diff options
-rw-r--r-- | controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/ServiceRegistry.java | 4 | ||||
-rw-r--r-- | controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/NoopRoleService.java (renamed from controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/NoopApplicationRoleService.java) | 13 | ||||
-rw-r--r-- | controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/RoleService.java (renamed from controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/ApplicationRoleService.java) | 9 | ||||
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java | 2 | ||||
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java | 1 | ||||
-rw-r--r-- | controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ServiceRegistryMock.java | 10 |
6 files changed, 29 insertions, 10 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/ServiceRegistry.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/ServiceRegistry.java index 4006d68ba1f..d35f8f00fd1 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/ServiceRegistry.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/ServiceRegistry.java @@ -1,7 +1,7 @@ // Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.controller.api.integration; -import com.yahoo.vespa.hosted.controller.api.integration.aws.ApplicationRoleService; +import com.yahoo.vespa.hosted.controller.api.integration.aws.RoleService; import com.yahoo.vespa.hosted.controller.api.integration.aws.AwsEventFetcher; import com.yahoo.vespa.hosted.controller.api.integration.aws.ResourceTagger; import com.yahoo.vespa.hosted.controller.api.integration.billing.BillingController; @@ -74,7 +74,7 @@ public interface ServiceRegistry { ResourceTagger resourceTagger(); - ApplicationRoleService applicationRoleService(); + RoleService roleService(); SystemMonitor systemMonitor(); diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/NoopApplicationRoleService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/NoopRoleService.java index 4842389bccb..81fec1582d0 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/NoopApplicationRoleService.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/NoopRoleService.java @@ -2,16 +2,27 @@ package com.yahoo.vespa.hosted.controller.api.integration.aws; import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.TenantName; import java.util.Optional; /** * @author mortent */ -public class NoopApplicationRoleService implements ApplicationRoleService { +public class NoopRoleService implements RoleService { @Override public Optional<ApplicationRoles> createApplicationRoles(ApplicationId applicationId) { return Optional.empty(); } + + @Override + public String createTenantRole(TenantName tenant) { + return ""; + } + + @Override + public String createTenantPolicy(TenantName tenant, String policyName, String awsId, String role) { + return ""; + } } diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/ApplicationRoleService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/RoleService.java index e72ba5823d8..93c86c406b4 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/ApplicationRoleService.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/aws/RoleService.java @@ -2,12 +2,19 @@ package com.yahoo.vespa.hosted.controller.api.integration.aws; import com.yahoo.config.provision.ApplicationId; +import com.yahoo.config.provision.TenantName; import java.util.Optional; /** * @author mortent */ -public interface ApplicationRoleService { +public interface RoleService { + Optional<ApplicationRoles> createApplicationRoles(ApplicationId applicationId); + + String createTenantRole(TenantName tenant); + + String createTenantPolicy(TenantName tenant, String policyName, String awsId, String role); + } diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java index 8447353a869..42ac73a61d9 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java @@ -406,7 +406,7 @@ public class ApplicationController { // Provision application roles if enabled for the zone if (provisionApplicationRoles.with(FetchVector.Dimension.ZONE_ID, zone.value()).value()) { try { - applicationRoles = controller.serviceRegistry().applicationRoleService().createApplicationRoles(instance.id()); + applicationRoles = controller.serviceRegistry().roleService().createApplicationRoles(instance.id()); } catch (Exception e) { log.log(Level.SEVERE, "Exception creating application roles for application: " + instance.id(), e); throw new RuntimeException("Unable to provision iam roles for application"); diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java index 4c9cf4f105f..24b9efc3c77 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/TenantController.java @@ -101,6 +101,7 @@ public class TenantController { requireNonExistent(tenantSpec.tenant()); TenantId.validate(tenantSpec.tenant().value()); curator.writeTenant(accessControl.createTenant(tenantSpec, controller.clock().instant(), credentials, asList())); + controller.serviceRegistry().roleService().createTenantRole(tenantSpec.tenant()); } } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ServiceRegistryMock.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ServiceRegistryMock.java index ae1e2c38e6a..fd0e7c20896 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ServiceRegistryMock.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ServiceRegistryMock.java @@ -7,10 +7,10 @@ import com.yahoo.component.AbstractComponent; import com.yahoo.config.provision.SystemName; import com.yahoo.test.ManualClock; import com.yahoo.vespa.hosted.controller.api.integration.ServiceRegistry; -import com.yahoo.vespa.hosted.controller.api.integration.aws.ApplicationRoleService; +import com.yahoo.vespa.hosted.controller.api.integration.aws.RoleService; import com.yahoo.vespa.hosted.controller.api.integration.aws.MockAwsEventFetcher; import com.yahoo.vespa.hosted.controller.api.integration.aws.MockResourceTagger; -import com.yahoo.vespa.hosted.controller.api.integration.aws.NoopApplicationRoleService; +import com.yahoo.vespa.hosted.controller.api.integration.aws.NoopRoleService; import com.yahoo.vespa.hosted.controller.api.integration.aws.ResourceTagger; import com.yahoo.vespa.hosted.controller.api.integration.billing.BillingController; import com.yahoo.vespa.hosted.controller.api.integration.billing.MockBillingController; @@ -58,7 +58,7 @@ public class ServiceRegistryMock extends AbstractComponent implements ServiceReg private final ApplicationStoreMock applicationStoreMock = new ApplicationStoreMock(); private final MockRunDataStore mockRunDataStore = new MockRunDataStore(); private final MockResourceTagger mockResourceTagger = new MockResourceTagger(); - private final ApplicationRoleService applicationRoleService = new NoopApplicationRoleService(); + private final RoleService roleService = new NoopRoleService(); private final BillingController billingController = new MockBillingController(); private final ContainerRegistryMock containerRegistry = new ContainerRegistryMock(); @@ -178,8 +178,8 @@ public class ServiceRegistryMock extends AbstractComponent implements ServiceReg } @Override - public ApplicationRoleService applicationRoleService() { - return applicationRoleService; + public RoleService roleService() { + return roleService; } @Override |