diff options
author | jonmv <venstad@gmail.com> | 2023-06-30 17:12:11 +0200 |
---|---|---|
committer | jonmv <venstad@gmail.com> | 2023-06-30 17:12:11 +0200 |
commit | 8aa5007433b8512cfba31825f83be01ca25bc928 (patch) | |
tree | 5453536900977513917183137054e1609a1be893 | |
parent | 8ff5c45ca2429ed8fb5cdb252043af97e6e89d99 (diff) |
Set up GCP container identities for enclaves
2 files changed, 69 insertions, 3 deletions
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java b/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java index 91da7866603..cb52ece16a7 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java @@ -13,10 +13,10 @@ import java.util.stream.Collectors; */ public class CloudAccount implements Comparable<CloudAccount> { - private record CloudMeta(String accountType, Pattern pattern) { + public record CloudMeta(String accountType, Pattern pattern) { private boolean matches(String account) { return pattern.matcher(account).matches(); } } - private static final Map<String, CloudMeta> META_BY_CLOUD = Map.of( + public static final Map<String, CloudMeta> META_BY_CLOUD = Map.of( "aws", new CloudMeta("Account ID", Pattern.compile("[0-9]{12}")), "gcp", new CloudMeta("Project ID", Pattern.compile("[a-z][a-z0-9-]{4,28}[a-z0-9]"))); diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzDbMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzDbMock.java index 9a9c2af2d5d..820dc2ac573 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzDbMock.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzDbMock.java @@ -96,6 +96,35 @@ public class AthenzDbMock { public boolean checkAccess(AthenzIdentity principal, String action, String resource) { return policies.values().stream().anyMatch(a -> a.matches(principal, action, resource)); } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + Domain domain = (Domain) o; + return isVespaTenant == domain.isVespaTenant && Objects.equals(name, domain.name) && Objects.equals(admins, domain.admins) && Objects.equals(tenantAdmins, domain.tenantAdmins) && Objects.equals(applications, domain.applications) && Objects.equals(services, domain.services) && Objects.equals(roles, domain.roles) && Objects.equals(policies, domain.policies) && Objects.equals(attributes, domain.attributes); + } + + @Override + public int hashCode() { + return Objects.hash(name, admins, tenantAdmins, applications, services, roles, policies, isVespaTenant, attributes); + } + + @Override + public String toString() { + return "Domain{" + + "name=" + name + + ", admins=" + admins + + ", tenantAdmins=" + tenantAdmins + + ", applications=" + applications + + ", services=" + services + + ", roles=" + roles + + ", policies=" + policies + + ", isVespaTenant=" + isVespaTenant + + ", attributes=" + attributes + + '}'; + } + } public static class Application { @@ -121,11 +150,30 @@ public class AthenzDbMock { public Service(boolean allowLaunch) { this.allowLaunch = allowLaunch; } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + Service service = (Service) o; + return allowLaunch == service.allowLaunch; + } + + @Override + public int hashCode() { + return Objects.hash(allowLaunch); + } + + @Override + public String toString() { + return allowLaunch ? "allowed" : "denied"; + } + } public static class Policy { private final String name; - final List<Assertion> assertions = new ArrayList<>(); + public final List<Assertion> assertions = new ArrayList<>(); public Policy(String name, String principal, String action, String resource) { this(name); @@ -158,6 +206,12 @@ public class AthenzDbMock { public int hashCode() { return Objects.hash(name, assertions); } + + @Override + public String toString() { + return name + ": " + assertions; + } + } public static class Assertion { @@ -203,6 +257,12 @@ public class AthenzDbMock { public int hashCode() { return Objects.hash(effect, role, action, resource); } + + @Override + public String toString() { + return asString(); + } + } public static class Role { @@ -228,5 +288,11 @@ public class AthenzDbMock { public int hashCode() { return Objects.hash(name); } + + @Override + public String toString() { + return name; + } + } } |