Merge with master

3 files changed, 24 insertions, 10 deletions

diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java
index 06f8d347b78..26a88896fb9 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java
@@ -65,8 +65,9 @@ public class AthenzInstanceProviderService extends AbstractComponent {
                                           SslContextFactory sslContextFactory) {
         this(config, scheduler, zone, sslContextFactory,
                 new InstanceValidator(keyProvider, superModelProvider),
-                new IdentityDocumentGenerator(config, nodeRepository, zone, keyProvider),
-                new AthenzCertificateUpdater(certificateClient, sslContextFactory, keyProvider, config));
+                new IdentityDocumentGenerator(config, getZoneConfig(config, zone), nodeRepository, zone, keyProvider),
+                new AthenzCertificateUpdater(
+                        certificateClient, sslContextFactory, keyProvider, config, getZoneConfig(config, zone)));
     }
 
     AthenzInstanceProviderService(AthenzProviderServiceConfig config,
@@ -149,7 +150,7 @@ public class AthenzInstanceProviderService extends AbstractComponent {
                                  SslContextFactory sslContextFactory,
                                  KeyProvider keyProvider,
                                  AthenzProviderServiceConfig config,
-                                         AthenzProviderServiceConfig.Zones zoneConfig) {
+                                 AthenzProviderServiceConfig.Zones zoneConfig) {
             this.certificateClient = certificateClient;
             this.sslContextFactory = sslContextFactory;
             this.keyProvider = keyProvider;
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java
index 6a74d9ce3ad..bf0746aee7e 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java
@@ -1,6 +1,7 @@
 // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.hosted.athenz.instanceproviderservice;
 
+import athenz.shade.zts.jersey.repackaged.com.google.common.collect.ImmutableMap;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.yahoo.config.provision.Environment;
 import com.yahoo.config.provision.RegionName;
@@ -88,13 +89,14 @@ public class AthenzInstanceProviderServiceTest {
 
         AutoGeneratedKeyProvider keyProvider = new AutoGeneratedKeyProvider();
         PrivateKey privateKey = keyProvider.getPrivateKey(0);
-        AthenzProviderServiceConfig config = getAthenzProviderConfig(domain, service, "vespa.dns.suffix");
+        AthenzProviderServiceConfig config = getAthenzProviderConfig(domain, service, "vespa.dns.suffix", ZONE);
         SslContextFactory sslContextFactory =  AthenzInstanceProviderService.createSslContextFactory();
         AthenzCertificateUpdater certificateUpdater = new AthenzCertificateUpdater(
-                new SelfSignedCertificateClient(keyProvider.getKeyPair(), config),
+                new SelfSignedCertificateClient(keyProvider.getKeyPair(), config, getZoneConfig(config, ZONE)),
                 sslContextFactory,
                 keyProvider,
-                config);
+                config,
+                getZoneConfig(config, ZONE));
 
         ScheduledExecutorService executor = mock(ScheduledExecutorService.class);
         when(executor.awaitTermination(anyLong(), any())).thenReturn(true);
@@ -120,7 +122,14 @@ public class AthenzInstanceProviderServiceTest {
         }
     }
 
-    public static AthenzProviderServiceConfig getAthenzProviderConfig(String domain, String service, String dnsSuffix) {
+    public static AthenzProviderServiceConfig getAthenzProviderConfig(String domain, String service, String dnsSuffix, Zone zone) {
+        AthenzProviderServiceConfig.Zones.Builder zoneConfig =
+                new AthenzProviderServiceConfig.Zones.Builder()
+                        .serviceName(service)
+                        .secretVersion(0)
+                        .domain(domain)
+                        .secretName("s3cr3t");
+
         return new AthenzProviderServiceConfig(
                         new AthenzProviderServiceConfig.Builder()
                                 .zones(ImmutableMap.of(zone.environment().value() + "." + zone.region().value(), zoneConfig))
@@ -132,7 +141,7 @@ public class AthenzInstanceProviderServiceTest {
 
     }
 
-    private AthenzProviderServiceConfig.Zones getZoneConfig(AthenzProviderServiceConfig config, Zone zone) {
+    public static AthenzProviderServiceConfig.Zones getZoneConfig(AthenzProviderServiceConfig config, Zone zone) {
         return config.zones(zone.environment().value() + "." + zone.region().value());
     }
 
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java
index faa166602cc..d77757374ce 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGeneratorTest.java
@@ -13,8 +13,8 @@ import com.yahoo.config.provision.RegionName;
 import com.yahoo.config.provision.SystemName;
 import com.yahoo.config.provision.TenantName;
 import com.yahoo.config.provision.Zone;
-import com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest.AutoGeneratedKeyProvider;
+import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.model.ProviderUniqueId;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.model.SignedIdentityDocument;
 import com.yahoo.vespa.hosted.provision.Node;
@@ -27,6 +27,8 @@ import org.junit.Test;
 import java.util.HashSet;
 import java.util.Optional;
 
+import static com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest.getAthenzProviderConfig;
+import static com.yahoo.vespa.hosted.athenz.instanceproviderservice.AthenzInstanceProviderServiceTest.getZoneConfig;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
 import static org.mockito.Matchers.eq;
@@ -63,8 +65,10 @@ public class IdentityDocumentGeneratorTest {
         AutoGeneratedKeyProvider keyProvider = new AutoGeneratedKeyProvider();
 
         String dnsSuffix = "vespa.dns.suffix";
+        AthenzProviderServiceConfig config = getAthenzProviderConfig("domain", "service", dnsSuffix, ZONE);
         IdentityDocumentGenerator identityDocumentGenerator = new IdentityDocumentGenerator(
-                AthenzInstanceProviderServiceTest.getAthenzProviderConfig("domain", "service", dnsSuffix),
+                config,
+                getZoneConfig(config, ZONE),
                 nodeRepository,
                 ZONE,
                 keyProvider);