diff options
author | Ola Aunrønning <olaa@verizonmedia.com> | 2021-03-05 13:05:17 +0100 |
---|---|---|
committer | Ola Aunrønning <olaa@verizonmedia.com> | 2021-03-05 13:08:08 +0100 |
commit | a274f9d5b8f24676a576e12ef35423549eea0d56 (patch) | |
tree | e24a785b362d2c87cf1f98285c5545b36726f988 /controller-server | |
parent | 1acaa2e62aecdda2b4c321ae133654cc1a0316f3 (diff) |
Include region and parameter name when validating secret store. Don't inject AwsParameterStore to AwsParameterStoreValidationHandler
Diffstat (limited to 'controller-server')
3 files changed, 7 insertions, 7 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java index 4ecd972fc24..228a7bab439 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiHandler.java @@ -223,7 +223,7 @@ public class ApplicationApiHandler extends LoggingRequestHandler { if (path.matches("/application/v4/tenant")) return tenants(request); if (path.matches("/application/v4/tenant/{tenant}")) return tenant(path.get("tenant"), request); if (path.matches("/application/v4/tenant/{tenant}/info")) return tenantInfo(path.get("tenant"), request); - if (path.matches("/application/v4/tenant/{tenant}/secret-store/{name}/validate")) return validateSecretStore(path.get("tenant"), path.get("name")); + if (path.matches("/application/v4/tenant/{tenant}/secret-store/{name}/region/{region}/parameter-name/{parameter-name}/validate")) return validateSecretStore(path.get("tenant"), path.get("name"), path.get("region"), path.get("parameter-name")); if (path.matches("/application/v4/tenant/{tenant}/application")) return applications(path.get("tenant"), Optional.empty(), request); if (path.matches("/application/v4/tenant/{tenant}/application/{application}")) return application(path.get("tenant"), path.get("application"), request); if (path.matches("/application/v4/tenant/{tenant}/application/{application}/compile-version")) return compileVersion(path.get("tenant"), path.get("application")); @@ -584,7 +584,7 @@ public class ApplicationApiHandler extends LoggingRequestHandler { } - private HttpResponse validateSecretStore(String tenantName, String name) { + private HttpResponse validateSecretStore(String tenantName, String name, String region, String parameterName) { var tenant = TenantName.from(tenantName); if (controller.tenants().require(tenant).type() != Tenant.Type.cloud) return ErrorResponse.badRequest("Tenant '" + tenant + "' is not a cloud tenant"); @@ -601,7 +601,7 @@ public class ApplicationApiHandler extends LoggingRequestHandler { if (tenantSecretStore.isEmpty()) return ErrorResponse.notFoundError("No secret store '" + name + "' configured for tenant '" + tenantName + "'"); - var response = controller.serviceRegistry().configServer().validateSecretStore(deployment.get(), tenantSecretStore.get()); + var response = controller.serviceRegistry().configServer().validateSecretStore(deployment.get(), tenantSecretStore.get(), region, parameterName); return new MessageResponse(response); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ConfigServerMock.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ConfigServerMock.java index b669e942494..a5c2176b321 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ConfigServerMock.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ConfigServerMock.java @@ -576,7 +576,7 @@ public class ConfigServerMock extends AbstractComponent implements ConfigServer } @Override - public String validateSecretStore(DeploymentId deployment, TenantSecretStore tenantSecretStore) { + public String validateSecretStore(DeploymentId deployment, TenantSecretStore tenantSecretStore, String region, String parameterName) { return deployment.toString() + " - " + tenantSecretStore.toString(); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java index 4d18388dda6..84ef800b2f2 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/application/ApplicationApiCloudTest.java @@ -152,7 +152,7 @@ public class ApplicationApiCloudTest extends ControllerContainerCloudTest { @Test public void validate_secret_store() { var secretStoreRequest = - request("/application/v4/tenant/scoober/secret-store/secret-foo/validate", GET) + request("/application/v4/tenant/scoober/secret-store/secret-foo/region/us-west-1/parameter-name/foo/validate", GET) .roles(Set.of(Role.administrator(tenantName))); tester.assertResponse(secretStoreRequest, "{" + "\"error-code\":\"BAD_REQUEST\"," + @@ -161,7 +161,7 @@ public class ApplicationApiCloudTest extends ControllerContainerCloudTest { deployApplication(); secretStoreRequest = - request("/application/v4/tenant/scoober/secret-store/secret-foo/validate", GET) + request("/application/v4/tenant/scoober/secret-store/secret-foo/region/us-west-1/parameter-name/foo/validate", GET) .roles(Set.of(Role.administrator(tenantName))); tester.assertResponse(secretStoreRequest, "{" + "\"error-code\":\"NOT_FOUND\"," + @@ -175,7 +175,7 @@ public class ApplicationApiCloudTest extends ControllerContainerCloudTest { // ConfigServerMock returns message on format deployment.toString() + " - " + tenantSecretStore.toString() secretStoreRequest = - request("/application/v4/tenant/scoober/secret-store/secret-foo/validate", GET) + request("/application/v4/tenant/scoober/secret-store/secret-foo/region/us-west-1/parameter-name/foo/validate", GET) .roles(Set.of(Role.administrator(tenantName))); tester.assertResponse(secretStoreRequest, "{" + "\"message\":\"scoober.albums in prod.us-central-1 - TenantSecretStore{name='secret-foo', awsId='123', role='some-role'}\"" + |