Allow custom port binding when restricting data plane

author: Morten Tokle <mortent@yahooinc.com> 2022-09-13 15:20:12 +0200
committer: Morten Tokle <mortent@yahooinc.com> 2022-09-13 15:20:12 +0200
commit: d110e8cc51a8450eb340b875e31b5fc193f7797f (patch)
tree: 49ab62aa184ca047c0615df5f347aa6a3d5d6250
parent: 8c1062b6fd62c6948610eb41b72617be581b7dbf (diff)
2 files changed, 15 insertions, 5 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/application/validation/UriBindingsValidator.java b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/UriBindingsValidator.java
index 718f1646126..a57a8fa9e70 100644
--- a/config-model/src/main/java/com/yahoo/vespa/model/application/validation/UriBindingsValidator.java
+++ b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/UriBindingsValidator.java
@@ -41,7 +41,7 @@ class UriBindingsValidator extends Validator {
     private static void validateUserBinding(BindingPattern binding, VespaModel model, DeployState deployState) {
         validateScheme(binding, deployState);
         if (isHostedApplication(model, deployState)) {
-            validateHostedApplicationUserBinding(binding);
+            validateHostedApplicationUserBinding(binding, deployState);
         }
     }
 
@@ -53,13 +53,14 @@ class UriBindingsValidator extends Validator {
         }
     }
 
-    private static void validateHostedApplicationUserBinding(BindingPattern binding) {
+    private static void validateHostedApplicationUserBinding(BindingPattern binding, DeployState deployState) {
         // only perform these validation for used-generated bindings
         // bindings produced by the hosted config model amender will violate some of the rules below
         if (binding instanceof SystemBindingPattern) return;
 
-        if (!binding.matchesAnyPort()) {
-            throw new IllegalArgumentException(createErrorMessage(binding, "binding with port is not allowed"));
+        // Allow binding to port if we are restricting data plane bindings
+        if (!binding.matchesAnyPort() && !deployState.featureFlags().useRestrictedDataPlaneBindings()) {
+                throw new IllegalArgumentException(createErrorMessage(binding, "binding with port is not allowed"));
         }
         if (!binding.host().equals(BindingPattern.WILDCARD_PATTERN)) {
             throw new IllegalArgumentException(createErrorMessage(binding, "only binding with wildcard ('*') for hostname is allowed"));
diff --git a/config-model/src/test/java/com/yahoo/vespa/model/application/validation/UriBindingsValidatorTest.java b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/UriBindingsValidatorTest.java
index 7c16d3c99cf..ff9596f2062 100644
--- a/config-model/src/test/java/com/yahoo/vespa/model/application/validation/UriBindingsValidatorTest.java
+++ b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/UriBindingsValidatorTest.java
@@ -58,6 +58,11 @@ public class UriBindingsValidatorTest {
     }
 
     @Test
+    void allows_portbinding_when_restricting_data_plane() throws IOException, SAXException {
+        runUriBindingValidator(new TestProperties().setHostedVespa(true).setUseRestrictedDataPlaneBindings(true), createServicesXmlWithHandler("http://*:4443/my-handler"));
+    }
+
+    @Test
     void allows_user_binding_with_wildcard_port() throws IOException, SAXException {
         runUriBindingValidator(true, createServicesXmlWithHandler("http://*:*/my-handler"));
     }
@@ -68,12 +73,16 @@ public class UriBindingsValidatorTest {
     }
 
     private void runUriBindingValidator(boolean isHosted, String servicesXml) throws IOException, SAXException {
+        runUriBindingValidator(new TestProperties().setHostedVespa(isHosted), servicesXml);
+    }
+
+    private void runUriBindingValidator(TestProperties testProperties, String servicesXml) throws IOException, SAXException {
         ApplicationPackage app = new MockApplicationPackage.Builder()
                 .withServices(servicesXml)
                 .build();
         DeployState deployState = new DeployState.Builder()
                 .applicationPackage(app)
-                .properties(new TestProperties().setHostedVespa(isHosted))
+                .properties(testProperties)
                 .build();
         VespaModel model = new VespaModel(new NullConfigModelRegistry(), deployState);
         new UriBindingsValidator().validate(model, deployState);
author	Morten Tokle <mortent@yahooinc.com>	2022-09-13 15:20:12 +0200
committer	Morten Tokle <mortent@yahooinc.com>	2022-09-13 15:20:12 +0200
commit	d110e8cc51a8450eb340b875e31b5fc193f7797f (patch)
tree	49ab62aa184ca047c0615df5f347aa6a3d5d6250
parent	8c1062b6fd62c6948610eb41b72617be581b7dbf (diff)