io.fabric8.kubernetes.api.model.OwnerReference Java Examples

private List<RollableScalableResource<ReplicaSet, DoneableReplicaSet>> doGetLog() {
  List<RollableScalableResource<ReplicaSet, DoneableReplicaSet>> rcs = new ArrayList<>();
  DeploymentConfig deploymentConfig = fromServer().get();
  String rcUid = deploymentConfig.getMetadata().getUid();

  ReplicaSetOperationsImpl rsOperations = new ReplicaSetOperationsImpl((RollingOperationContext) context);
  ReplicaSetList rcList = rsOperations.withLabels(deploymentConfig.getMetadata().getLabels()).list();

  for (ReplicaSet rs : rcList.getItems()) {
    OwnerReference ownerReference = KubernetesResourceUtil.getControllerUid(rs);
    if (ownerReference != null && ownerReference.getUid().equals(rcUid)) {
      rcs.add(rsOperations.withName(rs.getMetadata().getName()));
    }
  }
  return rcs;
}
 

private PodDisruptionBudget buildPodDisruptionBudget(final RabbitMQCustomResource resource) {
    final String namespace = resource.getMetadata().getNamespace();
    return new PodDisruptionBudgetBuilder()
            .withNewMetadata()
            .withName(String.format("%s-poddisruptionbudget", resource.getName()))
            .withNamespace(namespace)
            .withOwnerReferences(
                    new OwnerReference(
                            resource.getApiVersion(),
                            true,
                            true,
                            resource.getKind(),
                            resource.getName(),
                            resource.getMetadata().getUid()
                    )
            )
            .endMetadata()
            .withNewSpec()
            .withMaxUnavailable(new IntOrString(1))
            .withNewSelector()
            .withMatchLabels(Collections.singletonMap(Labels.Kubernetes.INSTANCE, resource.getName()))
            .endSelector()
            .endSpec()
            .build();
}
 

private List<RabbitMQUser> buildUsers(final RabbitMQCustomResource resource) {
    return resource.getSpec().getClusterSpec().getUsers().stream()
            .map(user -> {
                final Secret maybeExistingUserSecret = secretsController.get(RabbitMQSecrets.getUserSecretName(user.getUsername(), resource.getName()), resource.getMetadata().getNamespace());

                return new RabbitMQUser(
                        user.getUsername(),
                        maybeExistingUserSecret != null ? maybeExistingUserSecret : rabbitMQSecrets.createUserSecret(user.getUsername(), resource),
                        resource.getMetadata(),
                        new OwnerReference(
                                resource.getApiVersion(),
                                true,
                                true,
                                resource.getKind(),
                                resource.getName(),
                                resource.getMetadata().getUid()
                        ),
                        user.getVhosts(),
                        user.getTags()
                );
            })
            .collect(Collectors.toList());
}
 

@Test
public void testRenewalOfDeploymentCertificatesWithNullSecret() throws IOException {
    CertAndKey newCertAndKey = new CertAndKey("new-key".getBytes(), "new-cert".getBytes(), "new-truststore".getBytes(), "new-keystore".getBytes(), "new-password");
    ClusterCa clusterCaMock = mock(ClusterCa.class);
    when(clusterCaMock.generateSignedCert(anyString(), anyString())).thenReturn(newCertAndKey);
    String namespace = "my-namespace";
    String secretName = "my-secret";
    String commonName = "deployment";
    String keyCertName = "deployment";
    Labels labels = Labels.forStrimziCluster("my-cluster");
    OwnerReference ownerReference = new OwnerReference();
    boolean isMaintenanceTimeWindowsSatisfied = true;

    Secret newSecret = ModelUtils.buildSecret(clusterCaMock, null, namespace, secretName, commonName,
            keyCertName, labels, ownerReference, isMaintenanceTimeWindowsSatisfied);

    assertThat(newSecret.getData(), hasEntry("deployment.crt", newCertAndKey.certAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.key", newCertAndKey.keyAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.p12", newCertAndKey.keyStoreAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.password", newCertAndKey.storePasswordAsBase64String()));
}
 

private List<PodResource<Pod, DoneablePod>> doGetLog(boolean isPretty) {
  List<PodResource<Pod, DoneablePod>> pods = new ArrayList<>();
  ReplicationController rc = fromServer().get();
  String rcUid = rc.getMetadata().getUid();

  PodOperationsImpl podOperations = new PodOperationsImpl(new PodOperationContext(context.getClient(),
    context.getConfig(), context.getPlural(), context.getNamespace(), context.getName(), null,
    "v1", context.getCascading(), context.getItem(), context.getLabels(), context.getLabelsNot(),
    context.getLabelsIn(), context.getLabelsNotIn(), context.getFields(), context.getFieldsNot(), context.getResourceVersion(),
    context.getReloadingFromServer(), context.getGracePeriodSeconds(), context.getPropagationPolicy(),
    context.getWatchRetryInitialBackoffMillis(), context.getWatchRetryBackoffMultiplier(), null, null, null, null, null,
    null, null, null, null, false, false, false, null, null,
    null, isPretty, null, null, null, null, null));
  PodList jobPodList = podOperations.withLabels(rc.getMetadata().getLabels()).list();

  for (Pod pod : jobPodList.getItems()) {
    OwnerReference ownerReference = KubernetesResourceUtil.getControllerUid(pod);
    if (ownerReference != null && ownerReference.getUid().equals(rcUid)) {
      pods.add(podOperations.withName(pod.getMetadata().getName()));
    }
  }
  return pods;
}
 

private List<PodResource<Pod, DoneablePod>> doGetLog(boolean isPretty) {
  List<PodResource<Pod, DoneablePod>> pods = new ArrayList<>();
  StatefulSet statefulSet = fromServer().get();
  String rcUid = statefulSet.getMetadata().getUid();

  PodOperationsImpl podOperations = new PodOperationsImpl(new PodOperationContext(context.getClient(),
    context.getConfig(), context.getPlural(), context.getNamespace(), context.getName(), null,
    "v1", context.getCascading(), context.getItem(), context.getLabels(), context.getLabelsNot(),
    context.getLabelsIn(), context.getLabelsNotIn(), context.getFields(), context.getFieldsNot(), context.getResourceVersion(),
    context.getReloadingFromServer(), context.getGracePeriodSeconds(), context.getPropagationPolicy(),
    context.getWatchRetryInitialBackoffMillis(), context.getWatchRetryBackoffMultiplier(), null, null, null, null, null,
    null, null, null, null, false, false, false, null, null,
    null, isPretty, null, null, null, null, null));
  PodList jobPodList = podOperations.withLabels(statefulSet.getSpec().getTemplate().getMetadata().getLabels()).list();

  for (Pod pod : jobPodList.getItems()) {
    OwnerReference ownerReference = KubernetesResourceUtil.getControllerUid(pod);
    if (ownerReference != null && ownerReference.getUid().equals(rcUid)) {
      pods.add(podOperations.withName(pod.getMetadata().getName()));
    }
  }
  return pods;
}
 

private List<PodResource<Pod, DoneablePod>> doGetLog(boolean isPretty) {
  List<PodResource<Pod, DoneablePod>> pods = new ArrayList<>();
  ReplicaSet replicaSet = fromServer().get();
  String rcUid = replicaSet.getMetadata().getUid();

  PodOperationsImpl podOperations = new PodOperationsImpl(new PodOperationContext(context.getClient(),
    context.getConfig(), context.getPlural(), context.getNamespace(), context.getName(), null,
    "v1", context.getCascading(), context.getItem(), context.getLabels(), context.getLabelsNot(),
    context.getLabelsIn(), context.getLabelsNotIn(), context.getFields(), context.getFieldsNot(), context.getResourceVersion(),
    context.getReloadingFromServer(), context.getGracePeriodSeconds(), context.getPropagationPolicy(),
    context.getWatchRetryInitialBackoffMillis(), context.getWatchRetryBackoffMultiplier(), null, null, null, null, null,
    null, null, null, null, false, false, false, null, null,
    null, isPretty, null, null, null, null, null));
  PodList jobPodList = podOperations.withLabels(replicaSet.getMetadata().getLabels()).list();

  for (Pod pod : jobPodList.getItems()) {
    OwnerReference ownerReference = KubernetesResourceUtil.getControllerUid(pod);
    if (ownerReference != null && ownerReference.getUid().equals(rcUid)) {
      pods.add(podOperations.withName(pod.getMetadata().getName()));
    }
  }
  return pods;
}
 

private List<RollableScalableResource<ReplicaSet, DoneableReplicaSet>> doGetLog() {
  List<RollableScalableResource<ReplicaSet, DoneableReplicaSet>> rcs = new ArrayList<>();
  Deployment deployment = fromServer().get();
  String rcUid = deployment.getMetadata().getUid();

  ReplicaSetOperationsImpl rsOperations = new ReplicaSetOperationsImpl((RollingOperationContext) context);
  ReplicaSetList rcList = rsOperations.withLabels(deployment.getSpec().getTemplate().getMetadata().getLabels()).list();

  for (ReplicaSet rs : rcList.getItems()) {
    OwnerReference ownerReference = KubernetesResourceUtil.getControllerUid(rs);
    if (ownerReference != null && ownerReference.getUid().equals(rcUid)) {
      rcs.add(rsOperations.withName(rs.getMetadata().getName()));
    }
  }
  return rcs;
}
 

private List<PodResource<Pod, DoneablePod>> doGetLog(boolean isPretty) {
  List<PodResource<Pod, DoneablePod>> pods = new ArrayList<>();
  Job job = fromServer().get();
  String jobUid = job.getMetadata().getUid();

  PodOperationsImpl podOperations = new PodOperationsImpl(new PodOperationContext(context.getClient(),
    context.getConfig(), context.getPlural(), context.getNamespace(), context.getName(), null,
    "v1", context.getCascading(), context.getItem(), context.getLabels(), context.getLabelsNot(),
    context.getLabelsIn(), context.getLabelsNotIn(), context.getFields(), context.getFieldsNot(), context.getResourceVersion(),
    context.getReloadingFromServer(), context.getGracePeriodSeconds(), context.getPropagationPolicy(),
    context.getWatchRetryInitialBackoffMillis(), context.getWatchRetryBackoffMultiplier(), null, null, null, null, null,
    null, null, null, null, false, false, false, null, null,
    null, isPretty, null, null, null, null, null));
  PodList jobPodList = podOperations.withLabel("controller-uid", jobUid).list();

  for (Pod pod : jobPodList.getItems()) {
    OwnerReference ownerReference = KubernetesResourceUtil.getControllerUid(pod);
    if (ownerReference != null && ownerReference.getUid().equals(jobUid)) {
      pods.add(podOperations.withName(pod.getMetadata().getName()));
    }
  }
  return pods;
}
 

/**
 * Create a Kubernetes secret containing the provided private key and related certificate
 *
 * @param namespace Namespace
 * @param name Secret name
 * @param keyKey key field in the Secret data section for the private key
 * @param certKey key field in the Secret data section for the certificate
 * @param key private key to store
 * @param cert certificate to store
 * @param storeKey key field in the Secret data section for the PKCS12 store
 * @param storePasswordKey key field in the Secret data section for the PKCS12 store password
 * @param store PKCS12 store
 * @param storePassword PKCS12 store password
 * @param labels Labels to add to the Secret
 * @param annotations annotations to add to the Secret
 * @param ownerReference owner of the Secret
 * @return the Secret
 */
public Secret createSecret(String namespace, String name,
                           String keyKey, String certKey,
                           byte[] key, byte[] cert,
                           String storeKey, String storePasswordKey,
                           byte[] store, byte[] storePassword,
                           Map<String, String> labels, Map<String, String> annotations,
                           OwnerReference ownerReference) {
    Map<String, String> data = new HashMap<>(4);

    Base64.Encoder encoder = Base64.getEncoder();

    data.put(keyKey, encoder.encodeToString(key));
    data.put(certKey, encoder.encodeToString(cert));
    if (store != null) {
        data.put(storeKey, encoder.encodeToString(store));
    }
    if (storePassword != null) {
        data.put(storePasswordKey, encoder.encodeToString(storePassword));
    }

    return createSecret(namespace, name, data, labels, annotations, ownerReference);
}
 

/**
 * Create a Kubernetes secret containing the provided secret data section
 *
 * @param namespace Namespace
 * @param name Secret name
 * @param data Map with secret data / files
 * @param labels Labels to add to the Secret
 * @param annotations annotations to add to the Secret
 * @param ownerReference owner of the Secret
 * @return the Secret
 */
public Secret createSecret(String namespace, String name, Map<String, String> data,
                           Map<String, String> labels, Map<String, String> annotations, OwnerReference ownerReference) {
    List<OwnerReference> or = ownerReference != null ? singletonList(ownerReference) : emptyList();
    Secret secret = new SecretBuilder()
            .withNewMetadata()
                .withName(name)
                .withNamespace(namespace)
                .withLabels(labels)
                .withAnnotations(annotations)
                .withOwnerReferences(or)
            .endMetadata()
            .withData(data)
            .build();

    return secret;
}
 

public static Secret createSecret(String name, String namespace, Labels labels, OwnerReference ownerReference, Map<String, String> data) {
    if (ownerReference == null) {
        return new SecretBuilder()
                .withNewMetadata()
                .withName(name)
                .withNamespace(namespace)
                .withLabels(labels.toMap())
                .endMetadata()
                .withData(data).build();
    } else {
        return new SecretBuilder()
                .withNewMetadata()
                .withName(name)
                .withOwnerReferences(ownerReference)
                .withNamespace(namespace)
                .withLabels(labels.toMap())
                .endMetadata()
                .withData(data).build();
    }
}
 

private void handlePodObject(Pod pod) {
    logger.log(Level.INFO, "handlePodObject(" + pod.getMetadata().getName() + ")");
    OwnerReference ownerReference = getControllerOf(pod);
    if (!ownerReference.getKind().equalsIgnoreCase("PodSet")) {
        return;
    }
    PodSet podSet = podSetLister.get(ownerReference.getName());
    if (podSet != null) {
        enqueuePodSet(podSet);
    }
}
 

@Test
public void testOwnerReference() {
    Kafka kafka = new KafkaBuilder()
            .withNewMetadata()
                .withName("my-cluster")
                .withNamespace("my-namespace")
            .endMetadata()
            .build();

    AbstractModel am = new AbstractModel(kafka, "my-app") {
        @Override
        protected String getDefaultLogConfigFileName() {
            return "";
        }

        @Override
        protected List<Container> getContainers(ImagePullPolicy imagePullPolicy) {
            return emptyList();
        }
    };
    am.setLabels(Labels.forStrimziCluster("foo"));
    am.setOwnerReference(kafka);

    OwnerReference ref = am.createOwnerReference();

    assertThat(ref.getApiVersion(), is(kafka.getApiVersion()));
    assertThat(ref.getKind(), is(kafka.getKind()));
    assertThat(ref.getName(), is(kafka.getMetadata().getName()));
    assertThat(ref.getUid(), is(kafka.getMetadata().getUid()));
}
 

/**
 * Generate the OwnerReference object to link newly created objects to their parent (the custom resource)
 *
 * @return The owner reference.
 */
protected OwnerReference createOwnerReference() {
    return new OwnerReferenceBuilder()
            .withApiVersion(ownerApiVersion)
            .withKind(ownerKind)
            .withName(name)
            .withUid(ownerUid)
            .withBlockOwnerDeletion(false)
            .withController(false)
            .build();
}
 

@Override
public PersistentVolumeClaim createVolume(KubernetesClient client, ObjectMeta podMetaData){
    String namespace = podMetaData.getNamespace();
    String podId = podMetaData.getName();
    LOGGER.log(Level.FINE, "Adding workspace volume from pod: {0}/{1}", new Object[] { namespace, podId });
    OwnerReference ownerReference = new OwnerReferenceBuilder().
            withApiVersion("v1").
            withKind("Pod").
            withBlockOwnerDeletion(true).
            withController(true).
            withName(podMetaData.getName()).
            withUid(podMetaData.getUid()).build();

     PersistentVolumeClaim pvc = new PersistentVolumeClaimBuilder()
            .withNewMetadata()
            .withName("pvc-" + podMetaData.getName())
            .withOwnerReferences(ownerReference)
            .withLabels(DEFAULT_POD_LABELS)
            .endMetadata()
            .withNewSpec()
            .withAccessModes(getAccessModesOrDefault())
            .withNewResources()
            .withRequests(getResourceMap())
            .endResources()
            .withStorageClassName(getStorageClassNameOrDefault())
            .endSpec()
            .build();
     pvc = client.persistentVolumeClaims().inNamespace(podMetaData.getNamespace()).create(pvc);
     LOGGER.log(INFO, "Created PVC: {0}/{1}", new Object[] { namespace, pvc.getMetadata().getName() });
     return pvc;
}
 

public static OwnerReference getControllerUid(HasMetadata resource) {
  if (resource.getMetadata() != null) {
    List<OwnerReference> ownerReferenceList = resource.getMetadata().getOwnerReferences();
    for (OwnerReference ownerReference : ownerReferenceList) {
      if (Boolean.TRUE.equals(ownerReference.getController())) {
        return ownerReference;
      }
    }
  }
  return null;
}
 

private void setOwnerReference(Deployment deployment, List<HasMetadata> resources) {
	final OwnerReference deploymentOwnerReference = new OwnerReferenceBuilder()
		.withName(deployment.getMetadata().getName())
		.withApiVersion(deployment.getApiVersion())
		.withUid(deployment.getMetadata().getUid())
		.withKind(deployment.getKind())
		.withController(true)
		.withBlockOwnerDeletion(true)
		.build();
	resources.forEach(resource ->
		resource.getMetadata().setOwnerReferences(Collections.singletonList(deploymentOwnerReference)));
}
 

private <T extends HasMetadata> void testOwnerReferenceSetting(
	HasMetadata ownerReference,
	List<T> resources) {
	resources.forEach(resource -> {
		List<OwnerReference> ownerReferences = resource.getMetadata().getOwnerReferences();
		assertEquals(1, ownerReferences.size());
		assertEquals(ownerReference.getMetadata().getUid(), ownerReferences.get(0).getUid());
	});
}
 

public RabbitMQUser(
        final String username,
        final Secret userSecret,
        final ObjectMeta clusterMetadata,
        final OwnerReference clusterReference,
        final List<VhostPermissions> vhostPermissions,
        final List<String> tags
) {
    this.username = username;
    this.userSecret = userSecret;
    this.clusterMetadata = clusterMetadata;
    this.clusterReference = clusterReference;
    this.vhostPermissions = vhostPermissions;
    this.tags = tags;
}
 

Future<ReconciliationState> clusterOperatorSecret(Supplier<Date> dateSupplier) {
    oldCoSecret = clusterCa.clusterOperatorSecret();

    Labels labels = Labels.fromResource(kafkaAssembly)
            .withStrimziKind(reconciliation.kind())
            .withStrimziCluster(reconciliation.name())
            .withKubernetesName(Labels.APPLICATION_NAME)
            .withKubernetesInstance(reconciliation.name())
            .withKubernetesPartOf(reconciliation.name())
            .withKubernetesManagedBy(AbstractModel.STRIMZI_CLUSTER_OPERATOR_NAME);

    OwnerReference ownerRef = new OwnerReferenceBuilder()
            .withApiVersion(kafkaAssembly.getApiVersion())
            .withKind(kafkaAssembly.getKind())
            .withName(kafkaAssembly.getMetadata().getName())
            .withUid(kafkaAssembly.getMetadata().getUid())
            .withBlockOwnerDeletion(false)
            .withController(false)
            .build();

    Secret secret = ModelUtils.buildSecret(clusterCa, clusterCa.clusterOperatorSecret(), namespace,
            ClusterOperator.secretName(name), "cluster-operator", "cluster-operator",
            labels, ownerRef, isMaintenanceTimeWindowsSatisfied(dateSupplier));

    return withVoid(secretOperations.reconcile(namespace, ClusterOperator.secretName(name),
            secret));
}
 

/**
 * Generate the OwnerReference object to link newly created objects to their parent (the custom resource)
 *
 * @return The OwnerReference object
 */
protected OwnerReference createOwnerReference() {
    return new OwnerReferenceBuilder()
            .withApiVersion(ownerApiVersion)
            .withKind(ownerKind)
            .withName(cluster)
            .withUid(ownerUid)
            .withBlockOwnerDeletion(false)
            .withController(false)
            .build();
}
 

@Test
public void testRenewalOfDeploymentCertificatesDelayedRenewalOutsideOfMaintenanceWindow() throws IOException {
    Secret initialSecret = new SecretBuilder()
            .withNewMetadata()
            .withNewName("test-secret")
            .endMetadata()
            .addToData("deployment.crt", Base64.getEncoder().encodeToString("old-cert".getBytes()))
            .addToData("deployment.key", Base64.getEncoder().encodeToString("old-key".getBytes()))
            .addToData("deployment.p12", Base64.getEncoder().encodeToString("old-keystore".getBytes()))
            .addToData("deployment.password", Base64.getEncoder().encodeToString("old-password".getBytes()))
            .build();

    CertAndKey newCertAndKey = new CertAndKey("new-key".getBytes(), "new-cert".getBytes(), "new-truststore".getBytes(), "new-keystore".getBytes(), "new-password");
    ClusterCa clusterCaMock = mock(ClusterCa.class);
    when(clusterCaMock.certRenewed()).thenReturn(false);
    when(clusterCaMock.isExpiring(any(), any())).thenReturn(true);
    when(clusterCaMock.generateSignedCert(anyString(), anyString())).thenReturn(newCertAndKey);
    String namespace = "my-namespace";
    String secretName = "my-secret";
    String commonName = "deployment";
    String keyCertName = "deployment";
    Labels labels = Labels.forStrimziCluster("my-cluster");
    OwnerReference ownerReference = new OwnerReference();
    boolean isMaintenanceTimeWindowsSatisfied = false;

    Secret newSecret = ModelUtils.buildSecret(clusterCaMock, initialSecret, namespace, secretName, commonName,
            keyCertName, labels, ownerReference, isMaintenanceTimeWindowsSatisfied);

    assertThat(newSecret.getData(), hasEntry("deployment.crt", Base64.getEncoder().encodeToString("old-cert".getBytes())));
    assertThat(newSecret.getData(), hasEntry("deployment.key", Base64.getEncoder().encodeToString("old-key".getBytes())));
    assertThat(newSecret.getData(), hasEntry("deployment.p12", Base64.getEncoder().encodeToString("old-keystore".getBytes())));
    assertThat(newSecret.getData(), hasEntry("deployment.password", Base64.getEncoder().encodeToString("old-password".getBytes())));
}
 

private List<OwnerReference> createOwnerReferencesFromApp(Application app) {
    if (app.getMetadata().getUid() == null || app.getMetadata().getUid().isEmpty()) {
        throw new IllegalStateException("The app needs to be saved first, the UUID needs to be present.");
    }
    OwnerReference ownerReference = new OwnerReference();
    ownerReference.setUid(app.getMetadata().getUid());
    ownerReference.setName(app.getMetadata().getName());
    ownerReference.setKind(app.getKind());
    ownerReference.setController(true);
    ownerReference.setBlockOwnerDeletion(true);
    ownerReference.setApiVersion(app.getApiVersion());

    return Arrays.asList(ownerReference);

}
 

@Test
public void testRenewalOfDeploymentCertificatesWithRenewingCa() throws IOException {
    Secret initialSecret = new SecretBuilder()
            .withNewMetadata()
                .withNewName("test-secret")
            .endMetadata()
            .addToData("deployment.crt", Base64.getEncoder().encodeToString("old-cert".getBytes()))
            .addToData("deployment.key", Base64.getEncoder().encodeToString("old-key".getBytes()))
            .addToData("deployment.p12", Base64.getEncoder().encodeToString("old-keystore".getBytes()))
            .addToData("deployment.password", Base64.getEncoder().encodeToString("old-password".getBytes()))
            .build();

    CertAndKey newCertAndKey = new CertAndKey("new-key".getBytes(), "new-cert".getBytes(), "new-truststore".getBytes(), "new-keystore".getBytes(), "new-password");
    ClusterCa clusterCaMock = mock(ClusterCa.class);
    when(clusterCaMock.certRenewed()).thenReturn(true);
    when(clusterCaMock.isExpiring(any(), any())).thenReturn(false);
    when(clusterCaMock.generateSignedCert(anyString(), anyString())).thenReturn(newCertAndKey);
    String namespace = "my-namespace";
    String secretName = "my-secret";
    String commonName = "deployment";
    String keyCertName = "deployment";
    Labels labels = Labels.forStrimziCluster("my-cluster");
    OwnerReference ownerReference = new OwnerReference();
    boolean isMaintenanceTimeWindowsSatisfied = true;

    Secret newSecret = ModelUtils.buildSecret(clusterCaMock, initialSecret, namespace, secretName, commonName,
            keyCertName, labels, ownerReference, isMaintenanceTimeWindowsSatisfied);

    assertThat(newSecret.getData(), hasEntry("deployment.crt", newCertAndKey.certAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.key", newCertAndKey.keyAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.p12", newCertAndKey.keyStoreAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.password", newCertAndKey.storePasswordAsBase64String()));
}
 

public <T extends CustomService> T owns(Application application, T service) {

        if (application != null) {
            //Set OwnerReferences: the Application Owns the MicroService
            List<OwnerReference> ownerReferencesFromApp = createOwnerReferencesFromApp(application);
            ObjectMeta objectMetaMicroService = service.getMetadata();
            objectMetaMicroService.setOwnerReferences(ownerReferencesFromApp);
            service.setMetadata(objectMetaMicroService);


        }

        return service;
    }
 

public Secret createErlangCookieSecret(final RabbitMQCustomResource rabbit) {
    final String clusterName = ModelFieldLookups.getName(rabbit);

    final String erlangCookie = randomStringGenerator.apply(50);

    return new SecretBuilder()
            .addToData(Constants.Secrets.ERLANG_COOKIE_KEY, secretDataEncoder.apply(erlangCookie))
            .withNewMetadata()
            .withName(getErlangCookieSecretName(clusterName))
            .withNamespace(rabbit.getMetadata().getNamespace())
            .addToLabels(Labels.Kubernetes.INSTANCE, clusterName)
            .addToLabels(Labels.Kubernetes.MANAGED_BY, Labels.Values.RABBITMQ_OPERATOR)
            .addToLabels(Labels.Kubernetes.PART_OF, Labels.Values.RABBITMQ)
            .addToLabels(Labels.Indeed.getIndeedLabels(rabbit))
            .withOwnerReferences(
                    new OwnerReference(
                            rabbit.getApiVersion(),
                            true,
                            true,
                            rabbit.getKind(),
                            rabbit.getName(),
                            rabbit.getMetadata().getUid()
                    )
            )
            .endMetadata()
            .build();
}
 

public Secret createUserSecret(
        final String username,
        final RabbitMQCustomResource rabbit
) {
    final String clusterName = rabbit.getName();
    final String password = randomStringGenerator.apply(30);

    return new SecretBuilder()
            .addToData(Constants.Secrets.USERNAME_KEY, secretDataEncoder.apply(username))
            .addToData(Constants.Secrets.PASSWORD_KEY, secretDataEncoder.apply(password))
            .withNewMetadata()
            .withName(getUserSecretName(username, clusterName))
            .withNamespace(rabbit.getMetadata().getNamespace())
            .addToLabels(Labels.Kubernetes.INSTANCE, clusterName)
            .addToLabels(Labels.Kubernetes.MANAGED_BY, Labels.Values.RABBITMQ_OPERATOR)
            .addToLabels(Labels.Kubernetes.PART_OF, Labels.Values.RABBITMQ)
            .addToLabels(Labels.Indeed.getIndeedLabels(rabbit))
            .withOwnerReferences(
                    new OwnerReference(
                            rabbit.getApiVersion(),
                            true,
                            true,
                            rabbit.getKind(),
                            rabbit.getName(),
                            rabbit.getMetadata().getUid()
                    )
            )
            .endMetadata()
            .build();
}
 

public Secret createClusterSecret(final RabbitMQCustomResource rabbit) {
    final String clusterName = ModelFieldLookups.getName(rabbit);

    final String password = randomStringGenerator.apply(30);

    return new SecretBuilder()
            .addToData(Constants.Secrets.USERNAME_KEY, secretDataEncoder.apply(DEFAULT_USERNAME))
            .addToData(Constants.Secrets.PASSWORD_KEY, secretDataEncoder.apply(password))
            .withNewMetadata()
                .withName(getClusterSecretName(clusterName))
                .withNamespace(rabbit.getMetadata().getNamespace())
                .addToLabels(Labels.Kubernetes.INSTANCE, clusterName)
                .addToLabels(Labels.Kubernetes.MANAGED_BY, Labels.Values.RABBITMQ_OPERATOR)
                .addToLabels(Labels.Kubernetes.PART_OF, Labels.Values.RABBITMQ)
                .addToLabels(Labels.Indeed.getIndeedLabels(rabbit))
                .withOwnerReferences(
                    new OwnerReference(
                            rabbit.getApiVersion(),
                            true,
                            true,
                            rabbit.getKind(),
                            rabbit.getName(),
                            rabbit.getMetadata().getUid()
                    )
            )
            .endMetadata()
            .build();
}
 

@Test
public void testRenewalOfDeploymentCertificatesDelayedRenewal() throws IOException {
    Secret initialSecret = new SecretBuilder()
            .withNewMetadata()
            .withNewName("test-secret")
            .endMetadata()
            .addToData("deployment.crt", Base64.getEncoder().encodeToString("old-cert".getBytes()))
            .addToData("deployment.key", Base64.getEncoder().encodeToString("old-key".getBytes()))
            .addToData("deployment.p12", Base64.getEncoder().encodeToString("old-keystore".getBytes()))
            .addToData("deployment.password", Base64.getEncoder().encodeToString("old-password".getBytes()))
            .build();

    CertAndKey newCertAndKey = new CertAndKey("new-key".getBytes(), "new-cert".getBytes(), "new-truststore".getBytes(), "new-keystore".getBytes(), "new-password");
    ClusterCa clusterCaMock = mock(ClusterCa.class);
    when(clusterCaMock.certRenewed()).thenReturn(false);
    when(clusterCaMock.isExpiring(any(), any())).thenReturn(true);
    when(clusterCaMock.generateSignedCert(anyString(), anyString())).thenReturn(newCertAndKey);
    String namespace = "my-namespace";
    String secretName = "my-secret";
    String commonName = "deployment";
    String keyCertName = "deployment";
    Labels labels = Labels.forStrimziCluster("my-cluster");
    OwnerReference ownerReference = new OwnerReference();
    boolean isMaintenanceTimeWindowsSatisfied = true;

    Secret newSecret = ModelUtils.buildSecret(clusterCaMock, initialSecret, namespace, secretName, commonName,
            keyCertName, labels, ownerReference, isMaintenanceTimeWindowsSatisfied);

    assertThat(newSecret.getData(), hasEntry("deployment.crt", newCertAndKey.certAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.key", newCertAndKey.keyAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.p12", newCertAndKey.keyStoreAsBase64String()));
    assertThat(newSecret.getData(), hasEntry("deployment.password", newCertAndKey.storePasswordAsBase64String()));
}