diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-08-28 21:40:05 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-08-28 21:40:05 +0200 |
commit | 8b37b6ed1eafc8d8967e4732ea978ed1806eca71 (patch) | |
tree | 3c401b108b9095f8cae4c580737a85f9077042c8 /athenz-identity-provider-service/src/test | |
parent | ec8efebdb70dd4c07288b0b9c6398af6635dced4 (diff) |
Revert "Include instance hostname in Athenz node certificates"
This reverts commit aca45ba95c5fb0b7d9c1fe89ee3a866ff65c76ac.
Diffstat (limited to 'athenz-identity-provider-service/src/test')
-rw-r--r-- | athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java | 46 |
1 files changed, 6 insertions, 40 deletions
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java index 89ca24f3e93..d5787516254 100644 --- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java +++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/instanceconfirmation/InstanceValidatorTest.java @@ -1,6 +1,7 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.athenz.instanceproviderservice.instanceconfirmation; +import com.google.common.collect.ImmutableList; import com.yahoo.component.Version; import com.yahoo.config.model.api.ApplicationInfo; import com.yahoo.config.model.api.HostInfo; @@ -122,7 +123,7 @@ public class InstanceValidatorTest { nodeList = allocateNode(nodeList, node, applicationId); when(nodeRepository.getNodes()).thenReturn(nodeList); String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node")); - InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, node.hostname(), List.of(nodeIp)); + InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, ImmutableList.of(nodeIp)); assertTrue(instanceValidator.isValidRefresh(instanceConfirmation)); } @@ -139,41 +140,7 @@ public class InstanceValidatorTest { String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node")); // Add invalid ip to list of ip addresses - InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, node.hostname(), List.of(nodeIp, "::ff")); - - assertFalse(instanceValidator.isValidRefresh(instanceConfirmation)); - } - - @Test - public void rejects_invalid_hostname() { - NodeRepository nodeRepository = mock(NodeRepository.class); - InstanceValidator instanceValidator = new InstanceValidator(null, null, nodeRepository); - - List<Node> nodeList = createNodes(10); - Node node = nodeList.get(0); - nodeList = allocateNode(nodeList, node, applicationId); - when(nodeRepository.getNodes()).thenReturn(nodeList); - String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node")); - - // Add invalid ip to list of ip addresses - InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, "invalidhostname", List.of(nodeIp)); - - assertFalse(instanceValidator.isValidRefresh(instanceConfirmation)); - } - - @Test - public void rejects_hostname_for_tenant_certificates() { - NodeRepository nodeRepository = mock(NodeRepository.class); - InstanceValidator instanceValidator = new InstanceValidator(null, null, nodeRepository); - - List<Node> nodeList = createNodes(10); - Node node = nodeList.get(0); - nodeList = allocateNode(nodeList, node, applicationId); - when(nodeRepository.getNodes()).thenReturn(nodeList); - String nodeIp = node.ipAddresses().stream().findAny().orElseThrow(() -> new RuntimeException("No ipaddress for mocked node")); - - // Add invalid ip to list of ip addresses - InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.TENANT, node.hostname(), List.of(nodeIp)); + InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, ImmutableList.of(nodeIp, "::ff")); assertFalse(instanceValidator.isValidRefresh(instanceConfirmation)); } @@ -185,7 +152,7 @@ public class InstanceValidatorTest { List<Node> nodeList = createNodes(10); when(nodeRepository.getNodes()).thenReturn(nodeList); - InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, IdentityType.NODE, nodeList.get(0).hostname(), List.of("::11")); + InstanceConfirmation instanceConfirmation = createRefreshInstanceConfirmation(applicationId, domain, service, ImmutableList.of("::11")); assertFalse(instanceValidator.isValidRefresh(instanceConfirmation)); @@ -206,11 +173,10 @@ public class InstanceValidatorTest { return createInstanceConfirmation(vespaUniqueInstanceId, domain, service, signedIdentityDocument); } - private InstanceConfirmation createRefreshInstanceConfirmation(ApplicationId applicationId, String domain, String service, IdentityType identityType, String hostname, List<String> ips) { - VespaUniqueInstanceId vespaUniqueInstanceId = new VespaUniqueInstanceId(0, "default", applicationId.instance().value(), applicationId.application().value(), applicationId.tenant().value(), "us-north-1", "dev", identityType); + private InstanceConfirmation createRefreshInstanceConfirmation(ApplicationId applicationId, String domain, String service, List<String> ips) { + VespaUniqueInstanceId vespaUniqueInstanceId = new VespaUniqueInstanceId(0, "default", applicationId.instance().value(), applicationId.application().value(), applicationId.tenant().value(), "us-north-1", "dev", IdentityType.NODE); InstanceConfirmation instanceConfirmation = createInstanceConfirmation(vespaUniqueInstanceId, domain, service, null); instanceConfirmation.set("sanIP", String.join(",", ips)); - instanceConfirmation.set(InstanceConfirmation.HOSTNAME_ATTRIBUTE, hostname); return instanceConfirmation; } |