diff options
Diffstat (limited to 'config-provisioning')
4 files changed, 171 insertions, 39 deletions
diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java b/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java index 215afbca255..8026e4c5205 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/CloudAccount.java @@ -1,40 +1,41 @@ // Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.config.provision; -import ai.vespa.validation.PatternedStringWrapper; -import ai.vespa.validation.Validation; - +import java.util.Map; +import java.util.Objects; import java.util.regex.Pattern; +import java.util.stream.Collectors; /** * Identifies an account in a public cloud, such as {@link CloudName#AWS} or {@link CloudName#GCP}. * * @author mpolden */ -public class CloudAccount extends PatternedStringWrapper<CloudAccount> { +public class CloudAccount implements Comparable<CloudAccount> { - private static final String EMPTY = ""; - private static final String AWS_ACCOUNT_ID = "[0-9]{12}"; - private static final Pattern AWS_ACCOUNT_ID_PATTERN = Pattern.compile(AWS_ACCOUNT_ID); - private static final String GCP_PROJECT_ID = "[a-z][a-z0-9-]{4,28}[a-z0-9]"; - private static final Pattern GCP_PROJECT_ID_PATTERN = Pattern.compile(GCP_PROJECT_ID); + private record CloudMeta(String accountType, Pattern pattern) { + private boolean matches(String account) { return pattern.matcher(account).matches(); } + } + private static final Map<String, CloudMeta> META_BY_CLOUD = Map.of( + "aws", new CloudMeta("Account ID", Pattern.compile("[0-9]{12}")), + "gcp", new CloudMeta("Project ID", Pattern.compile("[a-z][a-z0-9-]{4,28}[a-z0-9]"))); /** Empty value. When this is used, either implicitly or explicitly, the zone will use its default account */ - public static final CloudAccount empty = new CloudAccount("", EMPTY, "cloud account"); + public static final CloudAccount empty = new CloudAccount("", CloudName.DEFAULT); - /** Verifies accountId is a valid AWS account ID, or throw an IllegalArgumentException. */ - public static void requireAwsAccountId(String accountId) { - Validation.requireMatch(accountId, "AWS account ID", AWS_ACCOUNT_ID_PATTERN); - } + private final String account; + private final CloudName cloudName; - /** Verifies accountId is a valid GCP project ID, or throw an IllegalArgumentException. */ - public static void requireGcpProjectId(String projectId) { - Validation.requireMatch(projectId, "GCP project ID", GCP_PROJECT_ID_PATTERN); + private CloudAccount(String account, CloudName cloudName) { + this.account = account; + this.cloudName = cloudName; } - private CloudAccount(String value, String regex, String description) { - super(value, Pattern.compile("^(" + regex + ")$"), description); - } + public String account() { return account; } + public CloudName cloudName() { return cloudName; } + + /** Returns the serialized value of this account that can be deserialized with {@link CloudAccount#from} */ + public final String value() { return account; } // TODO (freva): Change to cloudName:account public boolean isUnspecified() { return this.equals(empty); @@ -47,27 +48,56 @@ public class CloudAccount extends PatternedStringWrapper<CloudAccount> { !equals(zone.cloud().account()); } - /** Verifies this account is a valid AWS account ID, or throw an IllegalArgumentException. */ - public void requireAwsAccountId() { - requireAwsAccountId(value()); + @Override + public String toString() { + return isUnspecified() ? "unspecified account" : "account '" + account + "' in " + cloudName; } - /** Verifies this account is a valid GCP project ID, or throw an IllegalArgumentException. */ - public void requireGcpProjectId() { - requireGcpProjectId(value()); + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + CloudAccount that = (CloudAccount) o; + return account.equals(that.account) && cloudName.equals(that.cloudName); } + @Override + public int hashCode() { + return Objects.hash(account, cloudName); + } + + @Override + public int compareTo(CloudAccount o) { + return this.value().compareTo(o.value()); + } + + public static CloudAccount from(String cloudAccount) { - return switch (cloudAccount) { + int index = cloudAccount.indexOf(':'); + if (index < 0) { // Tenants are allowed to specify "default" in services.xml. - case "", "default" -> empty; - default -> new CloudAccount(cloudAccount, AWS_ACCOUNT_ID + "|" + GCP_PROJECT_ID, "cloud account"); - }; + if (cloudAccount.isEmpty() || cloudAccount.equals("default")) + return empty; + if (META_BY_CLOUD.get("aws").matches(cloudAccount)) + return new CloudAccount(cloudAccount, CloudName.AWS); + if (META_BY_CLOUD.get("gcp").matches(cloudAccount)) // TODO (freva): Remove July 2023 + return new CloudAccount(cloudAccount, CloudName.GCP); + throw illegal(cloudAccount, "Must be on format '<cloud-name>:<account>' or 'default'"); + } + + String cloud = cloudAccount.substring(0, index); + String account = cloudAccount.substring(index + 1); + CloudMeta cloudMeta = META_BY_CLOUD.get(cloud); + if (cloudMeta == null) + throw illegal(cloudAccount, "Cloud name must be one of: " + META_BY_CLOUD.keySet().stream().sorted().collect(Collectors.joining(", "))); + + if (!cloudMeta.matches(account)) + throw illegal(cloudAccount, cloudMeta.accountType + " must match '" + cloudMeta.pattern.pattern() + "'"); + return new CloudAccount(account, CloudName.from(cloud)); } - @Override - public String toString() { - return isUnspecified() ? "unspecified account" : "account '" + value() + "'"; + private static IllegalArgumentException illegal(String cloudAccount, String details) { + return new IllegalArgumentException("Invalid cloud account '" + cloudAccount + "': " + details); } } diff --git a/config-provisioning/src/main/java/com/yahoo/config/provision/CloudName.java b/config-provisioning/src/main/java/com/yahoo/config/provision/CloudName.java index ba262136abe..e1d7afdc9f0 100644 --- a/config-provisioning/src/main/java/com/yahoo/config/provision/CloudName.java +++ b/config-provisioning/src/main/java/com/yahoo/config/provision/CloudName.java @@ -3,7 +3,6 @@ package com.yahoo.config.provision; import ai.vespa.validation.PatternedStringWrapper; -import java.util.Objects; import java.util.regex.Pattern; /** @@ -14,17 +13,23 @@ import java.util.regex.Pattern; public class CloudName extends PatternedStringWrapper<CloudName> { private static final Pattern pattern = Pattern.compile("[a-z]([a-z0-9-]*[a-z0-9])*"); - public static final CloudName AWS = from("aws"); - public static final CloudName GCP = from("gcp"); - public static final CloudName DEFAULT = from("default"); - public static final CloudName YAHOO = from("yahoo"); + public static final CloudName AWS = new CloudName("aws"); + public static final CloudName GCP = new CloudName("gcp"); + public static final CloudName DEFAULT = new CloudName("default"); + public static final CloudName YAHOO = new CloudName("yahoo"); private CloudName(String cloud) { super(cloud, pattern, "cloud name"); } public static CloudName from(String cloud) { - return new CloudName(cloud); + return switch (cloud) { + case "aws" -> AWS; + case "gcp" -> GCP; + case "default" -> DEFAULT; + case "yahoo" -> YAHOO; + default -> new CloudName(cloud); + }; } } diff --git a/config-provisioning/src/test/java/com/yahoo/config/provision/CloudAccountTest.java b/config-provisioning/src/test/java/com/yahoo/config/provision/CloudAccountTest.java new file mode 100644 index 00000000000..4eee52def6c --- /dev/null +++ b/config-provisioning/src/test/java/com/yahoo/config/provision/CloudAccountTest.java @@ -0,0 +1,75 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.config.provision; + +import org.junit.jupiter.api.Test; + +import java.util.List; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertFalse; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; + +/** + * @author freva + */ +class CloudAccountTest { + + @Test + void aws_accounts() { + CloudAccount oldFormat = CloudAccount.from("123456789012"); + CloudAccount newFormat = CloudAccount.from("aws:123456789012"); + assertEquals(oldFormat, newFormat); + + for (CloudAccount account : List.of(oldFormat, newFormat)) { + assertFalse(account.isUnspecified()); + assertEquals(account, CloudAccount.from(account.value())); + assertEquals("123456789012", account.account()); + assertEquals(CloudName.AWS, account.cloudName()); + assertEquals("123456789012", account.value()); + } + } + + @Test + void gcp_accounts() { + CloudAccount oldFormat = CloudAccount.from("my-project"); + CloudAccount newFormat = CloudAccount.from("gcp:my-project"); + assertEquals(oldFormat, newFormat); + + for (CloudAccount account : List.of(oldFormat, newFormat)) { + assertFalse(account.isUnspecified()); + assertEquals(account, CloudAccount.from(account.value())); + assertEquals("my-project", account.account()); + assertEquals(CloudName.GCP, account.cloudName()); + assertEquals("my-project", account.value()); + } + } + + @Test + void default_accounts() { + CloudAccount variant1 = CloudAccount.from(""); + CloudAccount variant2 = CloudAccount.from("default"); + assertEquals(variant1, variant2); + + for (CloudAccount account : List.of(variant1, variant2)) { + assertTrue(account.isUnspecified()); + assertEquals(account, CloudAccount.from(account.value())); + assertEquals("", account.account()); + assertEquals(CloudName.DEFAULT, account.cloudName()); + assertEquals("", account.value()); + } + } + + @Test + void invalid_accounts() { + assertInvalidAccount("aws:123", "Invalid cloud account 'aws:123': Account ID must match '[0-9]{12}'"); + assertInvalidAccount("gcp:123", "Invalid cloud account 'gcp:123': Project ID must match '[a-z][a-z0-9-]{4,28}[a-z0-9]'"); + assertInvalidAccount("$something", "Invalid cloud account '$something': Must be on format '<cloud-name>:<account>' or 'default'"); + assertInvalidAccount("unknown:account", "Invalid cloud account 'unknown:account': Cloud name must be one of: aws, gcp"); + } + + private static void assertInvalidAccount(String account, String message) { + IllegalArgumentException exception = assertThrows(IllegalArgumentException.class, () -> CloudAccount.from(account)); + assertEquals(message, exception.getMessage()); + } +} diff --git a/config-provisioning/src/test/java/com/yahoo/config/provision/CloudNameTest.java b/config-provisioning/src/test/java/com/yahoo/config/provision/CloudNameTest.java new file mode 100644 index 00000000000..b030233d459 --- /dev/null +++ b/config-provisioning/src/test/java/com/yahoo/config/provision/CloudNameTest.java @@ -0,0 +1,22 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.config.provision; + +import org.junit.jupiter.api.Test; + +import static org.junit.jupiter.api.Assertions.assertSame; +import static org.junit.jupiter.api.Assertions.assertThrows; + +/** + * @author freva + */ +class CloudNameTest { + + @Test + void returns_same_instance_for_known_clouds() { + assertSame(CloudName.from("aws"), CloudName.AWS); + assertSame(CloudName.from("gcp"), CloudName.GCP); + assertSame(CloudName.from("default"), CloudName.DEFAULT); + assertSame(CloudName.from("yahoo"), CloudName.YAHOO); + assertThrows(IllegalArgumentException.class, () -> CloudName.from("aWs")); // Must be lower case + } +} |