Start component in cd only

author: Morten Tokle <mortent@oath.com> 2017-10-24 15:35:19 +0200
committer: Morten Tokle <mortent@oath.com> 2017-10-24 15:35:19 +0200
commit: 1720affe7397384e19f297f147f2d66514f608bd (patch)
tree: 9bbe8b4f37e1d043c25df147b0b25ffb44082b4f /athenz-identity-provider-service
parent: c668472b01ea333135a5c09300f8816d9d774cc2 (diff)
4 files changed, 28 insertions, 18 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java
index 301d6250b31..38d7a999efd 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderService.java
@@ -8,12 +8,13 @@ import com.yahoo.athenz.auth.util.Crypto;
 import com.yahoo.athenz.zts.InstanceRefreshRequest;
 import com.yahoo.athenz.zts.ZTSClient;
 import com.yahoo.component.AbstractComponent;
+import com.yahoo.config.provision.SystemName;
 import com.yahoo.config.provision.Zone;
 import com.yahoo.jdisc.http.ssl.ReaderForPath;
 import com.yahoo.jdisc.http.ssl.pem.PemKeyStore;
 import com.yahoo.jdisc.http.ssl.pem.PemSslKeyStore;
 import com.yahoo.log.LogLevel;
-import com.yahoo.vespa.hosted.athenz.identityproviderservice.config.AthenzProviderServiceConfig;
+import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.FileBackedKeyProvider;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.IdentityDocumentGenerator;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.InstanceValidator;
@@ -56,17 +57,23 @@ public class AthenzInstanceProviderService extends AbstractComponent {
     AthenzInstanceProviderService(AthenzProviderServiceConfig config,
                                   KeyProvider keyProvider,
                                   ScheduledExecutorService scheduler, NodeRepository nodeRepository, Zone zone) {
-        this.scheduler = scheduler;
-        SslContextFactory sslContextFactory = createSslContextFactory();
-        this.jetty = createJettyServer(config, keyProvider, sslContextFactory,
-                                       nodeRepository, zone);
-        AthenzCertificateUpdater reloader = new AthenzCertificateUpdater(
-                sslContextFactory, keyProvider, config);
-        scheduler.scheduleAtFixedRate(reloader, 0, 1, TimeUnit.DAYS);
-        try {
-            jetty.start();
-        } catch (Exception e) {
-            throw new RuntimeException(e);
+        // TODO: Enable for all systems. Currently enabled for CD system only
+        if (SystemName.cd.equals(zone.system())) {
+            this.scheduler = scheduler;
+            SslContextFactory sslContextFactory = createSslContextFactory();
+            this.jetty = createJettyServer(config, keyProvider, sslContextFactory,
+                                           nodeRepository, zone);
+            AthenzCertificateUpdater reloader = new AthenzCertificateUpdater(
+                    sslContextFactory, keyProvider, config);
+            scheduler.scheduleAtFixedRate(reloader, 0, 1, TimeUnit.DAYS);
+            try {
+                jetty.start();
+            } catch (Exception e) {
+                throw new RuntimeException(e);
+            }
+        } else {
+            this.scheduler = null;
+            this.jetty = null;
         }
     }
 
@@ -165,10 +172,13 @@ public class AthenzInstanceProviderService extends AbstractComponent {
     @Override
     public void deconstruct() {
         try {
+            // TODO: Fix deconstruct when setup properly in all zones
             log.log(LogLevel.INFO, "Deconstructing Athenz provider service");
-            scheduler.shutdown();
-            jetty.stop();
-            if (!scheduler.awaitTermination(1, TimeUnit.MINUTES)) {
+            if(scheduler != null)
+                scheduler.shutdown();
+            if(jetty !=null)
+                jetty.stop();
+            if (scheduler != null && !scheduler.awaitTermination(1, TimeUnit.MINUTES)) {
                 log.log(LogLevel.ERROR, "Failed to stop certificate updater");
             }
         } catch (InterruptedException e) {
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGenerator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGenerator.java
index 2284f63aba5..4669563d8df 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGenerator.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/impl/IdentityDocumentGenerator.java
@@ -3,7 +3,7 @@ package com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl;
 
 import com.yahoo.athenz.auth.util.Crypto;
 import com.yahoo.config.provision.Zone;
-import com.yahoo.vespa.hosted.athenz.identityproviderservice.config.AthenzProviderServiceConfig;
+import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.model.IdentityDocument;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.model.ProviderUniqueId;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.model.SignedIdentityDocument;
diff --git a/athenz-identity-provider-service/src/main/resources/configdefinitions/athenz-provider-service.def b/athenz-identity-provider-service/src/main/resources/configdefinitions/athenz-provider-service.def
index 3a2ef9c3092..af3abd8631b 100644
--- a/athenz-identity-provider-service/src/main/resources/configdefinitions/athenz-provider-service.def
+++ b/athenz-identity-provider-service/src/main/resources/configdefinitions/athenz-provider-service.def
@@ -1,5 +1,5 @@
 # Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
-namespace=vespa.hosted.athenz.identityproviderservice.config
+namespace=vespa.hosted.athenz.instanceproviderservice.config
 
 # Athenz domain
 domain                            string
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java
index 125f8a3cb0f..64ae296b0a7 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/AthenzInstanceProviderServiceTest.java
@@ -17,7 +17,7 @@ import com.yahoo.config.provision.RegionName;
 import com.yahoo.config.provision.TenantName;
 import com.yahoo.config.provision.Zone;
 import com.yahoo.log.LogLevel;
-import com.yahoo.vespa.hosted.athenz.identityproviderservice.config.AthenzProviderServiceConfig;
+import com.yahoo.vespa.hosted.athenz.instanceproviderservice.config.AthenzProviderServiceConfig;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.IdentityDocumentGenerator;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.InstanceValidator;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.impl.KeyProvider;
author	Morten Tokle <mortent@oath.com>	2017-10-24 15:35:19 +0200
committer	Morten Tokle <mortent@oath.com>	2017-10-24 15:35:19 +0200
commit	1720affe7397384e19f297f147f2d66514f608bd (patch)
tree	9bbe8b4f37e1d043c25df147b0b25ffb44082b4f /athenz-identity-provider-service
parent	c668472b01ea333135a5c09300f8816d9d774cc2 (diff)