Merge pull request #9082 from vespa-engine/hakonhall/use-athenzidentity-instead-of-athensservice

Use AthenzIdentity instead of AthensService
author: Håkon Hallingstad <hakon@verizonmedia.com> 2019-04-11 15:46:02 +0200
committer: GitHub <noreply@github.com> 2019-04-11 15:46:02 +0200
commit: 51e83a1d32b42a2f10355e8f331c9838dd1ee663 (patch)
tree: 79f3ffdb57396144f127502dc43d016451034da3 /controller-server
parent: 6a0a5ed5778941b27017f3a9eff045a703c2f7ca (diff)
parent: d10bd1e6874ac66f85adef060c3aaf41cdee3502 (diff)
6 files changed, 17 insertions, 18 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java
index 846c90a96f5..447f9a462b1 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzClientFactoryImpl.java
@@ -2,6 +2,7 @@
 package com.yahoo.vespa.hosted.controller.athenz.impl;
 
 import com.google.inject.Inject;
+import com.yahoo.vespa.athenz.api.AthenzIdentity;
 import com.yahoo.vespa.athenz.api.AthenzService;
 import com.yahoo.vespa.athenz.client.zms.DefaultZmsClient;
 import com.yahoo.vespa.athenz.client.zms.ZmsClient;
@@ -28,7 +29,7 @@ public class AthenzClientFactoryImpl implements AthenzClientFactory {
     }
 
     @Override
-    public AthenzService getControllerIdentity() {
+    public AthenzIdentity getControllerIdentity() {
         return identityProvider.identity();
     }
 
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java
index 0732eeb97c3..75b7e137998 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/impl/AthenzFacade.java
@@ -11,7 +11,6 @@ import com.yahoo.vespa.athenz.api.AthenzIdentity;
 import com.yahoo.vespa.athenz.api.AthenzPrincipal;
 import com.yahoo.vespa.athenz.api.AthenzResourceName;
 import com.yahoo.vespa.athenz.api.AthenzRole;
-import com.yahoo.vespa.athenz.api.AthenzService;
 import com.yahoo.vespa.athenz.api.OktaAccessToken;
 import com.yahoo.vespa.athenz.client.zms.RoleAction;
 import com.yahoo.vespa.athenz.client.zms.ZmsClient;
@@ -19,9 +18,9 @@ import com.yahoo.vespa.athenz.client.zts.ZtsClient;
 import com.yahoo.vespa.hosted.controller.Application;
 import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactory;
 import com.yahoo.vespa.hosted.controller.athenz.ApplicationAction;
+import com.yahoo.vespa.hosted.controller.security.AccessControl;
 import com.yahoo.vespa.hosted.controller.security.AthenzCredentials;
 import com.yahoo.vespa.hosted.controller.security.AthenzTenantSpec;
-import com.yahoo.vespa.hosted.controller.security.AccessControl;
 import com.yahoo.vespa.hosted.controller.security.Credentials;
 import com.yahoo.vespa.hosted.controller.security.TenantSpec;
 import com.yahoo.vespa.hosted.controller.tenant.AthenzTenant;
@@ -45,14 +44,14 @@ public class AthenzFacade implements AccessControl {
     private static final Logger log = Logger.getLogger(AthenzFacade.class.getName());
     private final ZmsClient zmsClient;
     private final ZtsClient ztsClient;
-    private final AthenzService service;
+    private final AthenzIdentity service;
 
     @Inject
     public AthenzFacade(AthenzClientFactory factory) {
         this(factory.createZmsClient(), factory.createZtsClient(), factory.getControllerIdentity());
     }
 
-    public AthenzFacade(ZmsClient zmsClient, ZtsClient ztsClient, AthenzService identity) {
+    public AthenzFacade(ZmsClient zmsClient, ZtsClient ztsClient, AthenzIdentity identity) {
         this.zmsClient = zmsClient;
         this.ztsClient = ztsClient;
         this.service = identity;
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZmsClientMock.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZmsClientMock.java
index f7a8e702b06..37926d944b7 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZmsClientMock.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZmsClientMock.java
@@ -5,7 +5,6 @@ import com.yahoo.vespa.athenz.api.AthenzDomain;
 import com.yahoo.vespa.athenz.api.AthenzIdentity;
 import com.yahoo.vespa.athenz.api.AthenzResourceName;
 import com.yahoo.vespa.athenz.api.AthenzRole;
-import com.yahoo.vespa.athenz.api.AthenzService;
 import com.yahoo.vespa.athenz.api.OktaAccessToken;
 import com.yahoo.vespa.athenz.client.zms.RoleAction;
 import com.yahoo.vespa.athenz.client.zms.ZmsClient;
@@ -30,23 +29,23 @@ public class ZmsClientMock implements ZmsClient {
     private static final Logger log = Logger.getLogger(ZmsClientMock.class.getName());
 
     private final AthenzDbMock athenz;
-    private final AthenzService controllerIdentity;
+    private final AthenzIdentity controllerIdentity;
     private static final Pattern TENANT_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.(?<tenantDomain>[\\w\\-_]+)\\..*");
     private static final Pattern APPLICATION_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.[\\w\\-_]+\\.res_group\\.(?<resourceGroup>[\\w\\-_]+)\\.wildcard");
 
-    public ZmsClientMock(AthenzDbMock athenz, AthenzService controllerIdentity) {
+    public ZmsClientMock(AthenzDbMock athenz, AthenzIdentity controllerIdentity) {
         this.athenz = athenz;
         this.controllerIdentity = controllerIdentity;
     }
 
     @Override
-    public void createTenancy(AthenzDomain tenantDomain, AthenzService providerService, OktaAccessToken token) {
+    public void createTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaAccessToken token) {
         log("createTenancy(tenantDomain='%s')", tenantDomain);
         getDomainOrThrow(tenantDomain, false).isVespaTenant = true;
     }
 
     @Override
-    public void deleteTenancy(AthenzDomain tenantDomain, AthenzService providerService, OktaAccessToken token) {
+    public void deleteTenancy(AthenzDomain tenantDomain, AthenzIdentity providerService, OktaAccessToken token) {
         log("deleteTenancy(tenantDomain='%s')", tenantDomain);
         AthenzDbMock.Domain domain = getDomainOrThrow(tenantDomain, false);
         domain.isVespaTenant = false;
@@ -55,7 +54,7 @@ public class ZmsClientMock implements ZmsClient {
     }
 
     @Override
-    public void createProviderResourceGroup(AthenzDomain tenantDomain, AthenzService providerService, String resourceGroup, Set<RoleAction> roleActions, OktaAccessToken token) {
+    public void createProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, Set<RoleAction> roleActions, OktaAccessToken token) {
         log("createProviderResourceGroup(tenantDomain='%s', resourceGroup='%s')", tenantDomain, resourceGroup);
         AthenzDbMock.Domain domain = getDomainOrThrow(tenantDomain, true);
         ApplicationId applicationId = new ApplicationId(resourceGroup);
@@ -65,7 +64,7 @@ public class ZmsClientMock implements ZmsClient {
     }
 
     @Override
-    public void deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzService providerService, String resourceGroup, OktaAccessToken token) {
+    public void deleteProviderResourceGroup(AthenzDomain tenantDomain, AthenzIdentity providerService, String resourceGroup, OktaAccessToken token) {
         log("deleteProviderResourceGroup(tenantDomain='%s', resourceGroup='%s')", tenantDomain, resourceGroup);
         getDomainOrThrow(tenantDomain, true).applications.remove(new ApplicationId(resourceGroup));
     }
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZtsClientMock.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZtsClientMock.java
index 8bb5ad12468..5c0407d35a9 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZtsClientMock.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/athenz/mock/ZtsClientMock.java
@@ -45,22 +45,22 @@ public class ZtsClientMock implements ZtsClient {
     }
 
     @Override
-    public InstanceIdentity registerInstance(AthenzService providerIdentity, AthenzService instanceIdentity, String instanceId, String attestationData, boolean requestServiceToken, Pkcs10Csr csr) {
+    public InstanceIdentity registerInstance(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String instanceId, String attestationData, boolean requestServiceToken, Pkcs10Csr csr) {
         throw new UnsupportedOperationException();
     }
 
     @Override
-    public InstanceIdentity refreshInstance(AthenzService providerIdentity, AthenzService instanceIdentity, String instanceId, boolean requestServiceToken, Pkcs10Csr csr) {
+    public InstanceIdentity refreshInstance(AthenzIdentity providerIdentity, AthenzIdentity instanceIdentity, String instanceId, boolean requestServiceToken, Pkcs10Csr csr) {
         throw new UnsupportedOperationException();
     }
 
     @Override
-    public Identity getServiceIdentity(AthenzService identity, String keyId, Pkcs10Csr csr) {
+    public Identity getServiceIdentity(AthenzIdentity identity, String keyId, Pkcs10Csr csr) {
         throw new UnsupportedOperationException();
     }
 
     @Override
-    public Identity getServiceIdentity(AthenzService identity, String keyId, KeyPair keyPair, String dnsSuffix) {
+    public Identity getServiceIdentity(AthenzIdentity identity, String keyId, KeyPair keyPair, String dnsSuffix) {
         throw new UnsupportedOperationException();
     }
 
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java
index c223d051237..01d9a01a316 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java
@@ -268,7 +268,7 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor {
         AthenzIdentityVerifier hostnameVerifier =
                 new AthenzIdentityVerifier(
                         singleton(
-                                zoneRegistry.getConfigServerAthenzService(
+                                zoneRegistry.getConfigServerAthenzIdentity(
                                         ZoneId.from(proxyRequest.getEnvironment(), proxyRequest.getRegion()))));
         return HttpClientBuilder.create()
                 .setUserAgent("config-server-proxy-client")
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java
index 393268b4750..4248a513950 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java
@@ -101,7 +101,7 @@ public class ZoneRegistryMock extends AbstractComponent implements ZoneRegistry
         return ZoneFilterMock.from(Collections.unmodifiableList(zones));
     }
 
-    public AthenzService getConfigServerAthenzService(ZoneId zone) {
+    public AthenzService getConfigServerAthenzIdentity(ZoneId zone) {
         return new AthenzService("vespadomain", "provider-" + zone.environment().value() + "-" + zone.region().value());
     }
author	Håkon Hallingstad <hakon@verizonmedia.com>	2019-04-11 15:46:02 +0200
committer	GitHub <noreply@github.com>	2019-04-11 15:46:02 +0200
commit	51e83a1d32b42a2f10355e8f331c9838dd1ee663 (patch)
tree	79f3ffdb57396144f127502dc43d016451034da3 /controller-server
parent	6a0a5ed5778941b27017f3a9eff045a703c2f7ca (diff)
parent	d10bd1e6874ac66f85adef060c3aaf41cdee3502 (diff)