diff options
author | Jon Marius Venstad <venstad@gmail.com> | 2019-11-04 10:40:48 +0100 |
---|---|---|
committer | Jon Marius Venstad <venstad@gmail.com> | 2019-11-04 11:19:47 +0100 |
commit | 94e4ff6524f95d27af39dd475a1f58bb0d28205e (patch) | |
tree | 6859aaf2242b6a671e017343c4d3e0a48205d525 /controller-server | |
parent | c9d404683f2fd4ee2a2eaede18aeca40de57ddae (diff) |
Refactor Athenz mocking in ApplicationApiTest
Diffstat (limited to 'controller-server')
3 files changed, 27 insertions, 29 deletions
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java index 110aaf2b1a6..d7d3a2c97b1 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerControllerTester.java @@ -130,19 +130,6 @@ public class ContainerControllerTester { containerTester.assertResponse(() -> request, expectedResponse, expectedStatusCode); } - /* - * Authorize action on tenantDomain/application for a given screwdriverId - */ - public void authorize(AthenzDomain tenantDomain, ScrewdriverId screwdriverId, ApplicationAction action, TenantAndApplicationId id) { - AthenzClientFactoryMock mock = (AthenzClientFactoryMock) containerTester.container().components() - .getComponent(AthenzClientFactoryMock.class.getName()); - - mock.getSetup() - .domains.get(tenantDomain) - .applications.get(new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(id.application().value())) - .addRoleMember(action, HostedAthenzIdentities.from(screwdriverId)); - } - private void notifyJobCompletion(DeploymentJobs.JobReport report) { MockBuildService buildService = containerTester.serviceRegistry().buildServiceMock(); if (report.jobType() != component && ! buildService.remove(report.buildJob())) diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java index 55249670c5c..a80ba7af6a5 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/ContainerTester.java @@ -6,16 +6,21 @@ import com.yahoo.application.container.handler.Request; import com.yahoo.application.container.handler.Response; import com.yahoo.component.ComponentSpecification; import com.yahoo.component.Version; +import com.yahoo.config.provision.ApplicationName; import com.yahoo.config.provision.zone.ZoneApi; import com.yahoo.container.http.filter.FilterChainRepository; import com.yahoo.jdisc.http.filter.SecurityRequestFilter; import com.yahoo.jdisc.http.filter.SecurityRequestFilterChain; +import com.yahoo.vespa.athenz.api.AthenzDomain; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.hosted.controller.Controller; +import com.yahoo.vespa.hosted.controller.api.identifiers.ScrewdriverId; +import com.yahoo.vespa.hosted.controller.api.integration.athenz.ApplicationAction; import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactoryMock; import com.yahoo.vespa.hosted.controller.application.SystemApplication; +import com.yahoo.vespa.hosted.controller.athenz.HostedAthenzIdentities; import com.yahoo.vespa.hosted.controller.integration.ConfigServerMock; import com.yahoo.vespa.hosted.controller.integration.ServiceRegistryMock; -import com.yahoo.vespa.hosted.controller.integration.ZoneRegistryMock; import com.yahoo.vespa.hosted.controller.versions.ControllerVersion; import com.yahoo.vespa.hosted.controller.versions.VersionStatus; import org.junit.ComparisonFailure; @@ -84,6 +89,13 @@ public class ContainerTester { computeVersionStatus(); } + public void authorize(AthenzDomain tenantDomain, AthenzIdentity identity, ApplicationAction action, ApplicationName application) { + athenzClientFactory().getSetup() + .domains.get(tenantDomain) + .applications.get(new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(application.value())) + .addRoleMember(action, identity); + } + public void assertResponse(Supplier<Request> request, File responseFile) { assertResponse(request.get(), responseFile); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java index 18b59814e5d..a5d72b77187 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiTest.java @@ -7,6 +7,7 @@ import com.yahoo.application.container.handler.Request; import com.yahoo.component.Version; import com.yahoo.config.application.api.ValidationId; import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.ApplicationName; import com.yahoo.config.provision.AthenzService; import com.yahoo.config.provision.ClusterSpec; import com.yahoo.config.provision.Environment; @@ -268,7 +269,7 @@ public class ApplicationApiTest extends ControllerContainerTest { addScrewdriverUserToDeployRole(SCREWDRIVER_ID, ATHENZ_TENANT_DOMAIN, - new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(id.application().value())); // (Necessary but not provided in this API) + id.application()); // Pipeline notifies about completed component job controllerTester.jobCompletion(JobType.component) @@ -354,7 +355,7 @@ public class ApplicationApiTest extends ControllerContainerTest { long screwdriverProjectId2 = 456; addScrewdriverUserToDeployRole(SCREWDRIVER_ID, ATHENZ_TENANT_DOMAIN_2, - new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(app2.application().value())); + app2.application()); // Trigger upgrade and then application change controllerTester.controller().applications().deploymentTrigger().triggerChange(TenantAndApplicationId.from(app2), Change.of(Version.fromString("7.0"))); @@ -974,7 +975,7 @@ public class ApplicationApiTest extends ControllerContainerTest { // Grant deploy access addScrewdriverUserToDeployRole(SCREWDRIVER_ID, ATHENZ_TENANT_DOMAIN, - new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId("application1")); + ApplicationName.from("application1")); // POST (deploy) an application to a prod zone - allowed when project ID is not specified MultiPartStreamer entity = createApplicationDeployData(applicationPackageInstance1, true); @@ -1444,7 +1445,7 @@ public class ApplicationApiTest extends ControllerContainerTest { Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default"); ScrewdriverId screwdriverId = new ScrewdriverId(Long.toString(screwdriverProjectId)); - controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id()); + addScrewdriverUserToDeployRole(screwdriverId, ATHENZ_TENANT_DOMAIN, application.id().application()); controllerTester.jobCompletion(JobType.component) .application(application) @@ -1475,7 +1476,8 @@ public class ApplicationApiTest extends ControllerContainerTest { configureAthenzIdentity(new com.yahoo.vespa.athenz.api.AthenzService(ATHENZ_TENANT_DOMAIN, "service"), true); Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default"); - controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id()); + tester.authorize(ATHENZ_TENANT_DOMAIN, HostedAthenzIdentities.from(screwdriverId), + ApplicationAction.deploy, application.id().application()); // Allow systemtest to succeed by notifying completion of component controllerTester.jobCompletion(JobType.component) @@ -1572,7 +1574,8 @@ public class ApplicationApiTest extends ControllerContainerTest { configureAthenzIdentity(new com.yahoo.vespa.athenz.api.AthenzService(ATHENZ_TENANT_DOMAIN, "service"), false); Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default"); - controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id()); + tester.authorize(ATHENZ_TENANT_DOMAIN, HostedAthenzIdentities.from(screwdriverId), + ApplicationAction.deploy, application.id().application()); // Allow systemtest to succeed by notifying completion of system test controllerTester.jobCompletion(JobType.component) @@ -1609,7 +1612,8 @@ public class ApplicationApiTest extends ControllerContainerTest { configureAthenzIdentity(new com.yahoo.vespa.athenz.api.AthenzService(ATHENZ_TENANT_DOMAIN, "service"), true); Application application = controllerTester.createApplication(ATHENZ_TENANT_DOMAIN.getName(), "tenant1", "application1", "default"); - controllerTester.authorize(ATHENZ_TENANT_DOMAIN, screwdriverId, ApplicationAction.deploy, application.id()); + tester.authorize(ATHENZ_TENANT_DOMAIN, HostedAthenzIdentities.from(screwdriverId), + ApplicationAction.deploy, application.id().application()); // Allow systemtest to succeed by notifying completion of component controllerTester.jobCompletion(JobType.component) @@ -1841,12 +1845,8 @@ public class ApplicationApiTest extends ControllerContainerTest { */ private void addScrewdriverUserToDeployRole(ScrewdriverId screwdriverId, AthenzDomain domain, - com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId applicationId) { - AthenzClientFactoryMock mock = (AthenzClientFactoryMock) container.components() - .getComponent(AthenzClientFactoryMock.class.getName()); - AthenzIdentity screwdriverIdentity = HostedAthenzIdentities.from(screwdriverId); - AthenzDbMock.Application athenzApplication = mock.getSetup().domains.get(domain).applications.get(applicationId); - athenzApplication.addRoleMember(ApplicationAction.deploy, screwdriverIdentity); + ApplicationName application) { + tester.authorize(domain, HostedAthenzIdentities.from(screwdriverId), ApplicationAction.deploy, application); } private ApplicationId createTenantAndApplication() { @@ -1860,8 +1860,7 @@ public class ApplicationApiTest extends ControllerContainerTest { .userIdentity(USER_ID) .oktaAccessToken(OKTA_AT).oktaIdentityToken(OKTA_IT), new File("instance-reference.json")); - addScrewdriverUserToDeployRole(SCREWDRIVER_ID, ATHENZ_TENANT_DOMAIN, - new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId("application1")); + addScrewdriverUserToDeployRole(SCREWDRIVER_ID, ATHENZ_TENANT_DOMAIN, ApplicationName.from("application1")); return ApplicationId.from("tenant1", "application1", "instance1"); } |