diff options
author | Valerij Fredriksen <valerijf@oath.com> | 2017-11-02 16:13:13 +0100 |
---|---|---|
committer | Valerij Fredriksen <valerijf@oath.com> | 2017-11-02 16:13:13 +0100 |
commit | baf0f7b4be6716a930974e16f0764f997a5d67e1 (patch) | |
tree | 0febbaf7494debe095f3f6b96334f75914f48fd0 /athenz-identity-provider-service | |
parent | 1e1b84fbf754e5e90f815a5c2f83ca79865505d5 (diff) |
Merge with master
Diffstat (limited to 'athenz-identity-provider-service')
3 files changed, 24 insertions, 10 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java index 06f8d347b78..26a88896fb9 100644 --- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java +++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java @@ -65,8 +65,9 @@ public class AthenzInstanceProviderService extends AbstractComponent { SslContextFactory sslContextFactory) { this(config, scheduler, zone, sslContextFactory, new InstanceValidator(keyProvider, superModelProvider), - new IdentityDocumentGenerator(config, nodeRepository, zone, keyProvider), - new AthenzCertificateUpdater(certificateClient, sslContextFactory, keyProvider, config)); + new IdentityDocumentGenerator(config, getZoneConfig(config, zone), nodeRepository, zone, keyProvider), + new AthenzCertificateUpdater( + certificateClient, sslContextFactory, keyProvider, config, getZoneConfig(config, zone))); } AthenzInstanceProviderService(AthenzProviderServiceConfig config, @@ -149,7 +150,7 @@ public class AthenzInstanceProviderService extends AbstractComponent { SslContextFactory sslContextFactory, KeyProvider keyProvider, AthenzProviderServiceConfig config, - AthenzProviderServiceConfig.Zones zoneConfig) { + AthenzProviderServiceConfig.Zones zoneConfig) { this.certificateClient = certificateClient; this.sslContextFactory = sslContextFactory; this.keyProvider = keyProvider; diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java index 6a74d9ce3ad..bf0746aee7e 100644 --- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java +++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java @@ -1,6 +1,7 @@ // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.athenz.instanceproviderservice; +import athenz.shade.zts.jersey.repackaged.com.google.common.collect.ImmutableMap; import com.fasterxml.jackson.databind.ObjectMapper; import com.yahoo.config.provision.Environment; import com.yahoo.config.provision.RegionName; @@ -88,13 +89,14 @@ public class AthenzInstanceProviderServiceTest { AutoGeneratedKeyProvider keyProvider = new AutoGeneratedKeyProvider(); PrivateKey privateKey = keyProvider.getPrivateKey(0); - AthenzProviderServiceConfig config = getAthenzProviderConfig(domain, service, "vespa.dns.suffix"); + AthenzProviderServiceConfig config = getAthenzProviderConfig(domain, service, "vespa.dns.suffix", ZONE); SslContextFactory sslContextFactory = AthenzInstanceProviderService.createSslContextFactory(); AthenzCertificateUpdater certificateUpdater = new AthenzCertificateUpdater( - new SelfSignedCertificateClient(keyProvider.getKeyPair(), config), + new SelfSignedCertificateClient(keyProvider.getKeyPair(), config, getZoneConfig(config, ZONE)), sslContextFactory, keyProvider, - config); + config, + getZoneConfig(config, ZONE)); ScheduledExecutorService executor = mock(ScheduledExecutorService.class); when(executor.awaitTermination(anyLong(), any())).thenReturn(true); @@ -120,7 +122,14 @@ public class AthenzInstanceProviderServiceTest { } } - public static AthenzProviderServiceConfig getAthenzProviderConfig(String domain, String service, String dnsSuffix) { + public static AthenzProviderServiceConfig getAthenzProviderConfig(String domain, String service, String dnsSuffix, Zone zone) { + AthenzProviderServiceConfig.Zones.Builder zoneConfig = + new AthenzProviderServiceConfig.Zones.Builder() + .serviceName(service) + .secretVersion(0) + .domain(domain) + .secretName("s3cr3t"); + return new AthenzProviderServiceConfig( new AthenzProviderServiceConfig.Builder() .zones(ImmutableMap.of(zone.environment().value() + "." + zone.region().value(), zoneConfig)) @@ -132,7 +141,7 @@ public class AthenzInstanceProviderServiceTest { } - private AthenzProviderServiceConfig.Zones getZoneConfig(AthenzProviderServiceConfig config, Zone zone) { + public static AthenzProviderServiceConfig.Zones getZoneConfig(AthenzProviderServiceConfig config, Zone zone) { return config.zones(zone.environment().value() + "." + zone.region().value()); } diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java index faa166602cc..d77757374ce 100644 --- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java +++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java @@ -13,8 +13,8 @@ import com.yahoo.config.provision.RegionName; import com.yahoo.config.provision.SystemName; import com.yahoo.config.provision.TenantName; import com.yahoo.config.provision.Zone; -import com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest; import com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest.AutoGeneratedKeyProvider; +import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig; import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.model.ProviderUniqueId; import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.model.SignedIdentityDocument; import com.yahoo.vespa.hosted.provision.Node; @@ -27,6 +27,8 @@ import org.junit.Test; import java.util.HashSet; import java.util.Optional; +import static com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest.getAthenzProviderConfig; +import static com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest.getZoneConfig; import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertTrue; import static org.mockito.Matchers.eq; @@ -63,8 +65,10 @@ public class IdentityDocumentGeneratorTest { AutoGeneratedKeyProvider keyProvider = new AutoGeneratedKeyProvider(); String dnsSuffix = "vespa.dns.suffix"; + AthenzProviderServiceConfig config = getAthenzProviderConfig("domain", "service", dnsSuffix, ZONE); IdentityDocumentGenerator identityDocumentGenerator = new IdentityDocumentGenerator( - AthenzInstanceProviderServiceTest.getAthenzProviderConfig("domain", "service", dnsSuffix), + config, + getZoneConfig(config, ZONE), nodeRepository, ZONE, keyProvider); |