diff options
4 files changed, 42 insertions, 18 deletions
diff --git a/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java b/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java index 0ca1b3e5603..9c7380180f7 100644 --- a/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java +++ b/hosted-api/src/main/java/ai/vespa/hosted/api/Properties.java @@ -16,38 +16,62 @@ import java.util.Optional; */ public class Properties { + /** + * Returns the relevant application ID. This is the 'tenant', 'application' and 'instance' properties. + * The instance defaults to the user name of the current user, if not explicitly set. + */ public static ApplicationId application() { return ApplicationId.from(requireNonBlankProperty("tenant"), requireNonBlankProperty("application"), - getNonBlankProperty("instance").orElse("default")); + getNonBlankProperty("instance").orElse(user())); } + /** Returns the relevant environment, if this is set with the 'environment' property */ public static Optional<Environment> environment() { return getNonBlankProperty("environment").map(Environment::from); } + /** Returns the relevant region, if this is set with the 'region' property */ public static Optional<RegionName> region() { return getNonBlankProperty("region").map(RegionName::from); } - public static URI endpoint() { + /** Returns the URL of the API endpoint of the Vespa cloud. This must be set with the 'endpoint' property. */ + public static URI apiEndpoint() { return URI.create(requireNonBlankProperty("endpoint")); } - public static Path privateKeyFile() { + /** Returns the path of the API private key. This must be set with the 'privateKeyFile' property. */ + public static Path apiPrivateKeyFile() { return Paths.get(requireNonBlankProperty("privateKeyFile")); } - public static Optional<Path> certificateFile() { + /** Returns the path of the API certificate, if this is set with the 'certificateFile' property. */ + public static Optional<Path> apiCertificateFile() { return getNonBlankProperty("certificateFile").map(Paths::get); } + /** Returns the path of the data plane certificate file, if this is set with the 'dataPlaneCertificateFile' property. */ + public static Optional<Path> dataPlaneCertificateFile() { + return getNonBlankProperty("dataPlaneCertificateFile").map(Paths::get); + } + + /** Returns the path of the data plane private key file, if this is set with the 'dataPlanePrivateKeyFile' property. */ + public static Optional<Path> dataPlanePrivateKeyFile() { + return getNonBlankProperty("dataPlaneKeyFile").map(Paths::get); + } + + /** Returns the user name of the current user. This is set with the 'user.name' property. */ + public static String user() { + return System.getProperty("user.name"); + } + /** Returns the system property with the given name if it is set, or empty. */ public static Optional<String> getNonBlankProperty(String name) { return Optional.ofNullable(System.getProperty(name)).filter(value -> ! value.isBlank()); } - /** Returns the system property with the given name if it is set, or throws. */ + /** Returns the system property with the given name if it is set, or throws an IllegalStateException. */ public static String requireNonBlankProperty(String name) { return getNonBlankProperty(name).orElseThrow(() -> new IllegalStateException("Missing required property '" + name + "'")); } diff --git a/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java b/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java index 9de06e7f4da..f6a88ec83c2 100644 --- a/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java +++ b/tenant-auth/src/main/java/ai/vespa/hosted/auth/ApiAuthenticator.java @@ -8,13 +8,13 @@ public class ApiAuthenticator implements ai.vespa.hosted.api.ApiAuthenticator { /** Returns a controller client using mTLS if a key and certificate pair is provided, or signed requests otherwise. */ @Override public ControllerHttpClient controller() { - return Properties.certificateFile() - .map(certificateFile -> ControllerHttpClient.withKeyAndCertificate(Properties.endpoint(), - Properties.privateKeyFile(), + return Properties.apiCertificateFile() + .map(certificateFile -> ControllerHttpClient.withKeyAndCertificate(Properties.apiEndpoint(), + Properties.apiPrivateKeyFile(), certificateFile)) .orElseGet(() -> - ControllerHttpClient.withSignatureKey(Properties.endpoint(), - Properties.privateKeyFile(), + ControllerHttpClient.withSignatureKey(Properties.apiEndpoint(), + Properties.apiPrivateKeyFile(), Properties.application())); } diff --git a/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java b/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java index c9640763ac8..e51476907e2 100644 --- a/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java +++ b/tenant-auth/src/main/java/ai/vespa/hosted/auth/EndpointAuthenticator.java @@ -1,5 +1,6 @@ package ai.vespa.hosted.auth; +import ai.vespa.hosted.api.Properties; import com.yahoo.config.provision.SystemName; import com.yahoo.security.KeyUtils; import com.yahoo.security.SslContextBuilder; @@ -47,12 +48,10 @@ public class EndpointAuthenticator implements ai.vespa.hosted.api.EndpointAuthen privateKeyFile = credentialsRoot.resolve("key"); } else { - Optional<String> certificateFileProperty = getNonBlankProperty("dataPlaneCertificateFile"); - if (certificateFileProperty.isPresent()) - certificateFile = Path.of(certificateFileProperty.get()); - Optional<String> privateKeyFileProperty = getNonBlankProperty("dataPlaneKeyFile"); - if (privateKeyFileProperty.isPresent()) - privateKeyFile = Path.of(privateKeyFileProperty.get()); + if (Properties.dataPlaneCertificateFile().isPresent()) + certificateFile = Properties.dataPlaneCertificateFile().get(); + if (Properties.dataPlanePrivateKeyFile().isPresent()) + privateKeyFile = Properties.dataPlanePrivateKeyFile().get(); } if (certificateFile != null && privateKeyFile != null) { X509Certificate certificate = X509CertificateUtils.fromPem(new String(Files.readAllBytes(certificateFile))); @@ -67,7 +66,7 @@ public class EndpointAuthenticator implements ai.vespa.hosted.api.EndpointAuthen logger.warning( "##################################################################################\n" + "# Data plane key and/or certificate missing; please specify #\n" + "# '-DdataPlaneCertificateFile=/path/to/certificate' and #\n" - + "# '-DdataPlaneKeyFile=/path/to/private_key. #\n" + + "# '-DdataPlaneKeyFile=/path/to/private_key'. #\n" + "# Trying the default SSLContext, but this will most likely cause HTTP error 401. #\n" + "##################################################################################"); return SSLContext.getDefault(); diff --git a/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java b/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java index bf8f6f83f53..3f6817df96d 100644 --- a/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java +++ b/vespa-maven-plugin/src/main/java/ai/vespa/hosted/plugin/AbstractVespaMojo.java @@ -1,6 +1,7 @@ package ai.vespa.hosted.plugin; import ai.vespa.hosted.api.ControllerHttpClient; +import ai.vespa.hosted.api.Properties; import com.yahoo.config.provision.ApplicationId; import org.apache.maven.plugin.AbstractMojo; import org.apache.maven.plugin.MojoExecutionException; @@ -64,7 +65,7 @@ public abstract class AbstractVespaMojo extends AbstractMojo { protected void setup() { tenant = firstNonBlank(tenant, project.getProperties().getProperty("tenant")); application = firstNonBlank(application, project.getProperties().getProperty("application")); - instance = firstNonBlank(instance, project.getProperties().getProperty("instance", "default")); + instance = firstNonBlank(instance, project.getProperties().getProperty("instance", Properties.user())); id = ApplicationId.from(tenant, application, instance); controller = certificateFile == null |