wip: throwaway code

stackabletech · Nov 16, 2022 · 8a4b340 · 8a4b340
1 parent cac2028
commit 8a4b340
Show file tree

Hide file tree

Showing 2 changed files with 74 additions and 1 deletion.
diff --git a/deploy/crd/druidcluster.crd.yaml b/deploy/crd/druidcluster.crd.yaml
@@ -361,6 +361,14 @@ spec:
                     description: Authentication class settings for Druid like TLS authentication or LDAP
                     nullable: true
                     properties:
+                      ldap:
+                        nullable: true
+                        properties:
+                          authenticationClass:
+                            type: string
+                        required:
+                        - authenticationClass
+                        type: object
                       tls:
                         description: TLS based client authentication (mutual TLS)
                         nullable: true

diff --git a/rust/crd/src/authentication.rs b/rust/crd/src/authentication.rs
@@ -1,5 +1,6 @@
 use crate::DruidCluster;
 
+
 use serde::{Deserialize, Serialize};
 use snafu::{ResultExt, Snafu};
 use stackable_operator::{
@@ -11,6 +12,7 @@ use stackable_operator::{
     kube::runtime::reflector::ObjectRef,
     schemars::{self, JsonSchema},
 };
+
 use strum::{EnumDiscriminants, IntoStaticStr};
 
 #[derive(Snafu, Debug, EnumDiscriminants)]
@@ -87,6 +89,38 @@ impl DruidAuthentication {
             }
         }
 
+        if let Some(DruidAuthentication {
+            tls: _,
+            ldap: Some(druid_ldap),
+        }) = &druid.spec.cluster_config.authentication
+        {
+            let authentication_class =
+                AuthenticationClass::resolve(client, &druid_ldap.authentication_class)
+                    .await
+                    .context(AuthenticationClassRetrievalSnafu {
+                        authentication_class: ObjectRef::<AuthenticationClass>::new(
+                            &druid_ldap.authentication_class,
+                        ),
+                    })?;
+
+            match authentication_class.spec.provider {
+                AuthenticationClassProvider::Ldap(tls_provider) => {
+                    druid_authentication_config.push(DruidAuthenticationConfig::Ldap(tls_provider));
+                }
+                _ => {
+                    return Err(Error::AuthenticationClassProviderNotSupported {
+                        authentication_class_provider: authentication_class
+                            .spec
+                            .provider
+                            .to_string(),
+                        authentication_class: ObjectRef::<AuthenticationClass>::new(
+                            &druid_ldap.authentication_class,
+                        ),
+                    })
+                }
+            }
+        }        
+
         Ok(druid_authentication_config)
     }
 }
@@ -101,4 +135,35 @@ impl DruidAuthenticationConfig {
     pub fn is_tls_auth(&self) -> bool {
         matches!(self, DruidAuthenticationConfig::Tls(_))
     }
-}
+}
+
+/*
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_process_ldap_authentication() {
+        let result = DruidAuthentication::resolve()
+        // TODO: replace client with mockable interface
+        // TODO: pass LDAPy config
+        // TODO: expect no error (the current code provides this)
+
+        let cluster: DruidCluster = serde_yaml::from_reader(&cluster_cr).unwrap();
+
+
+
+        assert_eq!(cluster.metadata.name, Some("testcluster".to_string()));
+
+        assert_eq!(
+            cluster.role_service_name(&DruidRole::Router),
+            Some("testcluster-router".to_string())
+        );
+
+        assert_eq!(
+            cluster.role_service_fqdn(&DruidRole::Router),
+            Some("testcluster-router.default.svc.cluster.local".to_string())
+        )
+    }
+}
+*/