diff options
| author | jonmv <venstad@gmail.com> | 2022-11-16 11:25:27 +0100 |
|---|---|---|
| committer | jonmv <venstad@gmail.com> | 2022-11-16 11:25:27 +0100 |
| commit | a033e8e7f94747026a6c996f76f63e998ef9da82 (patch) | |
| tree | d9fe04b4051ede551fb4c749f18fc4da5a895d5d | |
| parent | 123fc2cea67998b936695017767bdf019079722f (diff) | |
Support legacy regional app-endpoint URLs, to be reverted
11 files changed, 130 insertions, 58 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java index c4a3319c915..0520987485e 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/RoutingController.java @@ -20,6 +20,7 @@ import com.yahoo.vespa.hosted.controller.api.integration.dns.RecordData; import com.yahoo.vespa.hosted.controller.api.integration.dns.RecordName; import com.yahoo.vespa.hosted.controller.application.Endpoint; import com.yahoo.vespa.hosted.controller.application.Endpoint.Port; +import com.yahoo.vespa.hosted.controller.application.Endpoint.Scope; import com.yahoo.vespa.hosted.controller.application.EndpointId; import com.yahoo.vespa.hosted.controller.application.EndpointList; import com.yahoo.vespa.hosted.controller.application.SystemApplication; @@ -234,6 +235,7 @@ public class RoutingController { .on(Port.tls()) .in(controller.system()); endpointDnsNames.add(endpoint.dnsName()); + if (endpoint.scope() == Scope.application) endpointDnsNames.add(endpoint.legacyRegionalDsnName()); } return Collections.unmodifiableList(endpointDnsNames); } @@ -311,6 +313,9 @@ public class RoutingController { controller.nameServiceForwarder().createRecord( new Record(Record.Type.CNAME, RecordName.from(endpoint.dnsName()), RecordData.fqdn(vipHostname)), Priority.normal); + controller.nameServiceForwarder().createRecord( + new Record(Record.Type.CNAME, RecordName.from(endpoint.legacyRegionalDsnName()), RecordData.fqdn(vipHostname)), + Priority.normal); } Map<ClusterSpec.Id, EndpointList> applicationEndpointsByCluster = applicationEndpoints.groupingBy(Endpoint::cluster); for (var kv : applicationEndpointsByCluster.entrySet()) { @@ -323,7 +328,7 @@ public class RoutingController { if (matchingTarget.isEmpty()) throw new IllegalStateException("No target found routing to " + deployment + " in " + endpoint); containerEndpoints.add(new ContainerEndpoint(clusterId.value(), asString(Endpoint.Scope.application), - List.of(endpoint.dnsName()), + List.of(endpoint.dnsName(), endpoint.legacyRegionalDsnName()), OptionalInt.of(matchingTarget.get().weight()), endpoint.routingMethod())); } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java index 63e6eb53af8..b559353ca25 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/Endpoint.java @@ -24,6 +24,8 @@ import java.util.function.Predicate; import java.util.stream.Collectors; import java.util.stream.Stream; +import static java.util.Comparator.comparing; +import static java.util.Comparator.naturalOrder; import static java.util.stream.Collectors.toSet; /** @@ -44,13 +46,14 @@ public class Endpoint { private final ClusterSpec.Id cluster; private final Optional<InstanceName> instance; private final URI url; + private final URI legacyRegionalUrl; private final List<Target> targets; private final Scope scope; private final boolean legacy; private final RoutingMethod routingMethod; private Endpoint(TenantAndApplicationId application, Optional<InstanceName> instanceName, EndpointId id, - ClusterSpec.Id cluster, URI url, List<Target> targets, Scope scope, Port port, boolean legacy, + ClusterSpec.Id cluster, URI url, URI legacyRegionalUrl, List<Target> targets, Scope scope, Port port, boolean legacy, RoutingMethod routingMethod, boolean certificateName) { Objects.requireNonNull(application, "application must be non-null"); Objects.requireNonNull(instanceName, "instanceName must be non-null"); @@ -64,6 +67,7 @@ public class Endpoint { this.cluster = requireCluster(cluster, certificateName); this.instance = requireInstance(instanceName, scope); this.url = url; + this.legacyRegionalUrl = legacyRegionalUrl; this.targets = List.copyOf(requireTargets(targets, application, instanceName, scope, certificateName)); this.scope = requireScope(scope, routingMethod); this.legacy = legacy; @@ -102,6 +106,12 @@ public class Endpoint { return url.getAuthority().replaceAll(":.*", ""); } + /** Returns the legacy DNS name with region, for application endpoints */ + public String legacyRegionalDsnName() { + if (scope != Scope.application) throw new IllegalStateException("legacy regional URL is only for application scope endpoints, not " + this); + return legacyRegionalUrl.getAuthority().replaceAll(":.*", ""); + } + /** Returns the target(s) to which this routes traffic */ public List<Target> targets() { return targets; @@ -166,7 +176,7 @@ public class Endpoint { } private static URI createUrl(String name, TenantAndApplicationId application, Optional<InstanceName> instance, - List<Target> targets, Scope scope, SystemName system, Port port) { + List<Target> targets, Scope scope, SystemName system, Port port, boolean legacyRegionalUrl) { String separator = "."; String portPart = port.isDefault() ? "" : ":" + port.port; @@ -178,7 +188,7 @@ public class Endpoint { separator + sanitize(application.tenant().value()) + "." + - scopePart(scope, targets, system) + + scopePart(scope, targets, system, legacyRegionalUrl) + dnsSuffix(system) + portPart + "/"); @@ -193,13 +203,12 @@ public class Endpoint { return name + separator; } - private static String scopePart(Scope scope, List<Target> targets, SystemName system) { - String scopeSymbol = scopeSymbol(scope, system); - Set<ZoneId> zones = targets.stream().map(target -> target.deployment.zoneId()).collect(toSet()); + private static String scopePart(Scope scope, List<Target> targets, SystemName system, boolean legacyRegion) { + String scopeSymbol = scopeSymbol(scope, system, legacyRegion); if (scope == Scope.global) return scopeSymbol; - if (scope == Scope.application) return scopeSymbol; + if (scope == Scope.application && ! legacyRegion) return scopeSymbol; - ZoneId zone = targets.get(0).deployment().zoneId(); + ZoneId zone = targets.stream().map(target -> target.deployment.zoneId()).min(comparing(ZoneId::value)).get(); String region = zone.region().value(); boolean skipEnvironment = zone.environment().isProduction(); String environment = skipEnvironment ? "" : "." + zone.environment().value(); @@ -209,20 +218,21 @@ public class Endpoint { return region + (scopeSymbol.isEmpty() ? "" : "-" + scopeSymbol) + environment; } - private static String scopeSymbol(Scope scope, SystemName system) { + private static String scopeSymbol(Scope scope, SystemName system, boolean legacyRegion) { + if (legacyRegion) return "r"; if (system.isPublic()) { return switch (scope) { case zone -> "z"; case weighted -> "w"; case global -> "g"; - case application -> "r"; + case application -> "a"; }; } return switch (scope) { case zone -> ""; case weighted -> "w"; case global -> "global"; - case application -> "r"; + case application -> "a"; }; } @@ -583,12 +593,23 @@ public class Endpoint { Objects.requireNonNull(targets, "targets must be non-null"), Objects.requireNonNull(scope, "scope must be non-null"), Objects.requireNonNull(system, "system must be non-null"), - Objects.requireNonNull(port, "port must be non-null")); + Objects.requireNonNull(port, "port must be non-null"), + false); + URI legacyRegionalUrl = scope != Scope.application ? null + : createUrl(endpointOrClusterAsString(endpointId, cluster), + Objects.requireNonNull(application, "application must be non-null"), + Objects.requireNonNull(instance, "instance must be non-null"), + Objects.requireNonNull(targets, "targets must be non-null"), + Objects.requireNonNull(scope, "scope must be non-null"), + Objects.requireNonNull(system, "system must be non-null"), + Objects.requireNonNull(port, "port must be non-null"), + true); return new Endpoint(application, instance, endpointId, cluster, url, + legacyRegionalUrl, targets, scope, port, diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java index d3dbfc0f5e9..5c995e83fd4 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/RoutingPolicies.java @@ -303,20 +303,28 @@ public class RoutingPolicies { if ( ! aliasTargets.isEmpty()) { nameServiceForwarderIn(targetZone).createAlias( RecordName.from(applicationEndpoint.dnsName()), aliasTargets, Priority.normal); + nameServiceForwarderIn(targetZone).createAlias( + RecordName.from(applicationEndpoint.legacyRegionalDsnName()), aliasTargets, Priority.normal); } if ( ! directTargets.isEmpty()) { nameServiceForwarderIn(targetZone).createDirect( RecordName.from(applicationEndpoint.dnsName()), directTargets, Priority.normal); + nameServiceForwarderIn(targetZone).createDirect( + RecordName.from(applicationEndpoint.legacyRegionalDsnName()), directTargets, Priority.normal); } }); inactiveTargetsByEndpoint.forEach((applicationEndpoint, targets) -> { - // Where multiple zones are permitted, they all have the same routing policy, and nameServiceForwarder (below). + // Where multiple zones are permitted, they all have the same routing policy, and nameServiceForwarder. ZoneId targetZone = applicationEndpoint.targets().iterator().next().deployment().zoneId(); targets.forEach(target -> { nameServiceForwarderIn(targetZone).removeRecords(target.type(), RecordName.from(applicationEndpoint.dnsName()), target.data(), Priority.normal); + nameServiceForwarderIn(targetZone).removeRecords(target.type(), + RecordName.from(applicationEndpoint.legacyRegionalDsnName()), + target.data(), + Priority.normal); }); }); } @@ -372,9 +380,8 @@ public class RoutingPolicies { .not().matching(policy -> activeIds.contains(policy.id())); for (var policy : removable) { for (var endpoint : policy.zoneEndpointsIn(controller.system(), RoutingMethod.exclusive, controller.zoneRegistry())) { - var dnsName = endpoint.dnsName(); nameServiceForwarderIn(allocation.deployment.zoneId()).removeRecords(Record.Type.CNAME, - RecordName.from(dnsName), + RecordName.from(endpoint.dnsName()), Priority.normal); } newPolicies.remove(policy.id()); @@ -422,9 +429,17 @@ public class RoutingPolicies { RecordName.from(endpoint.dnsName()), RecordData.fqdn(policy.canonicalName().get().value()), Priority.normal); + forwarder.removeRecords(Record.Type.ALIAS, + RecordName.from(endpoint.legacyRegionalDsnName()), + RecordData.fqdn(policy.canonicalName().get().value()), + Priority.normal); } else { forwarder.removeRecords(Record.Type.DIRECT, - RecordName.from(endpoint.dnsName()), + RecordName.from(endpoint.dnsName()), + RecordData.from(policy.ipAddress().get()), + Priority.normal); + forwarder.removeRecords(Record.Type.DIRECT, + RecordName.from(endpoint.legacyRegionalDsnName()), RecordData.from(policy.ipAddress().get()), Priority.normal); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java index aaae5d9a1cb..978587d9c5c 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java @@ -664,22 +664,22 @@ public class ControllerTest { ZoneId east1a = ZoneId.from("prod", "aws-us-east-1a"); ZoneId east1b = ZoneId.from("prod", "aws-us-east-1b"); // Expected container endpoints are passed to each deployment - Map<DeploymentId, Map<String, Integer>> deploymentEndpoints = Map.of( + Map<DeploymentId, Map<List<String>, Integer>> deploymentEndpoints = Map.of( new DeploymentId(beta, east3), Map.of(), - new DeploymentId(main, east3), Map.of("e.app1.tenant1.r.vespa.oath.cloud", 3), - new DeploymentId(beta, west1), Map.of("d.app1.tenant1.r.vespa.oath.cloud", 3), - new DeploymentId(main, west1), Map.of("d.app1.tenant1.r.vespa.oath.cloud", 7), - new DeploymentId(beta, east1a), Map.of("a.app1.tenant1.r.vespa.oath.cloud", 2, - "b.app1.tenant1.r.vespa.oath.cloud", 1), - new DeploymentId(main, east1a), Map.of("a.app1.tenant1.r.vespa.oath.cloud", 8, - "b.app1.tenant1.r.vespa.oath.cloud", 1), - new DeploymentId(beta, east1b), Map.of("c.app1.tenant1.r.vespa.oath.cloud", 4), - new DeploymentId(main, east1b), Map.of("a.app1.tenant1.r.vespa.oath.cloud", 1) + new DeploymentId(main, east3), Map.of(List.of("e.app1.tenant1.a.vespa.oath.cloud", "e.app1.tenant1.us-east-3-r.vespa.oath.cloud"), 3), + new DeploymentId(beta, west1), Map.of(List.of("d.app1.tenant1.a.vespa.oath.cloud", "d.app1.tenant1.us-west-1-r.vespa.oath.cloud"), 3), + new DeploymentId(main, west1), Map.of(List.of("d.app1.tenant1.a.vespa.oath.cloud", "d.app1.tenant1.us-west-1-r.vespa.oath.cloud"), 7), + new DeploymentId(beta, east1a), Map.of(List.of("a.app1.tenant1.a.vespa.oath.cloud", "a.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), 2, + List.of("b.app1.tenant1.a.vespa.oath.cloud", "b.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), 1), + new DeploymentId(main, east1a), Map.of(List.of("a.app1.tenant1.a.vespa.oath.cloud", "a.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), 8, + List.of("b.app1.tenant1.a.vespa.oath.cloud", "b.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), 1), + new DeploymentId(beta, east1b), Map.of(List.of("c.app1.tenant1.a.vespa.oath.cloud", "c.app1.tenant1.aws-us-east-1b-r.vespa.oath.cloud"), 4), + new DeploymentId(main, east1b), Map.of(List.of("a.app1.tenant1.a.vespa.oath.cloud", "a.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), 1) ); deploymentEndpoints.forEach((deployment, endpoints) -> { Set<ContainerEndpoint> expected = endpoints.entrySet().stream() .map(kv -> new ContainerEndpoint("default", "application", - List.of(kv.getKey()), + kv.getKey(), OptionalInt.of(kv.getValue()), tester.controller().zoneRegistry().routingMethod(deployment.zoneId()))) .collect(Collectors.toSet()); @@ -704,39 +704,63 @@ public class ControllerTest { RecordName.from("main.app1.tenant1.aws-us-east-1b.vespa.oath.cloud"), RecordData.from("lb-0--tenant1.app1.main--prod.aws-us-east-1b.")), new Record(Record.Type.ALIAS, - RecordName.from("a.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("a.app1.tenant1.a.vespa.oath.cloud"), RecordData.from("weighted/lb-0--tenant1.app1.beta--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/2")), new Record(Record.Type.ALIAS, - RecordName.from("a.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("a.app1.tenant1.a.vespa.oath.cloud"), RecordData.from("weighted/lb-0--tenant1.app1.main--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/8")), new Record(Record.Type.ALIAS, - RecordName.from("a.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("a.app1.tenant1.a.vespa.oath.cloud"), RecordData.from("weighted/lb-0--tenant1.app1.main--prod.aws-us-east-1b/dns-zone-1/prod.aws-us-east-1b/1")), new Record(Record.Type.ALIAS, - RecordName.from("b.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("b.app1.tenant1.a.vespa.oath.cloud"), RecordData.from("weighted/lb-0--tenant1.app1.beta--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/1")), new Record(Record.Type.ALIAS, - RecordName.from("b.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("b.app1.tenant1.a.vespa.oath.cloud"), RecordData.from("weighted/lb-0--tenant1.app1.main--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/1")), new Record(Record.Type.ALIAS, - RecordName.from("c.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("c.app1.tenant1.a.vespa.oath.cloud"), RecordData.from("weighted/lb-0--tenant1.app1.beta--prod.aws-us-east-1b/dns-zone-1/prod.aws-us-east-1b/4")), new Record(Record.Type.CNAME, - RecordName.from("d.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("d.app1.tenant1.a.vespa.oath.cloud"), RecordData.from("vip.prod.us-west-1.")), new Record(Record.Type.CNAME, - RecordName.from("e.app1.tenant1.r.vespa.oath.cloud"), + RecordName.from("e.app1.tenant1.a.vespa.oath.cloud"), + RecordData.from("vip.prod.us-east-3.")), + new Record(Record.Type.ALIAS, + RecordName.from("a.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), + RecordData.from("weighted/lb-0--tenant1.app1.beta--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/2")), + new Record(Record.Type.ALIAS, + RecordName.from("a.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), + RecordData.from("weighted/lb-0--tenant1.app1.main--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/8")), + new Record(Record.Type.ALIAS, + RecordName.from("a.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), + RecordData.from("weighted/lb-0--tenant1.app1.main--prod.aws-us-east-1b/dns-zone-1/prod.aws-us-east-1b/1")), + new Record(Record.Type.ALIAS, + RecordName.from("b.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), + RecordData.from("weighted/lb-0--tenant1.app1.beta--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/1")), + new Record(Record.Type.ALIAS, + RecordName.from("b.app1.tenant1.aws-us-east-1a-r.vespa.oath.cloud"), + RecordData.from("weighted/lb-0--tenant1.app1.main--prod.aws-us-east-1a/dns-zone-1/prod.aws-us-east-1a/1")), + new Record(Record.Type.ALIAS, + RecordName.from("c.app1.tenant1.aws-us-east-1b-r.vespa.oath.cloud"), + RecordData.from("weighted/lb-0--tenant1.app1.beta--prod.aws-us-east-1b/dns-zone-1/prod.aws-us-east-1b/4")), + new Record(Record.Type.CNAME, + RecordName.from("d.app1.tenant1.us-west-1-r.vespa.oath.cloud"), + RecordData.from("vip.prod.us-west-1.")), + new Record(Record.Type.CNAME, + RecordName.from("e.app1.tenant1.us-east-3-r.vespa.oath.cloud"), RecordData.from("vip.prod.us-east-3.")))), new TreeSet<>(records)); List<String> endpointDnsNames = tester.controller().routing().declaredEndpointsOf(context.application()) .scope(Endpoint.Scope.application) .sortedBy(comparing(Endpoint::dnsName)) .mapToList(Endpoint::dnsName); - assertEquals(List.of("a.app1.tenant1.r.vespa.oath.cloud", - "b.app1.tenant1.r.vespa.oath.cloud", - "c.app1.tenant1.r.vespa.oath.cloud", - "d.app1.tenant1.r.vespa.oath.cloud", - "e.app1.tenant1.r.vespa.oath.cloud"), + assertEquals(List.of("a.app1.tenant1.a.vespa.oath.cloud", + "b.app1.tenant1.a.vespa.oath.cloud", + "c.app1.tenant1.a.vespa.oath.cloud", + "d.app1.tenant1.a.vespa.oath.cloud", + "e.app1.tenant1.a.vespa.oath.cloud"), endpointDnsNames); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/EndpointTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/EndpointTest.java index 6fe89ae62b7..27684b79d4a 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/EndpointTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/EndpointTest.java @@ -279,28 +279,28 @@ public class EndpointTest { @Test void application_endpoints() { Map<String, Endpoint> tests = Map.of( - "https://weighted.a1.t1.r.vespa-app.cloud/", + "https://weighted.a1.t1.a.vespa-app.cloud/", Endpoint.of(app1) .targetApplication(EndpointId.of("weighted"), ClusterSpec.Id.from("qrs"), Map.of(new DeploymentId(app1.instance("i1"), ZoneId.from("prod", "us-west-1")), 1)) .routingMethod(RoutingMethod.exclusive) .on(Port.tls()) .in(SystemName.Public), - "https://weighted.a1.t1.r.cd.vespa-app.cloud/", + "https://weighted.a1.t1.a.cd.vespa-app.cloud/", Endpoint.of(app1) .targetApplication(EndpointId.of("weighted"), ClusterSpec.Id.from("qrs"), Map.of(new DeploymentId(app1.instance("i1"), ZoneId.from("prod", "us-west-1")), 1)) .routingMethod(RoutingMethod.exclusive) .on(Port.tls()) .in(SystemName.PublicCd), - "https://a2.t2.r.vespa.oath.cloud/", + "https://a2.t2.a.vespa.oath.cloud/", Endpoint.of(app2) .targetApplication(EndpointId.defaultId(), ClusterSpec.Id.from("qrs"), Map.of(new DeploymentId(app2.instance("i1"), ZoneId.from("prod", "us-east-3")), 1)) .routingMethod(RoutingMethod.exclusive) .on(Port.tls()) .in(SystemName.main), - "https://cd.a2.t2.r.vespa.oath.cloud/", + "https://cd.a2.t2.a.vespa.oath.cloud/", Endpoint.of(app2) .targetApplication(EndpointId.defaultId(), ClusterSpec.Id.from("qrs"), Map.of(new DeploymentId(app2.instance("i1"), ZoneId.from("prod", "us-east-3")), 1)) diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificatesTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificatesTest.java index 30a9cabd403..0f7c7fe900a 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificatesTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificatesTest.java @@ -41,6 +41,7 @@ import java.util.List; import java.util.Map; import java.util.Optional; import java.util.Set; +import java.util.TreeSet; import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotEquals; @@ -264,25 +265,29 @@ public class EndpointCertificatesTest { .build(); EndpointCertificateValidatorImpl endpointCertificateValidator = new EndpointCertificateValidatorImpl(secretStore, clock); EndpointCertificates endpointCertificates = new EndpointCertificates(tester.controller(), endpointCertificateMock, endpointCertificateValidator); - List<String> expectedSans = List.of( + Set<String> expectedSans = new TreeSet<>(List.of( "vlfms2wpoa4nyrka2s5lktucypjtxkqhv.internal.vespa-app.cloud", "a1.t1.g.vespa-app.cloud", "*.a1.t1.g.vespa-app.cloud", - "a1.t1.r.vespa-app.cloud", - "*.a1.t1.r.vespa-app.cloud", + "a1.t1.a.vespa-app.cloud", + "a1.t1.aws-us-west-2a.r.vespa-app.cloud", + "a1.t1.aws-us-east-1c.r.vespa-app.cloud", + "*.a1.t1.a.vespa-app.cloud", + "*.a1.t1.aws-us-west-2a.r.vespa-app.cloud", + "*.a1.t1.aws-us-east-1c.r.vespa-app.cloud", "a1.t1.aws-us-east-1c.z.vespa-app.cloud", "*.a1.t1.aws-us-east-1c.z.vespa-app.cloud", "a1.t1.us-east-1.test.z.vespa-app.cloud", "*.a1.t1.us-east-1.test.z.vespa-app.cloud", "a1.t1.us-east-3.staging.z.vespa-app.cloud", "*.a1.t1.us-east-3.staging.z.vespa-app.cloud" - ); + )); Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificates.getMetadata(instance, zone1, applicationPackage.deploymentSpec()); assertTrue(endpointCertificateMetadata.isPresent()); assertTrue(endpointCertificateMetadata.get().keyName().matches("vespa.tls.t1.a1.*-key")); assertTrue(endpointCertificateMetadata.get().certName().matches("vespa.tls.t1.a1.*-cert")); assertEquals(0, endpointCertificateMetadata.get().version()); - assertEquals(expectedSans, endpointCertificateMetadata.get().requestedDnsSans()); + assertEquals(expectedSans, new TreeSet<>(endpointCertificateMetadata.get().requestedDnsSans())); } } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java index 0f03333146f..d6da677cb27 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java @@ -114,10 +114,12 @@ import static org.junit.jupiter.api.Assertions.assertTrue; public class ApplicationApiTest extends ControllerContainerTest { private static final String responseFiles = "src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/"; - private static final String pemPublicKey = "-----BEGIN PUBLIC KEY-----\n" + - "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuKVFA8dXk43kVfYKzkUqhEY2rDT9\n" + - "z/4jKSTHwbYR8wdsOSrJGVEUPbS2nguIJ64OJH7gFnxM6sxUVj+Nm2HlXw==\n" + - "-----END PUBLIC KEY-----\n"; + private static final String pemPublicKey = """ + -----BEGIN PUBLIC KEY----- + MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuKVFA8dXk43kVfYKzkUqhEY2rDT9 + z/4jKSTHwbYR8wdsOSrJGVEUPbS2nguIJ64OJH7gFnxM6sxUVj+Nm2HlXw== + -----END PUBLIC KEY----- + """; private static final String quotedPemPublicKey = pemPublicKey.replaceAll("\\n", "\\\\n"); private static final String accessDenied = "{\n \"code\" : 403,\n \"message\" : \"Access denied\"\n}"; diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/deployment.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/deployment.json index 3a274349835..cc42b3e006c 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/deployment.json +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/deployment.json @@ -24,7 +24,7 @@ { "cluster": "foo", "tls": true, - "url": "https://a0.application1.tenant1.r.vespa.oath.cloud/", + "url": "https://a0.application1.tenant1.a.vespa.oath.cloud/", "scope": "application", "routingMethod": "sharedLayer4", "legacy": false diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/instance1-recursive.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/instance1-recursive.json index 310e948478b..f37112ea887 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/instance1-recursive.json +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/instance1-recursive.json @@ -111,7 +111,7 @@ { "cluster": "foo", "tls": true, - "url": "https://a0.application1.tenant1.r.vespa.oath.cloud/", + "url": "https://a0.application1.tenant1.a.vespa.oath.cloud/", "scope": "application", "routingMethod": "sharedLayer4", "legacy": false diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/recursive-root.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/recursive-root.json index 6bb48df75d9..4458040858b 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/recursive-root.json +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/recursive-root.json @@ -118,7 +118,7 @@ { "cluster": "foo", "tls": true, - "url": "https://a0.application1.tenant1.r.vespa.oath.cloud/", + "url": "https://a0.application1.tenant1.a.vespa.oath.cloud/", "scope": "application", "routingMethod": "sharedLayer4", "legacy": false diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/tenant1-recursive.json b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/tenant1-recursive.json index 167efce9b9e..ea025b60d1b 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/tenant1-recursive.json +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/responses/tenant1-recursive.json @@ -117,7 +117,7 @@ { "cluster": "foo", "tls": true, - "url": "https://a0.application1.tenant1.r.vespa.oath.cloud/", + "url": "https://a0.application1.tenant1.a.vespa.oath.cloud/", "scope": "application", "routingMethod": "sharedLayer4", "legacy": false |