Merge pull request #10890 from vespa-engine/jvenstad/default-to-user-instance-name

Jvenstad/default to user instance name

4 files changed, 42 insertions, 18 deletions

diff --git a/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java b/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java
index 0ca1b3e5603..9c7380180f7 100644
--- a/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java
+++ b/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java
@@ -16,38 +16,62 @@ import java.util.Optional;
  */
 public class Properties {
 
+    /**
+     * Returns the relevant application ID. This is the 'tenant', 'application' and 'instance' properties.
+     * The instance defaults to the user name of the current user, if not explicitly set.
+     */
     public static ApplicationId application() {
         return ApplicationId.from(requireNonBlankProperty("tenant"),
                                   requireNonBlankProperty("application"),
-                                  getNonBlankProperty("instance").orElse("default"));
+                                  getNonBlankProperty("instance").orElse(user()));
     }
 
+    /** Returns the relevant environment, if this is set with the 'environment' property */
     public static Optional<Environment> environment() {
         return getNonBlankProperty("environment").map(Environment::from);
     }
 
+    /** Returns the relevant region, if this is set with the 'region' property */
     public static Optional<RegionName> region() {
         return getNonBlankProperty("region").map(RegionName::from);
     }
 
-    public static URI endpoint() {
+    /** Returns the URL of the API endpoint of the Vespa cloud. This must be set with the 'endpoint' property. */
+    public static URI apiEndpoint() {
         return URI.create(requireNonBlankProperty("endpoint"));
     }
 
-    public static Path privateKeyFile() {
+    /** Returns the path of the API private key. This must be set with the 'privateKeyFile' property. */
+    public static Path apiPrivateKeyFile() {
         return Paths.get(requireNonBlankProperty("privateKeyFile"));
     }
 
-    public static Optional<Path> certificateFile() {
+    /** Returns the path of the API certificate, if this is set with the 'certificateFile' property. */
+    public static Optional<Path> apiCertificateFile() {
         return getNonBlankProperty("certificateFile").map(Paths::get);
     }
 
+    /** Returns the path of the data plane certificate file, if this is set with the 'dataPlaneCertificateFile' property. */
+    public static Optional<Path> dataPlaneCertificateFile() {
+        return getNonBlankProperty("dataPlaneCertificateFile").map(Paths::get);
+    }
+
+    /** Returns the path of the data plane private key file, if this is set with the 'dataPlanePrivateKeyFile' property. */
+    public static Optional<Path> dataPlanePrivateKeyFile() {
+        return getNonBlankProperty("dataPlaneKeyFile").map(Paths::get);
+    }
+
+    /** Returns the user name of the current user. This is set with the 'user.name' property. */
+    public static String user() {
+        return System.getProperty("user.name");
+    }
+
     /** Returns the system property with the given name if it is set, or empty. */
     public static Optional<String> getNonBlankProperty(String name) {
         return Optional.ofNullable(System.getProperty(name)).filter(value -> ! value.isBlank());
     }
 
-    /** Returns the system property with the given name if it is set, or throws. */
+    /** Returns the system property with the given name if it is set, or throws an IllegalStateException. */
     public static String requireNonBlankProperty(String name) {
         return getNonBlankProperty(name).orElseThrow(() -> new IllegalStateException("Missing required property '" + name + "'"));
     }
diff --git a/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java b/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java
index 9de06e7f4da..f6a88ec83c2 100644
--- a/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java
+++ b/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java
@@ -8,13 +8,13 @@ public class ApiAuthenticator implements ai.vespa.hosted.api.ApiAuthenticator {
     /** Returns a controller client using mTLS if a key and certificate pair is provided, or signed requests otherwise. */
     @Override
     public ControllerHttpClient controller() {
-        return Properties.certificateFile()
-                         .map(certificateFile -> ControllerHttpClient.withKeyAndCertificate(Properties.endpoint(),
-                                                                                            Properties.privateKeyFile(),
+        return Properties.apiCertificateFile()
+                         .map(certificateFile -> ControllerHttpClient.withKeyAndCertificate(Properties.apiEndpoint(),
+                                                                                            Properties.apiPrivateKeyFile(),
                                                                                             certificateFile))
                          .orElseGet(() ->
-                                            ControllerHttpClient.withSignatureKey(Properties.endpoint(),
-                                                                                  Properties.privateKeyFile(),
+                                            ControllerHttpClient.withSignatureKey(Properties.apiEndpoint(),
+                                                                                  Properties.apiPrivateKeyFile(),
                                                                                   Properties.application()));
     }
 
diff --git a/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java b/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java
index c9640763ac8..e51476907e2 100644
--- a/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java
+++ b/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java
@@ -1,5 +1,6 @@
 package ai.vespa.hosted.auth;
 
+import ai.vespa.hosted.api.Properties;
 import com.yahoo.config.provision.SystemName;
 import com.yahoo.security.KeyUtils;
 import com.yahoo.security.SslContextBuilder;
@@ -47,12 +48,10 @@ public class EndpointAuthenticator implements ai.vespa.hosted.api.EndpointAuthen
                 privateKeyFile = credentialsRoot.resolve("key");
             }
             else {
-                Optional<String> certificateFileProperty = getNonBlankProperty("dataPlaneCertificateFile");
-                if (certificateFileProperty.isPresent())
-                    certificateFile = Path.of(certificateFileProperty.get());
-                Optional<String> privateKeyFileProperty = getNonBlankProperty("dataPlaneKeyFile");
-                if (privateKeyFileProperty.isPresent())
-                    privateKeyFile = Path.of(privateKeyFileProperty.get());
+                if (Properties.dataPlaneCertificateFile().isPresent())
+                    certificateFile = Properties.dataPlaneCertificateFile().get();
+                if (Properties.dataPlanePrivateKeyFile().isPresent())
+                    privateKeyFile = Properties.dataPlanePrivateKeyFile().get();
             }
             if (certificateFile != null && privateKeyFile != null) {
                 X509Certificate certificate = X509CertificateUtils.fromPem(new String(Files.readAllBytes(certificateFile)));
@@ -67,7 +66,7 @@ public class EndpointAuthenticator implements ai.vespa.hosted.api.EndpointAuthen
             logger.warning(  "##################################################################################\n"
                            + "# Data plane key and/or certificate missing; please specify                      #\n"
                            + "# '-DdataPlaneCertificateFile=/path/to/certificate' and                          #\n"
-                           + "# '-DdataPlaneKeyFile=/path/to/private_key.                                      #\n"
+                           + "# '-DdataPlaneKeyFile=/path/to/private_key'.                                     #\n"
                            + "# Trying the default SSLContext, but this will most likely cause HTTP error 401. #\n"
                            + "##################################################################################");
             return SSLContext.getDefault();
diff --git a/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java b/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java
index bf8f6f83f53..3f6817df96d 100644
--- a/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java
+++ b/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java
@@ -1,6 +1,7 @@
 package ai.vespa.hosted.plugin;
 
 import ai.vespa.hosted.api.ControllerHttpClient;
+import ai.vespa.hosted.api.Properties;
 import com.yahoo.config.provision.ApplicationId;
 import org.apache.maven.plugin.AbstractMojo;
 import org.apache.maven.plugin.MojoExecutionException;
@@ -64,7 +65,7 @@ public abstract class AbstractVespaMojo extends AbstractMojo {
     protected void setup() {
         tenant = firstNonBlank(tenant, project.getProperties().getProperty("tenant"));
         application = firstNonBlank(application, project.getProperties().getProperty("application"));
-        instance = firstNonBlank(instance, project.getProperties().getProperty("instance", "default"));
+        instance = firstNonBlank(instance, project.getProperties().getProperty("instance", Properties.user()));
         id = ApplicationId.from(tenant, application, instance);
 
         controller = certificateFile == null