andreer/manage services in zms client (#18717)

* create, put and delete athenz services * newline at eof * createOrUpdate is better than "put" outside http context
author: Andreas Eriksen <andreer@verizonmedia.com> 2021-08-12 11:25:47 +0200
committer: GitHub <noreply@github.com> 2021-08-12 11:25:47 +0200
commit: 2e543d310304136c2785d49d42d82e396f6f10ac (patch)
tree: a26197a5d36e46d20d3fec704d6f98c319891150 /vespa-athenz
parent: 6f2c8f6f52c08172f986e8ea67b7221e0d40db43 (diff)
4 files changed, 84 insertions, 3 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java
index 7503b5a39ed..89b72c249bd 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/DefaultZmsClient.java
@@ -6,6 +6,7 @@ import com.yahoo.vespa.athenz.api.AthenzGroup;
 import com.yahoo.vespa.athenz.api.AthenzIdentity;
 import com.yahoo.vespa.athenz.api.AthenzResourceName;
 import com.yahoo.vespa.athenz.api.AthenzRole;
+import com.yahoo.vespa.athenz.api.AthenzService;
 import com.yahoo.vespa.athenz.api.AthenzUser;
 import com.yahoo.vespa.athenz.api.OktaAccessToken;
 import com.yahoo.vespa.athenz.api.OktaIdentityToken;
@@ -18,13 +19,14 @@ import com.yahoo.vespa.athenz.client.zms.bindings.MembershipEntity;
 import com.yahoo.vespa.athenz.client.zms.bindings.PolicyEntity;
 import com.yahoo.vespa.athenz.client.zms.bindings.ProviderResourceGroupRolesRequestEntity;
 import com.yahoo.vespa.athenz.client.zms.bindings.RoleEntity;
+import com.yahoo.vespa.athenz.client.zms.bindings.ServiceEntity;
+import com.yahoo.vespa.athenz.client.zms.bindings.ServiceListResponseEntity;
 import com.yahoo.vespa.athenz.client.zms.bindings.TenancyRequestEntity;
 import com.yahoo.vespa.athenz.identity.ServiceIdentityProvider;
 import com.yahoo.vespa.athenz.utils.AthenzIdentities;
 import org.apache.http.Header;
 import org.apache.http.client.methods.HttpUriRequest;
 import org.apache.http.client.methods.RequestBuilder;
-import org.apache.http.entity.StringEntity;
 import org.apache.http.message.BasicHeader;
 
 import javax.net.ssl.SSLContext;
@@ -32,11 +34,9 @@ import java.net.URI;
 import java.time.Instant;
 import java.util.Collections;
 import java.util.List;
-import java.util.Objects;
 import java.util.Optional;
 import java.util.OptionalInt;
 import java.util.Set;
-import java.util.function.Function;
 import java.util.function.Supplier;
 import java.util.stream.Collectors;
 
@@ -261,6 +261,34 @@ public class DefaultZmsClient extends ClientBase implements ZmsClient {
                 .collect(Collectors.toList());
     }
 
+    @Override
+    public List<AthenzService> listServices(AthenzDomain athenzDomain) {
+        URI uri = zmsUrl.resolve(String.format("domain/%s/service", athenzDomain.getName()));
+        ServiceListResponseEntity execute = execute(RequestBuilder.get(uri).build(), response -> readEntity(response, ServiceListResponseEntity.class));
+
+        return execute.services.stream()
+                .map(serviceName -> new AthenzService(athenzDomain, serviceName))
+                .collect(Collectors.toList());
+    }
+
+    @Override
+    public void createOrUpdateService(AthenzService athenzService) {
+        URI uri = zmsUrl.resolve(String.format("domain/%s/service/%s", athenzService.getDomainName(), athenzService.getName()));
+
+        var serviceEntity = new ServiceEntity(athenzService.getFullName());
+
+        var request = RequestBuilder.put(uri)
+                .setEntity(toJsonStringEntity(serviceEntity))
+                .build();
+        execute(request, response -> readEntity(response, Void.class));
+    }
+
+    @Override
+    public void deleteService(AthenzService athenzService) {
+        URI uri = zmsUrl.resolve(String.format("domain/%s/service/%s", athenzService.getDomainName(), athenzService.getName()));
+        execute(RequestBuilder.delete(uri).build(), response -> readEntity(response, Void.class));
+    }
+
     private static Header createCookieHeaderWithOktaTokens(OktaIdentityToken identityToken, OktaAccessToken accessToken) {
         return new BasicHeader("Cookie", String.format("okta_at=%s; okta_it=%s", accessToken.token(), identityToken.token()));
     }
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java
index 03afc9278cc..2807d20f5c6 100644
--- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/ZmsClient.java
@@ -6,6 +6,7 @@ import com.yahoo.vespa.athenz.api.AthenzGroup;
 import com.yahoo.vespa.athenz.api.AthenzIdentity;
 import com.yahoo.vespa.athenz.api.AthenzResourceName;
 import com.yahoo.vespa.athenz.api.AthenzRole;
+import com.yahoo.vespa.athenz.api.AthenzService;
 import com.yahoo.vespa.athenz.api.AthenzUser;
 import com.yahoo.vespa.athenz.api.OktaAccessToken;
 import com.yahoo.vespa.athenz.api.OktaIdentityToken;
@@ -54,5 +55,11 @@ public interface ZmsClient extends AutoCloseable {
 
     List<AthenzIdentity> listMembers(AthenzRole athenzRole);
 
+    List<AthenzService> listServices(AthenzDomain athenzDomain);
+
+    void createOrUpdateService(AthenzService athenzService);
+
+    void deleteService(AthenzService athenzService);
+
     void close();
 }
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ServiceEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ServiceEntity.java
new file mode 100644
index 00000000000..aebbc408f69
--- /dev/null
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ServiceEntity.java
@@ -0,0 +1,25 @@
+// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.vespa.athenz.client.zms.bindings;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonGetter;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+/**
+ * @author andreer
+ */
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class ServiceEntity {
+    public final String name;
+
+    @JsonCreator
+    public ServiceEntity(@JsonProperty("name") String name) {
+        this.name = name;
+    }
+
+    @JsonGetter("name")
+    public String name() {
+        return name;
+    }
+}
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ServiceListResponseEntity.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ServiceListResponseEntity.java
new file mode 100644
index 00000000000..2d32af8a841
--- /dev/null
+++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/client/zms/bindings/ServiceListResponseEntity.java
@@ -0,0 +1,21 @@
+// Copyright Verizon Media. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.vespa.athenz.client.zms.bindings;
+
+import com.fasterxml.jackson.annotation.JsonCreator;
+import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
+import com.fasterxml.jackson.annotation.JsonProperty;
+
+import java.util.List;
+
+/**
+ * @author andreer
+ */
+@JsonIgnoreProperties(ignoreUnknown = true)
+public class ServiceListResponseEntity {
+    public final List<String> services;
+
+    @JsonCreator
+    public ServiceListResponseEntity(@JsonProperty("names") List<String> services) {
+        this.services = services;
+    }
+}
author	Andreas Eriksen <andreer@verizonmedia.com>	2021-08-12 11:25:47 +0200
committer	GitHub <noreply@github.com>	2021-08-12 11:25:47 +0200
commit	2e543d310304136c2785d49d42d82e396f6f10ac (patch)
tree	a26197a5d36e46d20d3fec704d6f98c319891150 /vespa-athenz
parent	6f2c8f6f52c08172f986e8ea67b7221e0d40db43 (diff)