aboutsummaryrefslogtreecommitdiffstats
path: root/config-model/src/test/java/com/yahoo/vespa/model/application/validation/CloudHttpConnectorValidatorTest.java
diff options
context:
space:
mode:
Diffstat (limited to 'config-model/src/test/java/com/yahoo/vespa/model/application/validation/CloudHttpConnectorValidatorTest.java')
-rw-r--r--config-model/src/test/java/com/yahoo/vespa/model/application/validation/CloudHttpConnectorValidatorTest.java103
1 files changed, 103 insertions, 0 deletions
diff --git a/config-model/src/test/java/com/yahoo/vespa/model/application/validation/CloudHttpConnectorValidatorTest.java b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/CloudHttpConnectorValidatorTest.java
new file mode 100644
index 00000000000..6a2eed1d21b
--- /dev/null
+++ b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/CloudHttpConnectorValidatorTest.java
@@ -0,0 +1,103 @@
+// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+
+package com.yahoo.vespa.model.application.validation;
+
+import com.yahoo.config.model.NullConfigModelRegistry;
+import com.yahoo.config.model.deploy.DeployState;
+import com.yahoo.config.model.deploy.TestProperties;
+import com.yahoo.config.model.test.MockApplicationPackage;
+import com.yahoo.vespa.model.VespaModel;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+/**
+ * @author bjorncs
+ */
+class CloudHttpConnectorValidatorTest {
+
+ private static final String CUSTOM_SSL_ON_8080 =
+ """
+ <server port='8080' id='default'>
+ <ssl>
+ <private-key-file>/foo/key</private-key-file>
+ <certificate-file>/foo/cert</certificate-file>
+ </ssl>
+ </server>
+ """;
+
+ private static final String DEFAULT_SSL_ON_8080 =
+ """
+ <server port='8080' id='default'/>
+ """;
+
+ private static final String ADDITIONAL_CONNECTOR =
+ """
+ <server port='8080' id='default'/>
+ <server port='1234' id='custom'/>
+ """;
+
+ @Test
+ void fails_on_custom_ssl_for_cloud_application() {
+ var exception = assertThrows(IllegalArgumentException.class, () -> runValidatorOnApp(true, "", CUSTOM_SSL_ON_8080));
+ var expected = "Overriding connector specific TLS configuration is not allowed in Vespa Cloud. " +
+ "See https://cloud.vespa.ai/en/security/guide#data-plane.";
+ assertEquals(expected, exception.getMessage());
+ }
+
+ @Test
+ void allows_custom_ssl_for_infra() {
+ assertDoesNotThrow(() -> runValidatorOnApp(true, " application-type='hosted-infrastructure'", CUSTOM_SSL_ON_8080));
+ }
+
+ @Test
+ void allows_custom_ssl_for_self_hosted() {
+ assertDoesNotThrow(() -> runValidatorOnApp(false, "", CUSTOM_SSL_ON_8080));
+ }
+
+ @Test
+ void fails_on_additional_connectors_for_cloud_application() {
+ var exception = assertThrows(IllegalArgumentException.class, () -> runValidatorOnApp(true, "", ADDITIONAL_CONNECTOR));
+ var expected = "Illegal port 1234 in http server 'custom': Port must be set to 8080"; // Currently fails earlier in model construction
+ assertEquals(expected, exception.getMessage());
+ }
+
+ @Test
+ void allows_additional_connectors_for_self_hosted() {
+ assertDoesNotThrow(() -> runValidatorOnApp(false, "", ADDITIONAL_CONNECTOR));
+ }
+
+ @Test
+ void allows_default_ssl_for_cloud_application() {
+ assertDoesNotThrow(() -> runValidatorOnApp(true, "", DEFAULT_SSL_ON_8080));
+ }
+
+ @Test
+ void allows_default_ssl_for_self_hosted() {
+ assertDoesNotThrow(() -> runValidatorOnApp(false, "", DEFAULT_SSL_ON_8080));
+ }
+
+ private static void runValidatorOnApp(boolean hosted, String appTypeAttribute, String serverXml) throws Exception {
+ String servicesXml = """
+ <services version='1.0'%s>
+ <container version='1.0'>
+ <http>
+ %s
+ </http>
+ </container>
+ </services>
+ """.formatted(appTypeAttribute, serverXml);
+ var state = new DeployState.Builder()
+ .applicationPackage(
+ new MockApplicationPackage.Builder()
+ .withServices(servicesXml)
+ .build())
+ .properties(new TestProperties().setHostedVespa(hosted))
+ .build();
+ var model = new VespaModel(new NullConfigModelRegistry(), state);
+ new CloudHttpConnectorValidator().validate(model, state);
+ }
+
+} \ No newline at end of file