Use username instead

11 files changed, 41 insertions, 48 deletions

diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java
index 92d3ad14aa7..8c5104f0152 100644
--- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java
@@ -34,7 +34,6 @@ import java.net.URI;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
-import java.nio.file.StandardCopyOption;
 import java.security.KeyPair;
 import java.security.PrivateKey;
 import java.security.cert.X509Certificate;
@@ -167,7 +166,7 @@ public class AthenzCredentialsMaintainer {
                             false,
                             csr);
             EntityBindingsMapper.writeSignedIdentityDocumentToFile(identityDocumentFile, signedIdentityDocument);
-            writePrivateKeyAndCertificate(context.vespaUserIdOnHost(), privateKeyFile, keyPair.getPrivate(),
+            writePrivateKeyAndCertificate(context.vespaUserOnHost(), privateKeyFile, keyPair.getPrivate(),
                     certificateFile, instanceIdentity.certificate());
             context.log(logger, "Instance successfully registered and credentials written to file");
         }
@@ -192,7 +191,7 @@ public class AthenzCredentialsMaintainer {
                                 identityDocument.providerUniqueId().asDottedString(),
                                 false,
                                 csr);
-                writePrivateKeyAndCertificate(context.vespaUserIdOnHost(), privateKeyFile, keyPair.getPrivate(),
+                writePrivateKeyAndCertificate(context.vespaUserOnHost(), privateKeyFile, keyPair.getPrivate(),
                         certificateFile, instanceIdentity.certificate());
                 context.log(logger, "Instance successfully refreshed and credentials written to file");
             } catch (ZtsClientException e) {
@@ -209,28 +208,23 @@ public class AthenzCredentialsMaintainer {
     }
 
 
-    private static void writePrivateKeyAndCertificate(int vespaUserIdOnHost,
+    private static void writePrivateKeyAndCertificate(String vespaUserOnHost,
                                                       Path privateKeyFile,
                                                       PrivateKey privateKey,
                                                       Path certificateFile,
                                                       X509Certificate certificate) {
-        writeFile(privateKeyFile, vespaUserIdOnHost, KeyUtils.toPem(privateKey));
-        writeFile(certificateFile, vespaUserIdOnHost, X509CertificateUtils.toPem(certificate));
+        writeFile(privateKeyFile, vespaUserOnHost, KeyUtils.toPem(privateKey));
+        writeFile(certificateFile, vespaUserOnHost, X509CertificateUtils.toPem(certificate));
     }
 
-    private static void writeFile(Path path, int vespaUserIdOnHost, String utf8Content) {
+    private static void writeFile(Path path, String vespaUserOnHost, String utf8Content) {
         new UnixPath(path.toString() + ".tmp")
-                .createNewFile("---------")
-                .setOwnerId(vespaUserIdOnHost)
-                .setPermissions("r-----------")
+                .createNewFile("r--------")
+                .setOwner(vespaUserOnHost)
                 .writeUtf8File(utf8Content)
                 .atomicMove(path);
     }
 
-    private static Path toTempPath(Path file) {
-        return Paths.get(file.toAbsolutePath().toString() + ".tmp");
-    }
-
     private static X509Certificate readCertificateFromFile(Path certificateFile) throws IOException {
         String pemEncodedCertificate = new String(Files.readAllBytes(certificateFile));
         return X509CertificateUtils.fromPem(pemEncodedCertificate);
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java
index 1f3e02433cb..4874eccb913 100644
--- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContext.java
@@ -27,7 +27,7 @@ public interface NodeAgentContext extends TaskContext {
 
     String vespaUser();
 
-    int vespaUserIdOnHost();
+    String vespaUserOnHost();
 
     /**
      * This method is the inverse of {@link #pathInNodeFromPathOnHost(Path)}}
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java
index 04edb033d75..fe0874f4121 100644
--- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImpl.java
@@ -34,12 +34,12 @@ public class NodeAgentContextImpl implements NodeAgentContext {
     private final Path pathToNodeRootOnHost;
     private final Path pathToVespaHome;
     private final String vespaUser;
-    private final int vespaUserIdOnHost;
+    private final String vespaUserIdOnHost;
 
     public NodeAgentContextImpl(String hostname, NodeType nodeType, AthenzService identity,
                                 DockerNetworking dockerNetworking, ZoneId zoneId,
                                 Path pathToContainerStorage, Path pathToVespaHome,
-                                String vespaUser, int vespaUserIdOnHost) {
+                                String vespaUser, String vespaUserIdOnHost) {
         this.hostName = HostName.from(Objects.requireNonNull(hostname));
         this.containerName = ContainerName.fromHostname(hostname);
         this.nodeType = Objects.requireNonNull(nodeType);
@@ -89,7 +89,7 @@ public class NodeAgentContextImpl implements NodeAgentContext {
     }
 
     @Override
-    public int vespaUserIdOnHost() {
+    public String vespaUserOnHost() {
         return vespaUserIdOnHost;
     }
 
@@ -146,11 +146,10 @@ public class NodeAgentContextImpl implements NodeAgentContext {
         private Path pathToContainerStorage;
         private Path pathToVespaHome;
         private String vespaUser;
-        private Integer vespaUserIdOnHost;
+        private String vespaUserOnHost;
 
-        public Builder(String hostname, int vespaUserIdOnHost) {
+        public Builder(String hostname) {
             this.hostname = hostname;
-            this.vespaUserIdOnHost = vespaUserIdOnHost;
         }
 
         public Builder nodeType(NodeType nodeType) {
@@ -188,6 +187,11 @@ public class NodeAgentContextImpl implements NodeAgentContext {
             return this;
         }
 
+        public Builder vespaUserOnHost(String vespaUserOnHost) {
+            this.vespaUserOnHost = vespaUserOnHost;
+            return this;
+        }
+
         public Builder fileSystem(FileSystem fileSystem) {
             return pathToContainerStorage(fileSystem.getPath("/home/docker"));
         }
@@ -202,7 +206,7 @@ public class NodeAgentContextImpl implements NodeAgentContext {
                     Optional.ofNullable(pathToContainerStorage).orElseGet(() -> Paths.get("/home/docker")),
                     Optional.ofNullable(pathToVespaHome).orElseGet(() -> Paths.get("/opt/vespa")),
                     Optional.ofNullable(vespaUser).orElse("vespa"),
-                    vespaUserIdOnHost);
+                    Optional.ofNullable(vespaUserOnHost).orElse("container_vespa"));
         }
     }
 }
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/file/UnixPath.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/file/UnixPath.java
index 064354ddc9c..609ff22f2d2 100644
--- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/file/UnixPath.java
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/task/util/file/UnixPath.java
@@ -68,12 +68,12 @@ public class UnixPath {
     }
 
     public UnixPath writeUtf8File(String content, OpenOption... options) {
-        writeBytes(content.getBytes(StandardCharsets.UTF_8), options);
-        return this;
+        return writeBytes(content.getBytes(StandardCharsets.UTF_8), options);
     }
 
-    public void writeBytes(byte[] content, OpenOption... options) {
+    public UnixPath writeBytes(byte[] content, OpenOption... options) {
         uncheck(() -> Files.write(path, content, options));
+        return this;
     }
 
     public String getPermissions() {
@@ -90,37 +90,30 @@ public class UnixPath {
         return this;
     }
 
-    public int getOwnerId() {
-        return (Integer) uncheck(() -> Files.getAttribute(path, "unix:uid"));
-    }
-
-    public UnixPath setOwnerId(int ownerId) {
-        uncheck(() -> Files.setAttribute(path, "unix:uid", ownerId));
-        return this;
-    }
-
     public String getOwner() {
         return getAttributes().owner();
     }
 
-    public void setOwner(String owner) {
+    public UnixPath setOwner(String owner) {
         UserPrincipalLookupService service = path.getFileSystem().getUserPrincipalLookupService();
         UserPrincipal principal = uncheck(
                 () -> service.lookupPrincipalByName(owner),
                 "While looking up user %s", owner);
         uncheck(() -> Files.setOwner(path, principal));
+        return this;
     }
 
     public String getGroup() {
         return getAttributes().group();
     }
 
-    public void setGroup(String group) {
+    public UnixPath setGroup(String group) {
         UserPrincipalLookupService service = path.getFileSystem().getUserPrincipalLookupService();
         GroupPrincipal principal = uncheck(
                 () -> service.lookupPrincipalByGroupName(group),
                 "while looking up group %s", group);
         uncheck(() -> Files.getFileAttributeView(path, PosixFileAttributeView.class).setGroup(principal));
+        return this;
     }
 
     public Instant getLastModifiedTime() {
@@ -148,14 +141,16 @@ public class UnixPath {
         return this;
     }
 
-    public void createDirectory(String permissions) {
+    public UnixPath createDirectory(String permissions) {
         Set<PosixFilePermission> set = getPosixFilePermissionsFromString(permissions);
         FileAttribute<Set<PosixFilePermission>> attribute = PosixFilePermissions.asFileAttribute(set);
         uncheck(() -> Files.createDirectory(path, attribute));
+        return this;
     }
 
-    public void createDirectory() {
+    public UnixPath createDirectory() {
         uncheck(() -> Files.createDirectory(path));
+        return this;
     }
 
     public boolean isDirectory() {
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/docker/DockerOperationsImplTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/docker/DockerOperationsImplTest.java
index fddfd2d875e..6e8cfce6c37 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/docker/DockerOperationsImplTest.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/docker/DockerOperationsImplTest.java
@@ -46,7 +46,7 @@ public class DockerOperationsImplTest {
 
     @Test
     public void processResultFromNodeProgramWhenSuccess() {
-        final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld", 1000).build();
+        final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld").build();
         final ProcessResult actualResult = new ProcessResult(0, "output", "errors");
 
         when(docker.executeInContainerAsUser(any(), any(), any(), any()))
@@ -67,7 +67,7 @@ public class DockerOperationsImplTest {
 
     @Test(expected = RuntimeException.class)
     public void processResultFromNodeProgramWhenNonZeroExitCode() {
-        final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld", 1000).build();
+        final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld").build();
         final ProcessResult actualResult = new ProcessResult(3, "output", "errors");
 
         when(docker.executeInContainerAsUser(any(), any(), any(), any()))
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integrationTests/DockerTester.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integrationTests/DockerTester.java
index d2cc0c8fd7e..e22606104f1 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integrationTests/DockerTester.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/integrationTests/DockerTester.java
@@ -94,7 +94,7 @@ public class DockerTester implements AutoCloseable {
 
         MetricReceiverWrapper mr = new MetricReceiverWrapper(MetricReceiver.nullImplementation);
         Function<String, NodeAgent> nodeAgentFactory = (hostName) -> new NodeAgentImpl(
-                new NodeAgentContextImpl.Builder(hostName, 1000).fileSystem(fileSystem).build(), nodeRepository,
+                new NodeAgentContextImpl.Builder(hostName).fileSystem(fileSystem).build(), nodeRepository,
                 orchestrator, dockerOperations, storageMaintainer, clock, INTERVAL, Optional.empty(), Optional.empty(), Optional.empty());
         nodeAdmin = new NodeAdminImpl(nodeAgentFactory, Optional.empty(), mr, Clock.systemUTC());
         nodeAdminStateUpdater = new NodeAdminStateUpdater(nodeRepository, orchestrator,
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainerTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainerTest.java
index 9e961ff03b4..cf5d29d70f1 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainerTest.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/StorageMaintainerTest.java
@@ -152,7 +152,7 @@ public class StorageMaintainerTest {
         }
 
         private Path executeAs(NodeType nodeType) {
-            NodeAgentContext context = new NodeAgentContextImpl.Builder("host123-5.test.domain.tld", 1000)
+            NodeAgentContext context = new NodeAgentContextImpl.Builder("host123-5.test.domain.tld")
                     .nodeType(nodeType)
                     .fileSystem(TestFileSystem.create())
                     .zoneId(new ZoneId(SystemName.dev, Environment.prod, RegionName.from("us-north-1"))).build();
@@ -197,7 +197,7 @@ public class StorageMaintainerTest {
         public void testDiskUsed() throws IOException {
             StorageMaintainer storageMaintainer = new StorageMaintainer(terminal, docker, null, null);
             FileSystem fileSystem = TestFileSystem.create();
-            NodeAgentContext context = new NodeAgentContextImpl.Builder("host-1.domain.tld", 1000).fileSystem(fileSystem).build();
+            NodeAgentContext context = new NodeAgentContextImpl.Builder("host-1.domain.tld").fileSystem(fileSystem).build();
             Files.createDirectories(context.pathOnHostFromPathInNode("/"));
 
             terminal.expectCommand("du -xsk /home/docker/host-1 2>&1", 0, "321\t/home/docker/host-1/");
@@ -265,7 +265,7 @@ public class StorageMaintainerTest {
         }
 
         private NodeAgentContext createNodeAgentContextAndContainerStorage(FileSystem fileSystem, String containerName) throws IOException {
-            NodeAgentContext context = new NodeAgentContextImpl.Builder(containerName + ".domain.tld", 1000)
+            NodeAgentContext context = new NodeAgentContextImpl.Builder(containerName + ".domain.tld")
                     .fileSystem(fileSystem).build();
 
             Path containerVespaHomeOnHost = context.pathOnHostFromPathInNode(context.pathInNodeUnderVespaHome(""));
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoreCollectorTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoreCollectorTest.java
index d1e34befa38..d809d9cbf96 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoreCollectorTest.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoreCollectorTest.java
@@ -27,7 +27,7 @@ public class CoreCollectorTest {
     private final String GDB_PATH = "/my/path/to/gdb";
     private final DockerOperations docker = mock(DockerOperations.class);
     private final CoreCollector coreCollector = new CoreCollector(docker, Paths.get(GDB_PATH));
-    private final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld", 1000).build();
+    private final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld").build();
 
     private final Path TEST_CORE_PATH = Paths.get("/tmp/core.1234");
     private final Path TEST_BIN_PATH = Paths.get("/usr/bin/program");
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java
index ec294f1e118..8d599660ace 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/maintenance/coredump/CoredumpHandlerTest.java
@@ -47,7 +47,7 @@ import static org.mockito.Mockito.when;
 public class CoredumpHandlerTest {
     private final FileSystem fileSystem = TestFileSystem.create();
     private final Path donePath = fileSystem.getPath("/home/docker/dumps");
-    private final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld", 1000)
+    private final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-123.domain.tld")
             .fileSystem(fileSystem).build();
     private final Path crashPathInContainer = Paths.get("/var/crash");
     private final Path doneCoredumpsPath = fileSystem.getPath("/home/docker/dumps");
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImplTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImplTest.java
index 60ac93c41d8..84f13ed299a 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImplTest.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentContextImplTest.java
@@ -12,7 +12,7 @@ import static org.junit.Assert.assertEquals;
  */
 public class NodeAgentContextImplTest {
     private final FileSystem fileSystem = TestFileSystem.create();
-    private final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-1.domain.tld", 1000)
+    private final NodeAgentContext context = new NodeAgentContextImpl.Builder("container-1.domain.tld")
             .fileSystem(fileSystem).build();
 
     @Test
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImplTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImplTest.java
index af5c17ff34f..83ee9b57918 100644
--- a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImplTest.java
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/nodeagent/NodeAgentImplTest.java
@@ -63,7 +63,7 @@ public class NodeAgentImplTest {
     private static final String vespaVersion = "1.2.3";
 
     private final String hostName = "host1.test.yahoo.com";
-    private final NodeAgentContext context = new NodeAgentContextImpl.Builder(hostName, 1000).build();
+    private final NodeAgentContext context = new NodeAgentContextImpl.Builder(hostName).build();
     private final DockerImage dockerImage = new DockerImage("dockerImage");
     private final DockerOperations dockerOperations = mock(DockerOperations.class);
     private final NodeRepository nodeRepository = mock(NodeRepository.class);