Skip sending ipaddresses in CSR

author: Morten Tokle <mortent@oath.com> 2018-04-27 13:19:38 +0200
committer: Morten Tokle <mortent@oath.com> 2018-04-27 13:19:38 +0200
commit: db2f9972b1d600a886c1c37bac06f5a757b7d3ec (patch)
tree: d7c63153abc4d4993c0eafe795a64f75ab169e05 /athenz-identity-provider-service
parent: d7ec114976a4e5816a272aea25dbb2e13717fb92 (diff)
2 files changed, 26 insertions, 1 deletions
diff --git a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
index a5f143fe50a..54719aca1aa 100644
--- a/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
+++ b/athenz-identity-provider-service/src/main/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGenerator.java
@@ -88,7 +88,7 @@ public class IdentityDocumentGenerator {
                 HostName.getLocalhost(),
                 node.hostname(),
                 Instant.now(),
-                node.ipAddresses());
+                null);
     }
 
     private static String toZoneDnsSuffix(Zone zone, String dnsSuffix) {
diff --git a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
index 4e84fefbe53..74dbc591fc6 100644
--- a/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
+++ b/athenz-identity-provider-service/src/test/java/com/yahoo/vespa/hosted/athenz/instanceproviderservice/identitydocument/IdentityDocumentGeneratorTest.java
@@ -2,6 +2,9 @@
 package com.yahoo.vespa.hosted.athenz.instanceproviderservice.identitydocument;
 
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import com.google.common.collect.ImmutableSet;
 import com.yahoo.component.Version;
 import com.yahoo.config.provision.ApplicationId;
@@ -14,6 +17,8 @@ import com.yahoo.config.provision.RegionName;
 import com.yahoo.config.provision.SystemName;
 import com.yahoo.config.provision.TenantName;
 import com.yahoo.config.provision.Zone;
+import com.yahoo.vespa.athenz.identityprovider.api.VespaUniqueInstanceId;
+import com.yahoo.vespa.athenz.identityprovider.api.bindings.IdentityDocument;
 import com.yahoo.vespa.athenz.identityprovider.api.bindings.ProviderUniqueId;
 import com.yahoo.vespa.athenz.identityprovider.api.bindings.SignedIdentityDocument;
 import com.yahoo.vespa.hosted.athenz.instanceproviderservice.AutoGeneratedKeyProvider;
@@ -24,13 +29,17 @@ import com.yahoo.vespa.hosted.provision.NodeRepository;
 import com.yahoo.vespa.hosted.provision.node.Allocation;
 import com.yahoo.vespa.hosted.provision.node.Generation;
 import com.yahoo.vespa.hosted.provision.testutils.MockNodeFlavors;
+import org.hamcrest.CoreMatchers;
 import org.junit.Test;
 
+import java.time.Instant;
 import java.util.HashSet;
 import java.util.Optional;
 
 import static com.yahoo.vespa.hosted.athenz.instanceproviderservice.TestUtils.getAthenzProviderConfig;
+import static org.hamcrest.Matchers.not;
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 import static org.mockito.Matchers.eq;
 import static org.mockito.Mockito.mock;
@@ -88,4 +97,20 @@ public class IdentityDocumentGeneratorTest {
                                                                  signedIdentityDocument.rawIdentityDocument,
                                                                  signedIdentityDocument.signature));
     }
+
+    @Test
+    public void does_not_include_ipaddresses_field() throws JsonProcessingException {
+        IdentityDocument identityDocument = new IdentityDocument(
+                ProviderUniqueId.fromVespaUniqueInstanceId(VespaUniqueInstanceId.fromDottedString("1.cluster.instance.application.tenant.region.environment")),
+                "cfg",
+                "tenanthost",
+                Instant.now(),
+                null);
+
+        ObjectMapper mapper = new ObjectMapper();
+        mapper.registerModule(new JavaTimeModule());
+        String value = mapper.writeValueAsString(identityDocument);
+        System.out.println("value = " + value);
+        assertThat(value, not(CoreMatchers.containsString("ip-addresses")));
+    }
 }
author	Morten Tokle <mortent@oath.com>	2018-04-27 13:19:38 +0200
committer	Morten Tokle <mortent@oath.com>	2018-04-27 13:19:38 +0200
commit	db2f9972b1d600a886c1c37bac06f5a757b7d3ec (patch)
tree	d7c63153abc4d4993c0eafe795a64f75ab169e05 /athenz-identity-provider-service
parent	d7ec114976a4e5816a272aea25dbb2e13717fb92 (diff)