feat: add apikey example

apikeys/APIKeys.postman_collection.json

@@ -0,0 +1,199 @@
+{
+	"info": {
+		"_postman_id": "2d96fac2-4eaa-4508-bfc0-c4bf2e09adce",
+		"name": "APIKeys",
+		"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json",
+		"_exporter_id": "11878109",
+		"_collection_link": "https://fpaycx.postman.co/workspace/SN~f695694f-237c-4f17-b833-692ddf7c68dd/collection/11878109-2d96fac2-4eaa-4508-bfc0-c4bf2e09adce?action=share&source=collection_link&creator=11878109"
+	},
+	"item": [
+		{
+			"name": "http://localhost:8080/admin/v2/tenants",
+			"request": {
+				"method": "GET",
+				"header": [
+					{
+						"key": "Accept",
+						"value": "application/json"
+					}
+				],
+				"url": {
+					"raw": "http://localhost:8080/admin/v2/tenants",
+					"protocol": "http",
+					"host": [
+						"localhost"
+					],
+					"port": "8080",
+					"path": [
+						"admin",
+						"v2",
+						"tenants"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "http://localhost:8081/v1/tokens",
+			"request": {
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "http://localhost:8081/v1/tokens",
+					"protocol": "http",
+					"host": [
+						"localhost"
+					],
+					"port": "8081",
+					"path": [
+						"v1",
+						"tokens"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "http://localhost:8081/v1/revocation-list",
+			"request": {
+				"method": "GET",
+				"header": [],
+				"url": {
+					"raw": "http://localhost:8081/v1/revocation-list",
+					"protocol": "http",
+					"host": [
+						"localhost"
+					],
+					"port": "8081",
+					"path": [
+						"v1",
+						"revocation-list"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "https://localhost:8081/v1/tokens",
+			"request": {
+				"method": "PUT",
+				"header": [
+					{
+						"key": "Content-Type",
+						"value": "application/json"
+					}
+				],
+				"body": {
+					"mode": "raw",
+					"raw": "{\"name\": \"test1\"}"
+				},
+				"url": {
+					"raw": "http://localhost:8081/v1/tokens",
+					"protocol": "http",
+					"host": [
+						"localhost"
+					],
+					"port": "8081",
+					"path": [
+						"v1",
+						"tokens"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "http://localhost:8081/v1/tokens",
+			"request": {
+				"method": "PUT",
+				"header": [
+					{
+						"key": "Content-Type",
+						"value": "application/json"
+					}
+				],
+				"body": {
+					"mode": "raw",
+					"raw": "{\"name\": \"test1\",\"exp\":1719590340}"
+				},
+				"url": {
+					"raw": "http://localhost:8081/v1/tokens",
+					"protocol": "http",
+					"host": [
+						"localhost"
+					],
+					"port": "8081",
+					"path": [
+						"v1",
+						"tokens"
+					]
+				}
+			},
+			"response": []
+		},
+		{
+			"name": "http://localhost:8081/v1/tokens/{{tokenid}}",
+			"request": {
+				"method": "POST",
+				"header": [
+					{
+						"key": "Content-Type",
+						"value": "application/json"
+					}
+				],
+				"url": {
+					"raw": "http://localhost:8081/v1/tokens/revoke/{{tokenid}}",
+					"protocol": "http",
+					"host": [
+						"localhost"
+					],
+					"port": "8081",
+					"path": [
+						"v1",
+						"tokens",
+						"revoke",
+						"{{tokenid}}"
+					]
+				}
+			},
+			"response": []
+		}
+	],
+	"auth": {
+		"type": "bearer",
+		"bearer": [
+			{
+				"key": "token",
+				"value": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjcwMDdkZGY5LWJlYWMtNGU3NC04ZTMyLWYwMzQ1M2ZlYTNlMCIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ1cm46c246cHVsc2FyOnB1bHNhcjpwcml2YXRlLWNsb3VkIiwiaWF0IjoxNjkyMTg3MDgzLCJpc3MiOiJodHRwOi8vcHJpdmF0ZS1jbG91ZC1hcGlrZXlzLnB1bHNhci5zdmMuY2x1c3Rlci5sb2NhbDo4MDgxLyIsImp0aSI6ImFwaWtleXMtOGZmOWNmMTg2MmI0NDJlNTlkMzkzOTU4ZjFmZTRhZjgiLCJyZXZvY2FibGUiOiJmYWxzZSIsInN1YiI6ImFkbWluIn0.Emcp9c_7hczMkCl0f_kErBhLoZtzOyuqxlyGVasdeDDv4KGJBNlGtE-Y6TLAQEJF6wqfkdDisuoLxYrS9HZYKxSRUMEV8kdClEiDa4N_OWC25nUPD0K4fCSTIm_7qiuwSELHObqPEhrAaZb9y7rWcIib59g1zyBKItTDiGYSSDM7ZKkHqxogcSpBokiG46c5OoSYtZMAyaieE4WJWhVfUfbFJHTPr1LgVhsMslZMJH0fpoJJeevgnMzoo2U147AjgplO6zCNDr0q9sZuqgUv3I9TB7X6ZsxUH_1J73_jU3bG3hD4Jp3uUxbDk5tLwBXH8bdDH9nazB0I-l59ZslQYQ",
+				"type": "string"
+			}
+		]
+	},
+	"event": [
+		{
+			"listen": "prerequest",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		},
+		{
+			"listen": "test",
+			"script": {
+				"type": "text/javascript",
+				"exec": [
+					""
+				]
+			}
+		}
+	],
+	"variable": [
+		{
+			"key": "tokenid",
+			"value": "",
+			"type": "string"
+		}
+	]
+}

apikeys/README.md

@@ -0,0 +1,69 @@
+## test with kind
+- kind create cluster
+- install olm, refer https://docs.streamnative.io/operator/pulsar-operator-install-olm, `curl -sL https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.23.1/install.sh | bash -s v0.23.1`
+- k apply -f catalogsource.yaml
+- k apply -f subscriptions.yaml
+- k create ns pulsar
+- comment the apikey configurations code in this yaml file 
+- downscale sn-operator, edit the deployment replicas to 0 of sn-operator in namespace operators
+- make install
+- export OPERATOR_NAMESPACE=operators WEBHOOK_SERVER_CERT=sn-operator-controller-manager-service-cert
+- make copy-running-certs
+- WEBHOOK_SERVICE_ADDRESS=https://host.docker.internal:9443 make webhook-proxy
+- OPERATOR_NAMESPACE=operators;RUN_PULSAR_CONTROLLERS=false;SN_OPERATOR_FLINK_ENABLE=false;SN_OPERATOR_PFSQL_ENABLE=false make run
+- uncomment the apikey configurations code in this yaml file  
+- k apply -f cluster.yaml
+- kgsec private-cloud-apikeys-key -n pulsar -o json | jq -r .data.token | base64 -d
+- k port-forward svc/private-cloud-streamnative-console -n pulsar 9527:9527
+
+## debug console ui and server
+- kgsec private-cloud-apikeys-key -n pulsar -o json | jq -r '.data.token' | base64 -d > super-token
+- `kubectl exec -it private-cloud-console-0 -c private-cloud-console -n pulsar -- cat /pulsar-manager/pulsar-manager/application.properties > src/main/resources/application.properties`
+
+- update application.properties file
+```
+#spring.datasource.driver-class-name=org.postgresql.Driver
+#spring.datasource.url=jdbc:postgresql://127.0.0.1:5688/pulsar_manager
+#spring.datasource.username=pulsar
+#spring.datasource.password=pulsar
+
+spring.datasource.driver-class-name=org.sqlite.JDBC
+spring.datasource.url=jdbc:sqlite:pulsar_manager.db
+spring.sql.init.mode=always
+spring.sql.init.schema-locations=classpath:/META-INF/sql/sqlite-schema.sql
+spring.datasource.username=
+spring.datasource.password=
+
+jwt.broker.super-token=file:///Users/lili/space/sn/sn-pulsar-manager/super-token
+```
+
+- vim hosts file
+```
+127.0.0.1 private-cloud-broker.pulsar.svc.cluster.local
+127.0.0.1 private-cloud-broker
+127.0.0.1 private-cloud-apikeys.pulsar.svc.cluster.local
+```
+
+- forward service
+
+```shell
+k port-forward svc/private-cloud-apikeys -n pulsar 8081:8081
+k port-forward svc/private-cloud-broker -n pulsar 8080:8080
+```
+
+- launch gateway
+```
+mvn clean package
+java --add-opens java.base/java.time=ALL-UNNAMED -cp "./target/classes:./target/build/libs/*" io.streamnative.gateway.Application
+```
+- launch console application with debug model
+
+List of problems:
+- The version of pulsar-operator is wrong, it needs to be upgraded to 0.17.5, the solution is to create the catalogsource of sn, refer to sn-catalogsource.yaml
+- The apikeys log reports that Pulsar is not available, and the broker log reports that the number of bookies is insufficient. The reason: because the replicas configuration is 1, which is inconsistent with the write configuration. The solution is to add the configuration PULSAR_PREFIX_managedLedgerDefaultEnsembleSize: "1";PULSAR_PREFIX_managedLedgerDefaultWriteQuorum: "1"; PULSAR_PREFIX_managedLedgerDefaultAckQuorum: "1"
+- Console startup error imageCapabilities null pointer, the reason is that imageCapabilities failed to load because of wrong namespace (default sn_system), the solution is to add startup environment variable OPERATOR_NAMESPACE=operators
+- To avoid the conflict between the installed sn-operator and the debug sn-operator, modify the deployment replicas of the installed sn-operator to 0
+- Because of the webhook penetration problem, it is recommended to use kind to deploy the test locally
+
+## build console image
+`docker buildx build -f docker/Dockerfile --platform linux/amd64,linux/arm64/v8 -t streamnative/private-cloud-console:v3.0.0-beta2 .  --push`