diff options
author | Morten Tokle <mortent@yahooinc.com> | 2022-02-03 10:36:38 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-02-03 10:36:38 +0100 |
commit | 8d1e352a4561976801e41f25292d380d25619067 (patch) | |
tree | 287da665bbf04d5195d5448f6f99130b230b7204 /controller-api | |
parent | 10e642749aeefeaa2fd8db4295b62e741ddd092a (diff) | |
parent | 4a3c2cc2a3ac04b740088b19132262f70ce22606 (diff) |
Merge pull request #21042 from vespa-engine/mortent/reapply-developer-role
Allow developers to deploy application in manual zones
Diffstat (limited to 'controller-api')
3 files changed, 9 insertions, 1 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java index 4679f660319..9fb6fa1501b 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java @@ -40,7 +40,7 @@ public class ZmsClientMock implements ZmsClient { private final AthenzDbMock athenz; private final AthenzIdentity controllerIdentity; private static final Pattern TENANT_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.(?<tenantDomain>[\\w\\-_]+)\\..*"); - private static final Pattern APPLICATION_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.[\\w\\-_]+\\.res_group\\.(?<resourceGroup>[\\w\\-_]+)\\.wildcard"); + private static final Pattern APPLICATION_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.[\\w\\-_]+\\.res_group\\.(?<resourceGroup>[\\w\\-_]+)\\.(?<environment>[.*]+)"); public ZmsClientMock(AthenzDbMock athenz, AthenzIdentity controllerIdentity) { this.athenz = athenz; diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java index 5cdd12ecb1c..c40c2d4db01 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java @@ -52,6 +52,11 @@ public abstract class Role { return new TenantRole(RoleDefinition.developer, tenant); } + /** Returns a {@link RoleDefinition#hostedDeveloper} for the current system and given tenant. */ + public static TenantRole hostedDeveloper(TenantName tenant) { + return new TenantRole(RoleDefinition.hostedDeveloper, tenant); + } + /** Returns a {@link RoleDefinition#administrator} for the current system and given tenant. */ public static TenantRole administrator(TenantName tenant) { return new TenantRole(RoleDefinition.administrator, tenant); diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java index eeb3bae4431..aed5c08f0db 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java @@ -60,6 +60,9 @@ public enum RoleDefinition { Policy.billingInformationRead, Policy.secretStoreOperations), + /** Developer for manual deployments for a tenant */ + hostedDeveloper(Policy.developmentDeployment), + /** Admin — the administrative function for user management etc. */ administrator(Policy.tenantUpdate, Policy.tenantManager, |