EventHubClientBuilder; +import com.azure.messaging.eventhubs.EventHubConsumerAsyncClient; +import com.azure.messaging.eventhubs.EventHubProducerClient; +import com.azure.messaging.eventhubs.models.EventPosition; +import io.restassured.RestAssured; +import org.hamcrest.CoreMatchers; +import org.jboss.logging.Logger; +import org.junit.jupiter.api.Test; +import org.testcontainers.shaded.org.awaitility.Awaitility; + +import static org.hamcrest.Matchers.is; + +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +abstract class AbstractAzureKeyVaultContextReloadTest { + + private static final Logger LOG = Logger.getLogger(AbstractAzureKeyVaultContextReloadTest.class); + private static final String SECRET_NAME_FOR_REFRESH_PREFIX = "cq-secret-context-refresh-"; + private static final String AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING = "AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING"; + + private final boolean useIdentity; + + public AbstractAzureKeyVaultContextReloadTest(boolean useIdentity) { + this.useIdentity = useIdentity; + } + + private String generateRefreshEvent(String secretName) { + return "[{\n" + + " \"subject\": \"" + SECRET_NAME_FOR_REFRESH_PREFIX + (useIdentity ? "Identity-" : "") + ".*\",\n" + + " \"eventType\": \"Microsoft.KeyVault.SecretNewVersionCreated\"\n" + + "}]"; + } + + @Test + void contextReload() { + String secretName = SECRET_NAME_FOR_REFRESH_PREFIX + (useIdentity ? "Identity-" : "") + UUID.randomUUID(); + String secretValue = "Hello Camel Quarkus Azure Key Vault From Refresh"; + try { + // Create secret + RestAssured.given() + .body(secretValue) + .post("/azure-key-vault/secret/true/{secretName}", secretName) + .then() + .statusCode(200) + .body(is(secretName)); + + // Retrieve secret + RestAssured.given() + .get("/azure-key-vault/secret/true/{secretName}", secretName) + .then() + .statusCode(200); + + //force reload by sending a msg + try (EventHubProducerClient client = new EventHubClientBuilder() + .connectionString(System.getenv(AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING)) + .buildProducerClient()) { + + EventData eventData = new EventData(generateRefreshEvent(secretName).getBytes()); + List finalEventData = new LinkedList<>(); + finalEventData.add(eventData); + client.send(finalEventData); + } catch (Exception e) { + LOG.info("Failed to send a refresh message", e); + } + + //await context reload + Awaitility.await().pollInterval(10, TimeUnit.SECONDS).atMost(1, TimeUnit.MINUTES).untilAsserted( + () -> { + RestAssured.get("/azure-key-vault/context/reload") + .then() + .statusCode(200) + .body(CoreMatchers.is("true")); + }); + } finally { + + //move cursor of events to ignore old ones (old events are deleted after 1 hour) + try { + String connectionString = System.getenv(AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING); + String consumerGroup = EventHubClientBuilder.DEFAULT_CONSUMER_GROUP_NAME; + + try (EventHubConsumerAsyncClient consumer = new EventHubClientBuilder() + .connectionString(connectionString) + .consumerGroup(consumerGroup) + .buildAsyncConsumerClient()) { + + // Move consumer to the latest position, skipping old messages + consumer.receiveFromPartition("0", EventPosition.latest()) + .subscribe(event -> { + System.out.println("Processing new event: " + event.toString()); + }, error -> { + System.err.println("Error receiving events: " + error); + }); + } + } catch (Exception e) { + LOG.info("Failed to clear event hub.", e); + } + + AzureKeyVaultUtil.deleteSecretImmediately(secretName); + } + } +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AbstractAzureKeyVaultTest.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AbstractAzureKeyVaultTest.java new file mode 100644 index 000000000000..21b766830b42 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AbstractAzureKeyVaultTest.java @@ -0,0 +1,84 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import java.util.UUID; + +import io.restassured.RestAssured; +import org.junit.jupiter.api.AfterEach; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + +import static org.hamcrest.Matchers.is; + +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +abstract class AbstractAzureKeyVaultTest { + + private final boolean useIdentity; + + public AbstractAzureKeyVaultTest(boolean useIdentity) { + this.useIdentity = useIdentity; + } + + @BeforeEach + public void beforeEach() { + //routes without identity have to be started + if (!useIdentity) { + RestAssured.given() + .post("/azure-key-vault/secret/routes/start") + .then() + .statusCode(204); + } + } + + @AfterEach + public void afterEach() { + //routes without identity have to be stopped + if (!useIdentity) { + RestAssured.given() + .post("/azure-key-vault/secret/routes/stop") + .then() + .statusCode(204); + } + } + + @Test + void secretCreateRetrieveDeletePurge() { + String secretName = "cq-create" + (useIdentity ? "-identity-" : "-") + UUID.randomUUID().toString(); + String secret = "Hello Camel Quarkus Azure Key Vault"; + + try { + // Create secret + RestAssured.given() + .body(secret) + .post("/azure-key-vault/secret/" + useIdentity + "/{secretName}", secretName) + .then() + .statusCode(200) + .body(is(secretName)); + + // Retrieve secret + RestAssured.given() + .get("/azure-key-vault/secret/" + useIdentity + "/{secretName}", secretName) + .then() + .statusCode(200) + .body(is(secret)); + } finally { + AzureKeyVaultUtil.deleteSecretImmediately(secretName, useIdentity); + } + } + +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadIT.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadIT.java new file mode 100644 index 000000000000..b8630781c227 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadIT.java @@ -0,0 +1,33 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.quarkus.test.junit.QuarkusIntegrationTest; +import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable; + +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +@EnabledIfEnvironmentVariable(named = "AZURE_TENANT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_STORAGE_ACCOUNT_KEY", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME", matches = ".+") +@QuarkusIntegrationTest +class AzureKeyVaultContextReloadIT extends AzureKeyVaultContextReloadTest { + +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadTest.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadTest.java new file mode 100644 index 000000000000..608c94ce4ae8 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadTest.java @@ -0,0 +1,42 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.junit.TestProfile; +import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable; + +/** + * Test for Automatic Camel context reloading on Secret Refresh when credentialType=CLIENT_SECRET is used. + *
+ * Requires own test profile, which contains all credentials for the key vault. + */ +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +@EnabledIfEnvironmentVariable(named = "AZURE_TENANT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_STORAGE_ACCOUNT_KEY", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME", matches = ".+") +@TestProfile(AzureKeyVaultContextReloadTestProfile.class) +@QuarkusTest +class AzureKeyVaultContextReloadTest extends AbstractAzureKeyVaultContextReloadTest { + public AzureKeyVaultContextReloadTest() { + super(false); + } +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadTestProfile.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadTestProfile.java new file mode 100644 index 000000000000..f9ea660ef37f --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadTestProfile.java @@ -0,0 +1,44 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import java.util.HashMap; +import java.util.Map; + +import io.quarkus.test.junit.QuarkusTestProfile; + +public class AzureKeyVaultContextReloadTestProfile implements QuarkusTestProfile { + + @Override + public Map getConfigOverrides() { + //properties have to be set via profile to not be used by different azure-* test in grouped module + Map props = new HashMap<>(); + props.put("camel.vault.azure.tenantId", System.getenv("AZURE_TENANT_ID")); + props.put("camel.vault.azure.clientId", System.getenv("AZURE_CLIENT_ID")); + props.put("camel.vault.azure.clientSecret", System.getenv("AZURE_CLIENT_SECRET")); + props.put("camel.vault.azure.refreshEnabled", "true"); + props.put("camel.vault.azure.refreshPeriod", "1000"); + props.put("camel.vault.azure.secrets", "cq-secret-context-refresh.*"); + props.put("camel.vault.azure.eventhubConnectionString", System.getenv("AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING")); + props.put("camel.vault.azure.blobAccountName", System.getenv("AZURE_STORAGE_ACCOUNT_NAME")); + props.put("camel.vault.azure.blobContainerName", System.getenv("AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME")); + props.put("camel.vault.azure.blobAccessKey", System.getenv("AZURE_STORAGE_ACCOUNT_KEY")); + props.put("camel.main.context-reload-enabled", "true"); + + return props; + } +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityIT.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityIT.java new file mode 100644 index 000000000000..9460d6e7aa52 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityIT.java @@ -0,0 +1,33 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.quarkus.test.junit.QuarkusIntegrationTest; +import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable; + +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +@EnabledIfEnvironmentVariable(named = "AZURE_TENANT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_STORAGE_ACCOUNT_KEY", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME", matches = ".+") +@QuarkusIntegrationTest +class AzureKeyVaultContextReloadWithIdentityIT extends AzureKeyVaultContextReloadWithIdentityTest { + +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityTest.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityTest.java new file mode 100644 index 000000000000..df793ef69e18 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityTest.java @@ -0,0 +1,42 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.junit.TestProfile; +import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable; + +/** + * Test for Automatic Camel context reloading on Secret Refresh when credentialType=AZURE_IDENTITY is used. + *
+ * Requires own test profile, which does not contain any credentials for key vault. + */ +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +@EnabledIfEnvironmentVariable(named = "AZURE_TENANT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_STORAGE_ACCOUNT_KEY", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME", matches = ".+") +@TestProfile(AzureKeyVaultContextReloadWithIdentityTestProfile.class) +@QuarkusTest +class AzureKeyVaultContextReloadWithIdentityTest extends AbstractAzureKeyVaultContextReloadTest { + public AzureKeyVaultContextReloadWithIdentityTest() { + super(true); + } +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityTestProfile.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityTestProfile.java new file mode 100644 index 000000000000..f775ec88051d --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultContextReloadWithIdentityTestProfile.java @@ -0,0 +1,42 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import java.util.HashMap; +import java.util.Map; + +import io.quarkus.test.junit.QuarkusTestProfile; + +public class AzureKeyVaultContextReloadWithIdentityTestProfile implements QuarkusTestProfile { + + @Override + public Map getConfigOverrides() { + //properties have to be set via profile to not be used by different azure-* test in grouped module + Map props = new HashMap<>(); + props.put("camel.vault.azure.refreshEnabled", "true"); + props.put("camel.vault.azure.refreshPeriod", "1000"); + props.put("camel.vault.azure.secrets", "cq-secret-context-refresh.*"); + props.put("camel.vault.azure.eventhubConnectionString", System.getenv("AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING")); + props.put("camel.vault.azure.blobAccountName", System.getenv("AZURE_STORAGE_ACCOUNT_NAME")); + props.put("camel.vault.azure.blobContainerName", System.getenv("AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME")); + props.put("camel.vault.azure.blobAccessKey", System.getenv("AZURE_STORAGE_ACCOUNT_KEY")); + props.put("camel.main.context-reload-enabled", "true"); + props.put("camel.vault.azure.azureIdentityEnabled", "true"); + + return props; + } +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java index da255ac0d7c0..8997cef6d60d 100644 --- a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTest.java @@ -16,184 +16,59 @@ */ package org.apache.camel.quarkus.component.azure.key.vault.it; -import java.util.LinkedList; -import java.util.List; import java.util.UUID; -import java.util.concurrent.TimeUnit; -import com.azure.messaging.eventhubs.EventData; -import com.azure.messaging.eventhubs.EventHubClientBuilder; -import com.azure.messaging.eventhubs.EventHubConsumerAsyncClient; -import com.azure.messaging.eventhubs.EventHubProducerClient; -import com.azure.messaging.eventhubs.models.EventPosition; import io.quarkus.test.junit.QuarkusTest; import io.quarkus.test.junit.TestProfile; import io.restassured.RestAssured; -import org.hamcrest.CoreMatchers; -import org.jboss.logging.Logger; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable; -import org.testcontainers.shaded.org.awaitility.Awaitility; import static org.hamcrest.Matchers.is; +/** + * Test for key vault create/delete/purge with the `credentialType=CLIENT_SECRET` + *
+ * Requires own test profile, which sets credentials to the vault configuration. + */ // Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 @EnabledIfEnvironmentVariable(named = "AZURE_TENANT_ID", matches = ".+") @EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+") @EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+") @EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+") -@TestProfile(ContextReloadTestProfile.class) +@TestProfile(AzureKeyVaultTestProfile.class) @QuarkusTest -class AzureKeyVaultTest { - - private static final org.jboss.logging.Logger LOG = Logger.getLogger(AzureKeyVaultTest.class); - private static final String SECRET_NAME_FOR_REFRESH = "cq-secret-context-refresh-" + UUID.randomUUID(); - private static final String AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING = "AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING"; +class AzureKeyVaultTest extends AbstractAzureKeyVaultTest { - private static String generateRefreshEvent(String secretName) { - return "[{\n" + - " \"subject\": \"" + SECRET_NAME_FOR_REFRESH + "-.*\",\n" + - " \"eventType\": \"Microsoft.KeyVault.SecretNewVersionCreated\"\n" + - "}]"; + public AzureKeyVaultTest() { + super(false); } + /** + * Creation of the secret with the client without identity or clientSecret should fail. + */ @Test - void secretCreateRetrieveDeletePurge() { - String secretName = UUID.randomUUID().toString(); + void wrongClientTest() { + String secretName = "cq-create-with-identity" + UUID.randomUUID().toString(); String secret = "Hello Camel Quarkus Azure Key Vault"; - + boolean tryToDeleteSecret = true; try { // Create secret RestAssured.given() .body(secret) - .post("/azure-key-vault/secret/{secretName}", secretName) - .then() - .statusCode(200) - .body(is(secretName)); - - // Retrieve secret - RestAssured.given() - .get("/azure-key-vault/secret/{secretName}", secretName) - .then() - .statusCode(200) - .body(is(secret)); - } finally { - deleteSecretImmediately(secretName); - } - } - - @Test - void propertyPlaceholder() { - String secretName = "camel-quarkus-secret"; - String secret = "Hello Camel Quarkus Azure Key Vault From Property Placeholder"; - - try { - // Create secret - RestAssured.given() - .body(secret) - .post("/azure-key-vault/secret/{secretName}", secretName) - .then() - .statusCode(200) - .body(is(secretName)); - - // Retrieve secret - RestAssured.given() - .get("/azure-key-vault/secret/from/placeholder") - .then() - .statusCode(200) - .body(is(secret)); - } finally { - deleteSecretImmediately(secretName); - } - } - - @EnabledIfEnvironmentVariable(named = "AZURE_STORAGE_ACCOUNT_KEY", matches = ".+") - @EnabledIfEnvironmentVariable(named = AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING, matches = ".+") - @Test - void contextRefresh() { - String secretName = SECRET_NAME_FOR_REFRESH; - String secretValue = "Hello Camel Quarkus Azure Key Vault From Refresh"; - try { - // Create secret - RestAssured.given() - .body(secretValue) - .post("/azure-key-vault/secret/{secretName}", secretName) - .then() - .statusCode(200) - .body(is(secretName)); - - // Retrieve secret - RestAssured.given() - .get("/azure-key-vault/secret/{secretName}", secretName) + .queryParam("suffix", "Wrong") + .post("/azure-key-vault/secret/wrongClient/{secretName}", secretName) .then() - .statusCode(200); + .statusCode(500) + .body(is("ResolveEndpointFailedException")); - //force reload by sending a msg - try (EventHubProducerClient client = new EventHubClientBuilder() - .connectionString(System.getenv(AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING)) - .buildProducerClient()) { - - EventData eventData = new EventData(generateRefreshEvent(secretName).getBytes()); - List finalEventData = new LinkedList<>(); - finalEventData.add(eventData); - client.send(finalEventData); - } catch (Exception e) { - LOG.info("Failed to send a refresh message", e); - } - - //await context reload - Awaitility.await().pollInterval(10, TimeUnit.SECONDS).atMost(1, TimeUnit.MINUTES).untilAsserted( - () -> { - RestAssured.get("/azure-key-vault/context/reload") - .then() - .statusCode(200) - .body(CoreMatchers.is("true")); - }); + //don't delete secret as it was not created + tryToDeleteSecret = false; } finally { - - //move cursor of events to ignore old ones (old events are deleted after 1 hour) - try { - String connectionString = System.getenv(AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING); - String consumerGroup = EventHubClientBuilder.DEFAULT_CONSUMER_GROUP_NAME; - - try (EventHubConsumerAsyncClient consumer = new EventHubClientBuilder() - .connectionString(connectionString) - .consumerGroup(consumerGroup) - .buildAsyncConsumerClient()) { - - // Move consumer to the latest position, skipping old messages - consumer.receiveFromPartition("0", EventPosition.latest()) - .subscribe(event -> { - System.out.println("Processing new event: " + event.toString()); - }, error -> { - System.err.println("Error receiving events: " + error); - }); - } - } catch (Exception e) { - LOG.info("Failed to clear event hub.", e); + if (tryToDeleteSecret) { + AzureKeyVaultUtil.deleteSecretImmediately(secretName); } - - deleteSecretImmediately(secretName); } } - private static void deleteSecretImmediately(String secretName) { - // Delete secret - RestAssured.given() - .delete("/azure-key-vault/secret/{secretName}", secretName) - .then() - .statusCode(200); - - // Purge secret - RestAssured.given() - .delete("/azure-key-vault/secret/{secretName}/purge", secretName) - .then() - .statusCode(200); - - // Confirm deletion - RestAssured.given() - .get("/azure-key-vault/secret/{secretName}", secretName) - .then() - .statusCode(500); - } } diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/ContextReloadTestProfile.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTestProfile.java similarity index 60% rename from integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/ContextReloadTestProfile.java rename to integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTestProfile.java index fd835df1303e..d1b5899d0244 100644 --- a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/ContextReloadTestProfile.java +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultTestProfile.java @@ -20,18 +20,13 @@ import io.quarkus.test.junit.QuarkusTestProfile; -public class ContextReloadTestProfile implements QuarkusTestProfile { +public class AzureKeyVaultTestProfile implements QuarkusTestProfile { @Override public Map getConfigOverrides() { //properties have to be set via profile to not be used by different azure-* test in grouped module return Map.of( - "camel.vault.azure.refreshEnabled", "true", - "camel.vault.azure.refreshPeriod", "1000", - "camel.vault.azure.secrets", "cq-secret-context-refresh.*", - "camel.vault.azure.eventhubConnectionString", System.getenv("AZURE_VAULT_EVENT_HUBS_CONNECTION_STRING"), - "camel.vault.azure.blobAccountName", System.getenv("AZURE_STORAGE_ACCOUNT_NAME"), - "camel.vault.azure.blobContainerName", System.getenv("AZURE_VAULT_EVENT_HUBS_BLOB_CONTAINER_NAME"), - "camel.vault.azure.blobAccessKey", System.getenv("AZURE_STORAGE_ACCOUNT_KEY"), - "camel.main.context-reload-enabled", "true"); + "camel.vault.azure.tenantId", System.getenv("AZURE_TENANT_ID"), + "camel.vault.azure.clientId", System.getenv("AZURE_CLIENT_ID"), + "camel.vault.azure.clientSecret", System.getenv("AZURE_CLIENT_SECRET")); } } diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultUtil.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultUtil.java new file mode 100644 index 000000000000..291f5b111f23 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultUtil.java @@ -0,0 +1,48 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.restassured.RestAssured; + +public class AzureKeyVaultUtil { + + static void deleteSecretImmediately(String secretName) { + //we need to se identity by default, as the non-identity routes may not start + AzureKeyVaultUtil.deleteSecretImmediately(secretName, true); + } + + static void deleteSecretImmediately(String secretName, boolean useIdentity) { + // Delete secret + RestAssured.given() + .delete("/azure-key-vault/secret/" + useIdentity + "/{secretName}", secretName) + .then() + .statusCode(200); + + // Purge secret + RestAssured.given() + .delete("/azure-key-vault/secret/" + useIdentity + "/{secretName}/purge", secretName) + .then() + .statusCode(200); + + // Confirm deletion + RestAssured.given() + .queryParam("identity", useIdentity) + .get("/azure-key-vault/secret/" + useIdentity + "/{secretName}", secretName) + .then() + .statusCode(500); + } +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityIT.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityIT.java new file mode 100644 index 000000000000..33269ecd4781 --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityIT.java @@ -0,0 +1,30 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.quarkus.test.junit.QuarkusIntegrationTest; +import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable; + +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +@EnabledIfEnvironmentVariable(named = "AZURE_TENANT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+") +@QuarkusIntegrationTest +class AzureKeyVaultWithIdentityIT extends AzureKeyVaultWithIdentityTest { + +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityTest.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityTest.java new file mode 100644 index 000000000000..1b39dffebc7b --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityTest.java @@ -0,0 +1,41 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.quarkus.test.junit.QuarkusTest; +import io.quarkus.test.junit.TestProfile; +import org.junit.jupiter.api.condition.EnabledIfEnvironmentVariable; + +/** + * Test for key vault create/delete/purge with the `credentialType=AZURE_IDENTITY` + *
+ * Requires own test profile, which does not contain any credentials. + */ +// Azure Key Vault is not supported by Azurite https://github.com/Azure/Azurite/issues/619 +@EnabledIfEnvironmentVariable(named = "AZURE_TENANT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_ID", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_CLIENT_SECRET", matches = ".+") +@EnabledIfEnvironmentVariable(named = "AZURE_VAULT_NAME", matches = ".+") +@TestProfile(AzureKeyVaultWithIdentityTestProfile.class) +@QuarkusTest +class AzureKeyVaultWithIdentityTest extends AbstractAzureKeyVaultTest { + + public AzureKeyVaultWithIdentityTest() { + super(true); + } + +} diff --git a/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityTestProfile.java b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityTestProfile.java new file mode 100644 index 000000000000..fb4d51e82fbc --- /dev/null +++ b/integration-test-groups/azure/azure-key-vault/src/test/java/org/apache/camel/quarkus/component/azure/key/vault/it/AzureKeyVaultWithIdentityTestProfile.java @@ -0,0 +1,22 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.camel.quarkus.component.azure.key.vault.it; + +import io.quarkus.test.junit.QuarkusTestProfile; + +public class AzureKeyVaultWithIdentityTestProfile implements QuarkusTestProfile { +}