diff options
author | Morten Tokle <mortent@verizonmedia.com> | 2021-08-30 11:41:13 +0200 |
---|---|---|
committer | Morten Tokle <mortent@verizonmedia.com> | 2021-08-30 11:41:13 +0200 |
commit | be15742773154a22269e87ac80a8b7ecd072032b (patch) | |
tree | 672b20184e44487667cf22b50da1632569598673 /configserver | |
parent | 11e7a365a7f6e63b109f24f3f81ff4aaee9bad72 (diff) |
Stop accepting application roles in deploy
Diffstat (limited to 'configserver')
6 files changed, 3 insertions, 36 deletions
diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java b/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java index 529948179b1..a63700e0bb5 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/deploy/ModelContextImpl.java @@ -294,7 +294,6 @@ public class ModelContextImpl implements ModelContext { private final boolean isFirstTimeDeployment; private final Optional<EndpointCertificateSecrets> endpointCertificateSecrets; private final Optional<AthenzDomain> athenzDomain; - private final Optional<ApplicationRoles> applicationRoles; private final Quota quota; private final List<TenantSecretStore> tenantSecretStores; private final SecretStore secretStore; @@ -312,7 +311,6 @@ public class ModelContextImpl implements ModelContext { FlagSource flagSource, Optional<EndpointCertificateSecrets> endpointCertificateSecrets, Optional<AthenzDomain> athenzDomain, - Optional<ApplicationRoles> applicationRoles, Optional<Quota> maybeQuota, List<TenantSecretStore> tenantSecretStores, SecretStore secretStore, @@ -331,7 +329,6 @@ public class ModelContextImpl implements ModelContext { this.isFirstTimeDeployment = isFirstTimeDeployment; this.endpointCertificateSecrets = endpointCertificateSecrets; this.athenzDomain = athenzDomain; - this.applicationRoles = applicationRoles; this.quota = maybeQuota.orElseGet(Quota::unlimited); this.tenantSecretStores = tenantSecretStores; this.secretStore = secretStore; @@ -389,11 +386,6 @@ public class ModelContextImpl implements ModelContext { @Override public Optional<AthenzDomain> athenzDomain() { return athenzDomain; } - @Override - public Optional<ApplicationRoles> applicationRoles() { - return applicationRoles; - } - @Override public Quota quota() { return quota; } @Override diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java b/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java index 2b7ce234777..ffb4550caf0 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/modelfactory/ActivatedModelsBuilder.java @@ -162,8 +162,6 @@ public class ActivatedModelsBuilder extends ModelsBuilder<Application> { .readEndpointCertificateMetadata(applicationId) .flatMap(new EndpointCertificateRetriever(secretStore)::readEndpointCertificateSecrets), zkClient.readAthenzDomain(), - new ApplicationRolesStore(curator, TenantRepository.getTenantPath(tenant)) - .readApplicationRoles(applicationId), zkClient.readQuota(), zkClient.readTenantSecretStores(), secretStore, diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java b/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java index 071a0dd8f0c..9ed62a99708 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/session/PrepareParams.java @@ -53,8 +53,6 @@ public final class PrepareParams { static final String ENDPOINT_CERTIFICATE_METADATA_PARAM_NAME = "endpointCertificateMetadata"; static final String DOCKER_IMAGE_REPOSITORY = "dockerImageRepository"; static final String ATHENZ_DOMAIN = "athenzDomain"; - static final String APPLICATION_HOST_ROLE = "applicationHostRole"; - static final String APPLICATION_CONTAINER_ROLE = "applicationContainerRole"; static final String QUOTA_PARAM_NAME = "quota"; static final String TENANT_SECRET_STORES_PARAM_NAME = "tenantSecretStores"; static final String FORCE_PARAM_NAME = "force"; @@ -74,7 +72,6 @@ public final class PrepareParams { private final Optional<EndpointCertificateMetadata> endpointCertificateMetadata; private final Optional<DockerImage> dockerImageRepository; private final Optional<AthenzDomain> athenzDomain; - private final Optional<ApplicationRoles> applicationRoles; private final Optional<Quota> quota; private final List<TenantSecretStore> tenantSecretStores; private final List<X509Certificate> operatorCertificates; @@ -84,7 +81,7 @@ public final class PrepareParams { List<ContainerEndpoint> containerEndpoints, Optional<EndpointCertificateMetadata> endpointCertificateMetadata, Optional<DockerImage> dockerImageRepository, Optional<AthenzDomain> athenzDomain, - Optional<ApplicationRoles> applicationRoles, Optional<Quota> quota, List<TenantSecretStore> tenantSecretStores, + Optional<Quota> quota, List<TenantSecretStore> tenantSecretStores, boolean force, boolean waitForResourcesInPrepare, List<X509Certificate> operatorCertificates) { this.timeoutBudget = timeoutBudget; this.applicationId = Objects.requireNonNull(applicationId); @@ -97,7 +94,6 @@ public final class PrepareParams { this.endpointCertificateMetadata = endpointCertificateMetadata; this.dockerImageRepository = dockerImageRepository; this.athenzDomain = athenzDomain; - this.applicationRoles = applicationRoles; this.quota = quota; this.tenantSecretStores = tenantSecretStores; this.force = force; @@ -265,7 +261,7 @@ public final class PrepareParams { return new PrepareParams(applicationId, timeoutBudget, ignoreValidationErrors, dryRun, verbose, isBootstrap, vespaVersion, containerEndpoints, endpointCertificateMetadata, dockerImageRepository, athenzDomain, - applicationRoles, quota, tenantSecretStores, force, waitForResourcesInPrepare, + quota, tenantSecretStores, force, waitForResourcesInPrepare, operatorCertificates); } } @@ -281,7 +277,6 @@ public final class PrepareParams { .endpointCertificateMetadata(request.getProperty(ENDPOINT_CERTIFICATE_METADATA_PARAM_NAME)) .dockerImageRepository(request.getProperty(DOCKER_IMAGE_REPOSITORY)) .athenzDomain(request.getProperty(ATHENZ_DOMAIN)) - .applicationRoles(ApplicationRoles.fromString(request.getProperty(APPLICATION_HOST_ROLE), request.getProperty(APPLICATION_CONTAINER_ROLE))) .quota(request.getProperty(QUOTA_PARAM_NAME)) .tenantSecretStores(request.getProperty(TENANT_SECRET_STORES_PARAM_NAME)) .force(request.getBooleanProperty(FORCE_PARAM_NAME)) @@ -304,7 +299,6 @@ public final class PrepareParams { .endpointCertificateMetadata(deserialize(params.field(ENDPOINT_CERTIFICATE_METADATA_PARAM_NAME), EndpointCertificateMetadataSerializer::fromSlime)) .dockerImageRepository(SlimeUtils.optionalString(params.field(DOCKER_IMAGE_REPOSITORY)).orElse(null)) .athenzDomain(SlimeUtils.optionalString(params.field(ATHENZ_DOMAIN)).orElse(null)) - .applicationRoles(ApplicationRoles.fromString(SlimeUtils.optionalString(params.field(APPLICATION_HOST_ROLE)).orElse(null), SlimeUtils.optionalString(params.field(APPLICATION_CONTAINER_ROLE)).orElse(null))) .quota(deserialize(params.field(QUOTA_PARAM_NAME), Quota::fromSlime)) .tenantSecretStores(deserialize(params.field(TENANT_SECRET_STORES_PARAM_NAME), TenantSecretStoreSerializer::listFromSlime, List.of())) .force(booleanValue(params, FORCE_PARAM_NAME)) @@ -414,10 +408,6 @@ public final class PrepareParams { public Optional<AthenzDomain> athenzDomain() { return athenzDomain; } - public Optional<ApplicationRoles> applicationRoles() { - return applicationRoles; - } - public Optional<Quota> quota() { return quota; } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java b/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java index b9f79763a41..14dddf458cd 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/session/SessionPreparer.java @@ -132,7 +132,6 @@ public class SessionPreparer { preparation.writeStateZK(); preparation.writeEndpointCertificateMetadataZK(); preparation.writeContainerEndpointsZK(); - preparation.writeApplicationRoles(); } log.log(Level.FINE, () -> "time used " + params.getTimeoutBudget().timesUsed() + " : " + applicationId); return preparation.result(); @@ -161,8 +160,6 @@ public class SessionPreparer { private final EndpointCertificateMetadataStore endpointCertificateMetadataStore; private final Optional<EndpointCertificateMetadata> endpointCertificateMetadata; private final Optional<AthenzDomain> athenzDomain; - private final ApplicationRolesStore applicationRolesStore; - private final Optional<ApplicationRoles> applicationRoles; private final ApplicationPackage applicationPackage; private final SessionZooKeeperClient sessionZooKeeperClient; @@ -193,9 +190,6 @@ public class SessionPreparer { .flatMap(endpointCertificateRetriever::readEndpointCertificateSecrets); this.containerEndpoints = readEndpointsIfNull(params.containerEndpoints()); this.athenzDomain = params.athenzDomain(); - this.applicationRolesStore = new ApplicationRolesStore(curator, tenantPath); - this.applicationRoles = params.applicationRoles() - .or(() -> applicationRolesStore.readApplicationRoles(applicationId)); this.properties = new ModelContextImpl.Properties(params.getApplicationId(), configserverConfig, zone, @@ -205,7 +199,6 @@ public class SessionPreparer { flagSource, endpointCertificateSecrets, athenzDomain, - applicationRoles, params.quota(), params.tenantSecretStores(), secretStore, @@ -298,11 +291,6 @@ public class SessionPreparer { checkTimeout("write container endpoints to zookeeper"); } - void writeApplicationRoles() { - applicationRoles.ifPresent(roles -> applicationRolesStore.writeApplicationRoles(applicationId, roles)); - checkTimeout("write application roles to zookeeper"); - } - PrepareResult result() { return prepareResult; } diff --git a/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/ApplicationRolesStore.java b/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/ApplicationRolesStore.java index a41e5465509..2dedce41ed8 100644 --- a/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/ApplicationRolesStore.java +++ b/configserver/src/main/java/com/yahoo/vespa/config/server/tenant/ApplicationRolesStore.java @@ -14,9 +14,9 @@ import java.util.Optional; /** * Stores application roles for an application. - * * @author mortent */ + // TODO: Remove and clean up zk after 7.458 public class ApplicationRolesStore { private final Path path; diff --git a/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java b/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java index 0acf4404326..d97f809da6e 100644 --- a/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java +++ b/configserver/src/test/java/com/yahoo/vespa/config/server/ModelContextImplTest.java @@ -72,7 +72,6 @@ public class ModelContextImplTest { null, Optional.empty(), Optional.empty(), - Optional.empty(), List.of(), new SecretStoreProvider().get(), List.of()), |