kiegroup · jakubschwan · Apr 22, 2020 · May 14, 2020 · May 18, 2020
diff --git a/...mework-cloud-api/src/main/java/org/kie/cloud/api/scenario/WorkbenchKieServerScenario.java b/...mework-cloud-api/src/main/java/org/kie/cloud/api/scenario/WorkbenchKieServerScenario.java
@@ -50,5 +50,14 @@ public interface WorkbenchKieServerScenario extends KieDeploymentScenario<Workbe
      */
     default Optional<PrometheusDeployment> getPrometheusDeployment() {
         return Optional.empty();
-    };
+    }
+
+    /**
+     * Change Kie Admin username and password for the scenario. 
+     * After the change are deployments updated and method waits for new available pods.
+     * 
+     * @param username New admin name. (To change only password put there same username as it was)
+     * @param password New admin password.
+     */
+    void changeUsernameAndPassword(String username, String password);
 }
diff --git a/...ork-cloud-common/src/main/java/org/kie/cloud/common/provider/KieServerClientProvider.java b/...ork-cloud-common/src/main/java/org/kie/cloud/common/provider/KieServerClientProvider.java
@@ -66,8 +66,13 @@ public static KieServicesClient getKieServerClient(KieServerDeployment kieServer
                 kieServerDeployment.getUrl().toString() + "/services/rest/server", kieServerDeployment.getUsername(),
                 kieServerDeployment.getPassword(), clientTimeout);
         configuration.addExtraClasses(extraClasses);
-        KieServicesClient kieServerClient = KieServicesFactory.newKieServicesClient(configuration);
-        return kieServerClient;
+        return KieServicesFactory.newKieServicesClient(configuration);
+    }
+
+    public static KieServicesClient getKieServerClient(String url, String username, String password) {
+        KieServicesConfiguration configuration = KieServicesFactory.newRestConfiguration(
+                url + "/services/rest/server", username, password, KIE_SERVER_TIMEOUT);
+        return KieServicesFactory.newKieServicesClient(configuration);
     }
 
     public static KieServicesClient getKieServerJmsClient(URL amqHost) {
@@ -139,8 +144,7 @@ public static KieServicesClient getSmartRouterClient(SmartRouterDeployment smart
                 KieServerConstants.CAPABILITY_CASE,
                 KieServerConstants.CAPABILITY_DMN);
         configuration.setCapabilities(capabilities);
-        KieServicesClient kieServerClient = KieServicesFactory.newKieServicesClient(configuration);
-        return kieServerClient;
+        return KieServicesFactory.newKieServicesClient(configuration);
     }
 
     public static ProcessServicesClient getProcessClient(KieServerDeployment kieServerDeployment) {

diff --git a/...common/src/main/java/org/kie/cloud/common/provider/KieServerControllerClientProvider.java b/...common/src/main/java/org/kie/cloud/common/provider/KieServerControllerClientProvider.java
@@ -29,15 +29,17 @@
 public class KieServerControllerClientProvider {
 
     public static KieServerControllerClient getKieServerControllerClient(WorkbenchDeployment workbenchDeployment) {
-        KieServerControllerClient kieServerControllerClient = KieServerControllerClientFactory.newRestClient(workbenchDeployment.getUrl().toString() + "/rest/controller",
+        return KieServerControllerClientFactory.newRestClient(workbenchDeployment.getUrl().toString() + "/rest/controller",
                 workbenchDeployment.getUsername(), workbenchDeployment.getPassword());
-        return kieServerControllerClient;
+    }
+
+    public static KieServerControllerClient getKieServerControllerClient(String url, String username, String password) {
+        return KieServerControllerClientFactory.newRestClient(url + "/rest/controller", username, password);
     }
 
     public static KieServerControllerClient getKieServerControllerClient(ControllerDeployment controllerDeployment) {
-        KieServerControllerClient kieServerControllerClient = KieServerControllerClientFactory.newRestClient(controllerDeployment.getUrl().toString() + "/rest/controller",
+        return KieServerControllerClientFactory.newRestClient(controllerDeployment.getUrl().toString() + "/rest/controller",
                 controllerDeployment.getUsername(), controllerDeployment.getPassword());
-        return kieServerControllerClient;
     }
 
     /**

diff --git a/...c/main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerPersistentScenarioApb.java b/...c/main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerPersistentScenarioApb.java
@@ -182,4 +182,9 @@ public List<SmartRouterDeployment> getSmartRouterDeployments() {
     public List<ControllerDeployment> getControllerDeployments() {
         return Collections.emptyList();
     }
+
+    @Override
+    public void changeUsernameAndPassword(String username, String password) {
+        throw new UnsupportedOperationException("Not supported."); 
+    }
 }
diff --git a/...ift-apb/src/main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerScenarioApb.java b/...ift-apb/src/main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerScenarioApb.java
@@ -173,4 +173,9 @@ public List<ControllerDeployment> getControllerDeployments() {
     public Optional<PrometheusDeployment> getPrometheusDeployment() {
         return Optional.ofNullable(prometheusDeployment);
     }
+
+    @Override
+    public void changeUsernameAndPassword(String username, String password) {
+        throw new UnsupportedOperationException("Not supported."); 
+    }
 }
diff --git a/...or/src/main/java/org/kie/cloud/openshift/operator/scenario/OpenShiftOperatorScenario.java b/...or/src/main/java/org/kie/cloud/openshift/operator/scenario/OpenShiftOperatorScenario.java
@@ -15,10 +15,9 @@
 
 package org.kie.cloud.openshift.operator.scenario;
 
-import java.util.Objects;
-
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Objects;
 import java.util.stream.Stream;
 
 import cz.xtf.core.openshift.OpenShiftBinary;
@@ -161,6 +160,30 @@ protected void registerCustomTrustedSecret(Server server) {
         server.setKeystoreSecret(DeploymentConstants.getCustomTrustedSecretName());
     }
 
+    protected boolean isCustomTrustedSecretRegistered(Console console) {
+        if (console.getKeystoreSecret() != null && !console.getKeystoreSecret().isEmpty() && console.getEnv().length > 0) {
+            return Stream.of(console.getEnv()).map(Env::getName).anyMatch("HTTPS_NAME"::equals) &&
+                    Stream.of(console.getEnv()).map(Env::getName).anyMatch("HTTPS_PASSWORD"::equals);
+        }
+        return false;
+    }
+
+    protected boolean isCustomTrustedSecretRegistered(SmartRouter smartRouter) {
+        if (smartRouter.getKeystoreSecret() != null && !smartRouter.getKeystoreSecret().isEmpty() && smartRouter.getEnv().length > 0) {
+            return Stream.of(smartRouter.getEnv()).map(Env::getName).anyMatch("KIE_SERVER_ROUTER_TLS_KEYSTORE_KEYALIAS"::equals) && 
+                    Stream.of(smartRouter.getEnv()).map(Env::getName).anyMatch("KIE_SERVER_ROUTER_TLS_KEYSTORE_PASSWORD"::equals);
+        }
+        return false;
+    }
+
+    protected boolean isCustomTrustedSecretRegistered(Server server) {
+        if (server.getKeystoreSecret() != null && !server.getKeystoreSecret().isEmpty() && server.getEnv().length > 0) {
+            return Stream.of(server.getEnv()).map(Env::getName).anyMatch("HTTPS_NAME"::equals) &&
+                    Stream.of(server.getEnv()).map(Env::getName).anyMatch("HTTPS_PASSWORD"::equals);
+        }
+        return false;
+    }
+
     /**
      * @return OpenShift client which is aware of KieApp custom resource.
      */

diff --git a/...a/org/kie/cloud/openshift/operator/scenario/WorkbenchKieServerPersistentScenarioImpl.java b/...a/org/kie/cloud/openshift/operator/scenario/WorkbenchKieServerPersistentScenarioImpl.java
@@ -19,15 +19,20 @@
 import java.time.Instant;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
 
 import cz.xtf.core.waiting.SimpleWaiter;
 import cz.xtf.core.waiting.SupplierWaiter;
 import cz.xtf.core.waiting.WaiterException;
+import io.fabric8.kubernetes.api.model.ObjectMeta;
+import io.fabric8.kubernetes.api.model.Pod;
 import org.kie.cloud.api.deployment.ControllerDeployment;
 import org.kie.cloud.api.deployment.Deployment;
+import org.kie.cloud.api.deployment.Instance;
 import org.kie.cloud.api.deployment.KieServerDeployment;
 import org.kie.cloud.api.deployment.SmartRouterDeployment;
 import org.kie.cloud.api.deployment.SsoDeployment;
@@ -65,7 +70,6 @@ public WorkbenchKieServerPersistentScenarioImpl(KieApp kieApp, boolean deploySso
 
     @Override
     protected void deployCustomResource() {
-
         if (deploySso) {
             ssoDeployment = SsoDeployer.deploySecure(project);
             URL ssoSecureUrl = ssoDeployment.getSecureUrl().orElseThrow(() -> new RuntimeException("RH SSO secure URL not found."));
@@ -82,23 +86,36 @@ protected void deployCustomResource() {
             kieApp.getSpec().setAuth(auth);
         }
 
-        registerCustomTrustedSecret(kieApp.getSpec().getObjects().getConsole());
+        if (!isCustomTrustedSecretRegistered(kieApp.getSpec().getObjects().getConsole())) {
+            registerCustomTrustedSecret(kieApp.getSpec().getObjects().getConsole());
+        }
         for (Server server : kieApp.getSpec().getObjects().getServers()) {
-            registerCustomTrustedSecret(server);
+            if (!isCustomTrustedSecretRegistered(server)) {
+                registerCustomTrustedSecret(server);
+            }
         }
 
         // deploy application
-        getKieAppClient().create(kieApp);
+        getKieAppClient().createOrReplace(kieApp);
         // Wait until the operator reconciliate the KieApp and add there missing informations
+        try {
+            logger.info("Waiting for 10 seconds to let KieApp deployment start - on Jenkins when kieApp replaced following waiters are skipped as old deployment exists.");
+            Thread.sleep(TimeUnit.SECONDS.toMillis(10)); // TODO what could work better?
+        } catch (InterruptedException e) {
+            throw new RuntimeException("Waiting was interrupted", e);
+        }
         new SupplierWaiter<KieApp>(() -> getKieAppClient().withName(OpenShiftConstants.getKieApplicationName()).get(), kieApp -> kieApp.getStatus() != null).reason("Waiting for reconciliation to initialize all fields.").timeout(TimeUnit.MINUTES,1).waitFor();
+        new SimpleWaiter(this::isKieAppDeployed).reason("Waiting for KieApp to be deployed.")
+                                                .timeout(TimeUnit.MINUTES, 1)
+                                                .waitFor();
 
         workbenchDeployment = new WorkbenchOperatorDeployment(project, getKieAppClient());
-        workbenchDeployment.setUsername(DeploymentConstants.getAppUser());
-        workbenchDeployment.setPassword(DeploymentConstants.getAppPassword());
+        workbenchDeployment.setUsername(kieApp.getSpec().getCommonConfig().getAdminUser());
+        workbenchDeployment.setPassword(kieApp.getSpec().getCommonConfig().getAdminPassword());
 
         kieServerDeployment = new KieServerOperatorDeployment(project, getKieAppClient());
-        kieServerDeployment.setUsername(DeploymentConstants.getAppUser());
-        kieServerDeployment.setPassword(DeploymentConstants.getAppPassword());
+        kieServerDeployment.setUsername(kieApp.getSpec().getCommonConfig().getAdminUser());
+        kieServerDeployment.setPassword(kieApp.getSpec().getCommonConfig().getAdminPassword());
 
         logger.info("Waiting until all services are created.");
         try {
@@ -123,6 +140,10 @@ protected void deployCustomResource() {
         storeProjectInfoToPersistentVolume(workbenchDeployment, "/opt/eap/standalone/data/kie");
     }
 
+    private boolean isKieAppDeployed() {
+        return getKieAppClient().withName(OpenShiftConstants.getKieApplicationName()).get().getStatus().getPhase().equals("Deployed");
+    }
+
     @Override
     public WorkbenchDeployment getWorkbenchDeployment() {
         return workbenchDeployment;
@@ -169,4 +190,36 @@ public List<ControllerDeployment> getControllerDeployments() {
     public SsoDeployment getSsoDeployment() {
         return ssoDeployment;
     }
+
+    @Override
+    public void changeUsernameAndPassword(String username, String password) {
+        if(getDeployments().stream().allMatch(Deployment::isReady)) {
+            List<String> oldInstances = workbenchDeployment.getInstances().stream().map(Instance::getName).collect(Collectors.toList());
+            oldInstances.addAll(kieServerDeployment.getInstances().stream().map(Instance::getName).collect(Collectors.toList()));
+
+            kieApp = getKieAppClient().withName(OpenShiftConstants.getKieApplicationName()).get();
+            kieApp.getSpec().getCommonConfig().setAdminUser(username);
+            kieApp.getSpec().getCommonConfig().setAdminPassword(password);
+            deployCustomResource();
+
+            try {
+                new SimpleWaiter(() -> areInstancesDeleted(oldInstances)).timeout(TimeUnit.MINUTES, 5).interval(TimeUnit.SECONDS, 5).waitFor();
+            } catch (WaiterException e) {
+                throw new RuntimeException("Timeout while deploying application.", e);
+            }
+            logger.info("Waiting for Workbench deployment to become ready.");
+            workbenchDeployment.waitForScale();
+
+            logger.info("Waiting for Kie server deployment to become ready.");
+            kieServerDeployment.waitForScale();
+        } else{
+            throw new RuntimeException("Application is not ready for Username and password change. Please check first that application is ready.");
+        }
+    }
+
+    private boolean areInstancesDeleted(Collection<String> oldInstancesNames) {
+        return project.getOpenShift().getPods().stream().map(Pod::getMetadata)
+                                                        .map(ObjectMeta::getName)
+                                                        .noneMatch(oldInstancesNames::contains);
+    }
 }
diff --git a/...c/main/java/org/kie/cloud/openshift/operator/scenario/WorkbenchKieServerScenarioImpl.java b/...c/main/java/org/kie/cloud/openshift/operator/scenario/WorkbenchKieServerScenarioImpl.java
@@ -153,4 +153,9 @@ public List<ControllerDeployment> getControllerDeployments() {
     public Optional<PrometheusDeployment> getPrometheusDeployment() {
         return Optional.ofNullable(prometheusDeployment);
     }
+
+    @Override
+    public void changeUsernameAndPassword(String username, String password) {
+        throw new UnsupportedOperationException("Not supported yet.");
+    }
 }
diff --git a/.../openshift/operator/scenario/builder/WorkbenchKieServerPersistentScenarioBuilderImpl.java b/.../openshift/operator/scenario/builder/WorkbenchKieServerPersistentScenarioBuilderImpl.java
@@ -66,11 +66,9 @@ public WorkbenchKieServerPersistentScenarioBuilderImpl() {
         kieApp.getSpec().setCommonConfig(commonConfig);
 
         Server server = new Server();
-        server.addEnvs(authenticationEnvVars);
         kieApp.getSpec().getObjects().addServer(server);
 
         Console console = new Console();
-        console.addEnvs(authenticationEnvVars);
         kieApp.getSpec().getObjects().setConsole(console);
     }
 

diff --git a/.../main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerPersistentScenarioImpl.java b/.../main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerPersistentScenarioImpl.java
@@ -19,9 +19,12 @@
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.concurrent.TimeUnit;
 
+import cz.xtf.core.waiting.SimpleWaiter;
 import org.kie.cloud.api.deployment.ControllerDeployment;
 import org.kie.cloud.api.deployment.Deployment;
 import org.kie.cloud.api.deployment.KieServerDeployment;
@@ -32,6 +35,7 @@
 import org.kie.cloud.api.scenario.WorkbenchKieServerPersistentScenario;
 import org.kie.cloud.api.scenario.WorkbenchKieServerScenario;
 import org.kie.cloud.common.provider.KieServerControllerClientProvider;
+import org.kie.cloud.openshift.constants.OpenShiftConstants;
 import org.kie.cloud.openshift.constants.OpenShiftTemplateConstants;
 import org.kie.cloud.openshift.constants.ProjectSpecificPropertyNames;
 import org.kie.cloud.openshift.deployment.KieServerDeploymentImpl;
@@ -147,4 +151,41 @@ public List<ControllerDeployment> getControllerDeployments() {
     public SsoDeployment getSsoDeployment() {
         return ssoDeployment;
     }
+
+    @Override
+    public void changeUsernameAndPassword(String username, String password) {
+        if (getDeployments().stream().allMatch(Deployment::isReady)) {
+            deploySecretAppUser(username, password);
+            logger.info("Restart the environment to update Workbench deployment.");
+            getDeployments().parallelStream().forEach(this::scaleToZeroAndBackToReplicas);
+        } else {
+            throw new RuntimeException("Application is not ready for Username and password change. Please check first that application is ready.");
+        }
+    }
+
+    private void deploySecretAppUser(String user, String password) {
+        logger.info("Delete old secret '{}'", DeploymentConstants.getAppCredentialsSecretName());
+        project.getOpenShift().secrets().withName(DeploymentConstants.getAppCredentialsSecretName()).delete();
+        new SimpleWaiter(() -> project.getOpenShift().getSecret(DeploymentConstants.getAppCredentialsSecretName()) == null).timeout(TimeUnit.MINUTES, 2)
+                                                                                                                   .reason("Waiting for old secret to be deleted.")
+                                                                                                                   .waitFor();
+
+        logger.info("Creating user secret '{}'", DeploymentConstants.getAppCredentialsSecretName());
+        Map<String, String> data = new HashMap<>();
+        data.put(OpenShiftConstants.KIE_ADMIN_USER, user);
+        data.put(OpenShiftConstants.KIE_ADMIN_PWD, password);
+
+        project.createSecret(DeploymentConstants.getAppCredentialsSecretName(), data);
+        new SimpleWaiter(() -> project.getOpenShift().getSecret(DeploymentConstants.getAppCredentialsSecretName()) != null).timeout(TimeUnit.MINUTES, 2)
+                                                                                                                   .reason("Waiting for new secret to be created.")
+                                                                                                                   .waitFor();
+    }
+
+    private void scaleToZeroAndBackToReplicas(Deployment deployment) {
+        int replicas = deployment.getInstances().size();
+        deployment.scale(0);
+        deployment.waitForScale();
+        deployment.scale(replicas);
+        deployment.waitForScale();
+    }
 }
diff --git a/...plates/src/main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerScenarioImpl.java b/...plates/src/main/java/org/kie/cloud/openshift/scenario/WorkbenchKieServerScenarioImpl.java
@@ -133,4 +133,9 @@ public List<ControllerDeployment> getControllerDeployments() {
     public Optional<PrometheusDeployment> getPrometheusDeployment() {
         return Optional.ofNullable(prometheusDeployment);
     }
+
+    @Override
+    public void changeUsernameAndPassword(String username, String password) {
+        throw new UnsupportedOperationException("Not supported yet.");
+    }
 }