diff options
| author | Håkon Hallingstad <hakon@oath.com> | 2018-09-11 16:52:18 +0200 |
|---|---|---|
| committer | Håkon Hallingstad <hakon@oath.com> | 2018-09-11 16:52:18 +0200 |
| commit | cad99be052580a6a6a4d3dd49d290c25360c307f (patch) | |
| tree | 5f70e299a08aed4a131e86fa06c168d4d037f01d /node-repository | |
| parent | b8ad672c00d05ff380d3336d9c8576eb7540a288 (diff) | |
Trust SSH port
Diffstat (limited to 'node-repository')
4 files changed, 18 insertions, 2 deletions
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java index 69b31f506e5..e03250e7934 100644 --- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java +++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/NodeRepository.java @@ -183,8 +183,10 @@ public class NodeRepository extends AbstractComponent { // For all cases below, trust: // - nodes in same application // - config servers + // - ssh node.allocation().ifPresent(allocation -> trustedNodes.addAll(candidates.owner(allocation.owner()).asList())); trustedNodes.addAll(candidates.nodeType(NodeType.config).asList()); + trustedPorts.add(22); switch (node.type()) { case tenant: diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-config-server.json b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-config-server.json index d1dc7e22fcd..e599d5a7b0b 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-config-server.json +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-config-server.json @@ -190,6 +190,10 @@ "trustedNetworks": [], "trustedPorts": [ { + "port": 22, + "trustedBy": "cfg1.yahoo.com" + }, + { "port": 4443, "trustedBy": "cfg1.yahoo.com" } diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-docker-host.json b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-docker-host.json index 7b1af066065..4d6607bd1b0 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-docker-host.json +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-docker-host.json @@ -79,5 +79,10 @@ "trustedBy": "dockerhost1.yahoo.com" } ], - "trustedPorts": [] + "trustedPorts": [ + { + "port": 22, + "trustedBy": "dockerhost1.yahoo.com" + } + ] } diff --git a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-tenant-node.json b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-tenant-node.json index e3ea3b62bec..4e1ba2271d9 100644 --- a/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-tenant-node.json +++ b/node-repository/src/test/java/com/yahoo/vespa/hosted/provision/restapi/v2/responses/acl-tenant-node.json @@ -134,5 +134,10 @@ } ], "trustedNetworks": [], - "trustedPorts":[] + "trustedPorts": [ + { + "port": 22, + "trustedBy": "foo.yahoo.com" + } + ] } |