diff options
author | Ola Aunrønning <olaa@yahooinc.com> | 2023-01-20 13:50:17 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-01-20 13:50:17 +0100 |
commit | 0bd21f594e95e2b3d6123f554aab80fab1f54917 (patch) | |
tree | f90a080d96b7af6ec60fb707b57282632dc32b00 | |
parent | 48e3163e6ebab7cf161309e72549f32bcd4bf860 (diff) | |
parent | 323eebb89e67668f5175ca3c83f101b60202aaff (diff) |
Merge pull request #25511 from vespa-engine/olaa/vathenz-enclave-resources
Adds Athenz resource helper functions
5 files changed, 20 insertions, 5 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java index f6dc52294e0..d5e815912c5 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java @@ -268,7 +268,7 @@ public class ZmsClientMock implements ZmsClient { } @Override - public void createSubdomain(AthenzDomain parent, String name) {} + public void createSubdomain(AthenzDomain parent, String name, Map<String, Object> attributes) {} @Override public AthenzRoleInformation getFullRoleInformation(AthenzRole role) { diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzDomain.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzDomain.java index 155ba8ab66a..d162a1b2e50 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzDomain.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzDomain.java @@ -22,6 +22,11 @@ public class AthenzDomain { this.name = name; } + public AthenzDomain(AthenzDomain parentDomain, String subdomain) { + validateName(parentDomain.getName() + "." + subdomain); + this.name = parentDomain.getName() + "." + subdomain; + } + private static void validateName(String name) { if (!NAME_PATTERN.matcher(name).matches()) { throw new IllegalArgumentException("Not a valid domain name: '" + name + "'"); diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzService.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzService.java index 11dcfa3680e..0ab8ad47e0f 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzService.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzService.java @@ -31,6 +31,10 @@ public class AthenzService implements AthenzIdentity { this.serviceName = service.serviceName; } + public AthenzResourceName toResourceName() { + return new AthenzResourceName(domain, "service." + serviceName); + } + @Override public AthenzDomain getDomain() { return domain; diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java index 68a71b9663f..44ea5ef329f 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java @@ -423,13 +423,15 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient { } @Override - public void createSubdomain(AthenzDomain parent, String name) { + public void createSubdomain(AthenzDomain parent, String name, Map<String, Object> attributes) { URI uri = zmsUrl.resolve(String.format("subdomain/%s", parent.getName())); - StringEntity entity = toJsonStringEntity( - Map.of("name", name, + var metaData = new HashMap<String, Object>(); + metaData.putAll(attributes); + metaData.putAll(Map.of("name", name, "parent", parent.getName(), "adminUsers", List.of(identity.getFullName())) // TODO: createSubdomain should receive an adminUsers argument ); + var entity = toJsonStringEntity(metaData); var request = RequestBuilder.post(uri) .setEntity(entity) .build(); diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java index be4c6c7ba3b..4342b32e4c8 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java @@ -85,7 +85,11 @@ public interface ZmsClient extends Closeable { void deleteRole(AthenzRole athenzRole); - void createSubdomain(AthenzDomain parent, String name); + void createSubdomain(AthenzDomain parent, String name, Map<String, Object> attributes); + + default void createSubdomain(AthenzDomain parent, String name) { + createSubdomain(parent, name, Map.of()); + }; AthenzRoleInformation getFullRoleInformation(AthenzRole role); |