diff options
Diffstat (limited to 'controller-server')
6 files changed, 56 insertions, 32 deletions
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java index 52ac9c8088a..5eab75e4282 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTest.java @@ -13,8 +13,6 @@ import com.yahoo.config.provision.RegionName; import com.yahoo.config.provision.SystemName; import com.yahoo.config.provision.TenantName; import com.yahoo.config.provision.zone.ZoneId; -import com.yahoo.vespa.flags.Flags; -import com.yahoo.vespa.flags.InMemoryFlagSource; import com.yahoo.vespa.hosted.controller.api.application.v4.model.DeployOptions; import com.yahoo.vespa.hosted.controller.api.application.v4.model.EndpointStatus; import com.yahoo.vespa.hosted.controller.api.identifiers.DeploymentId; @@ -557,7 +555,8 @@ public class ControllerTest { .allow(ValidationId.globalEndpointChange) .build(); context.submit(applicationPackage); - tester.applications().deleteApplication(context.application().id(), tester.controllerTester().credentialsFor(context.application().id())); + tester.applications().deleteApplication(context.application().id(), + tester.controllerTester().credentialsFor(context.application().id().tenant())); try (RotationLock lock = tester.applications().rotationRepository().lock()) { assertTrue("Rotation is unassigned", tester.applications().rotationRepository().availableRotations(lock) diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java index ff6a5d3795f..82d35701e7e 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/ControllerTester.java @@ -26,6 +26,7 @@ import com.yahoo.vespa.hosted.controller.api.integration.dns.Record; import com.yahoo.vespa.hosted.controller.api.integration.dns.RecordName; import com.yahoo.vespa.hosted.controller.api.integration.organization.Contact; import com.yahoo.vespa.hosted.controller.api.integration.stubs.MockMavenRepository; +import com.yahoo.vespa.hosted.controller.api.role.SimplePrincipal; import com.yahoo.vespa.hosted.controller.application.ApplicationPackage; import com.yahoo.vespa.hosted.controller.application.SystemApplication; import com.yahoo.vespa.hosted.controller.application.TenantAndApplicationId; @@ -38,7 +39,9 @@ import com.yahoo.vespa.hosted.controller.persistence.MockCuratorDb; import com.yahoo.vespa.hosted.controller.restapi.ContainerTester; import com.yahoo.vespa.hosted.controller.security.AthenzCredentials; import com.yahoo.vespa.hosted.controller.security.AthenzTenantSpec; +import com.yahoo.vespa.hosted.controller.security.CloudTenantSpec; import com.yahoo.vespa.hosted.controller.security.Credentials; +import com.yahoo.vespa.hosted.controller.security.TenantSpec; import com.yahoo.vespa.hosted.controller.tenant.AthenzTenant; import com.yahoo.vespa.hosted.controller.tenant.Tenant; import com.yahoo.vespa.hosted.controller.versions.ControllerVersion; @@ -271,12 +274,24 @@ public final class ControllerTester { return domain; } - public Optional<AthenzDomain> domainOf(TenantAndApplicationId id) { - Tenant tenant = controller().tenants().require(id.tenant()); - return tenant.type() == Tenant.Type.athenz ? Optional.of(((AthenzTenant) tenant).domain()) : Optional.empty(); + public TenantName createTenant(String tenantName) { + return createTenant(tenantName, "domain" + nextDomainId.getAndIncrement(), + nextPropertyId.getAndIncrement()); + } + + public TenantName createTenant(String tenantName, Tenant.Type type) { + switch (type) { + case athenz: return createTenant(tenantName, "domain" + nextDomainId.getAndIncrement(), nextPropertyId.getAndIncrement()); + case cloud: return createCloudTenant(tenantName); + default: throw new UnsupportedOperationException(); + } } - public TenantName createTenant(String tenantName, String domainName, Long propertyId, Optional<Contact> contact) { + public TenantName createTenant(String tenantName, String domainName, Long propertyId) { + return createAthenzTenant(tenantName, domainName, propertyId, Optional.empty()); + } + + private TenantName createAthenzTenant(String tenantName, String domainName, Long propertyId, Optional<Contact> contact) { TenantName name = TenantName.from(tenantName); Optional<Tenant> existing = controller().tenants().get(name); if (existing.isPresent()) return name; @@ -296,37 +311,48 @@ public final class ControllerTester { return name; } - public TenantName createTenant(String tenantName) { - return createTenant(tenantName, "domain" + nextDomainId.getAndIncrement(), - nextPropertyId.getAndIncrement()); + private TenantName createCloudTenant(String tenantName) { + TenantName tenant = TenantName.from(tenantName); + TenantSpec spec = new CloudTenantSpec(tenant, "token"); + controller().tenants().create(spec, new Credentials(new SimplePrincipal("dev"))); + return tenant; } - public TenantName createTenant(String tenantName, String domainName, Long propertyId) { - return createTenant(tenantName, domainName, propertyId, Optional.empty()); - } + public Optional<Credentials> credentialsFor(TenantName tenantName) { + Tenant tenant = controller().tenants().require(tenantName); + + switch (tenant.type()) { + case athenz: + return Optional.of(new AthenzCredentials(new AthenzPrincipal(new AthenzUser("user")), + ((AthenzTenant) tenant).domain(), + new OktaIdentityToken("okta-identity-token"), + new OktaAccessToken("okta-access-token"))); + case cloud: + return Optional.of(new Credentials(new SimplePrincipal("dev"))); - public Optional<Credentials> credentialsFor(TenantAndApplicationId id) { - return domainOf(id).map(domain -> new AthenzCredentials(new AthenzPrincipal(new AthenzUser("user")), - domain, - new OktaIdentityToken("okta-identity-token"), - new OktaAccessToken("okta-access-token"))); + default: + return Optional.empty(); + } } - public Application createApplication(TenantName tenant, String applicationName, String instanceName) { - return createApplication(tenant, applicationName, instanceName, nextProjectId.getAndIncrement()); + public Application createApplication(String tenant, String applicationName, String instanceName) { + Application application = createApplication(tenant, applicationName); + controller().applications().createInstance(application.id().instance(instanceName)); + return application; } - public Application createApplication(TenantName tenant, String applicationName, String instanceName, long projectId) { - TenantAndApplicationId applicationId = TenantAndApplicationId.from(tenant.value(), applicationName); - controller().applications().createApplication(applicationId, credentialsFor(applicationId)); - controller().applications().lockApplicationOrThrow(applicationId, application -> - controller().applications().store(application.withProjectId(OptionalLong.of(projectId)))); - controller().applications().createInstance(applicationId.instance(instanceName)); + public Application createApplication(String tenant, String applicationName) { + TenantAndApplicationId applicationId = TenantAndApplicationId.from(tenant, applicationName); + controller().applications().getApplication(applicationId) + .orElseGet(() -> controller().applications().createApplication(applicationId, credentialsFor(applicationId.tenant()))); + controller().applications().lockApplicationOrThrow(applicationId, app -> + controller().applications().store(app.withProjectId(OptionalLong.of(nextProjectId.getAndIncrement())))); Application application = controller().applications().requireApplication(applicationId); assertTrue(application.projectId().isPresent()); return application; } + public void deploy(ApplicationId id, ZoneId zone) { deploy(id, zone, new ApplicationPackage(new byte[0])); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentContext.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentContext.java index 6016eed4704..6e84c28ff85 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentContext.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/deployment/DeploymentContext.java @@ -118,7 +118,7 @@ public class DeploymentContext { private void createTenantAndApplication() { try { var tenant = tester.createTenant(instanceId.tenant().value()); - tester.createApplication(tenant, instanceId.application().value(), instanceId.instance().value()); + tester.createApplication(tenant.value(), instanceId.application().value(), instanceId.instance().value()); } catch (IllegalArgumentException ignored) { } // Tenant and or application may already exist with custom setup. } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainerTest.java index 0bab1cee392..ff72a2f7231 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainerTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/ClusterInfoMaintainerTest.java @@ -7,7 +7,6 @@ import com.yahoo.config.provision.ClusterSpec; import com.yahoo.config.provision.HostName; import com.yahoo.config.provision.NodeResources; import com.yahoo.config.provision.NodeType; -import com.yahoo.config.provision.TenantName; import com.yahoo.config.provision.zone.ZoneId; import com.yahoo.vespa.hosted.controller.ControllerTester; import com.yahoo.vespa.hosted.controller.api.integration.configserver.Node; @@ -30,7 +29,7 @@ public class ClusterInfoMaintainerTest { @Test public void maintain() { tester.createTenant("tenant1", "domain123", 321L); - ApplicationId app = tester.createApplication(TenantName.from("tenant1"), "app1", "default", 123).id().defaultInstance(); + ApplicationId app = tester.createApplication("tenant1", "app1", "default").id().defaultInstance(); ZoneId zone = ZoneId.from("dev", "us-east-1"); tester.deploy(app, zone); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/JobRunnerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/JobRunnerTest.java index f7d451ab931..a1c83cb488d 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/JobRunnerTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/maintenance/JobRunnerTest.java @@ -221,7 +221,7 @@ public class JobRunnerTest { // Thread is still trying to deploy tester -- delete application, and see all data is garbage collected. assertEquals(Collections.singletonList(runId), jobs.active().stream().map(run -> run.id()).collect(Collectors.toList())); - tester.controllerTester().controller().applications().deleteApplication(TenantAndApplicationId.from(id), tester.controllerTester().credentialsFor(TenantAndApplicationId.from(id))); + tester.controllerTester().controller().applications().deleteApplication(TenantAndApplicationId.from(id), tester.controllerTester().credentialsFor(id.tenant())); assertEquals(Collections.emptyList(), jobs.active()); assertEquals(runId, jobs.last(id, systemTest).get().id()); diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java index 0aba88ccc77..670413d2dd0 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/restapi/filter/AthenzRoleFilterTest.java @@ -58,14 +58,14 @@ public class AthenzRoleFilterTest { tester.athenzDb().hostedOperators.add(HOSTED_OPERATOR.getIdentity()); tester.createTenant(TENANT.value(), TENANT_DOMAIN.getName(), null); - tester.createApplication(TENANT, APPLICATION.value(), "default", 12345); + tester.createApplication(TENANT.value(), APPLICATION.value(), "default"); AthenzDbMock.Domain tenantDomain = tester.athenzDb().domains.get(TENANT_DOMAIN); tenantDomain.admins.add(TENANT_ADMIN.getIdentity()); tenantDomain.admins.add(TENANT_ADMIN_AND_PIPELINE.getIdentity()); tenantDomain.applications.get(new ApplicationId(APPLICATION.value())).addRoleMember(ApplicationAction.deploy, TENANT_PIPELINE.getIdentity()); tenantDomain.applications.get(new ApplicationId(APPLICATION.value())).addRoleMember(ApplicationAction.deploy, TENANT_ADMIN_AND_PIPELINE.getIdentity()); tester.createTenant(TENANT2.value(), TENANT_DOMAIN2.getName(), null); - tester.createApplication(TENANT2, APPLICATION.value(), "default", 42); + tester.createApplication(TENANT2.value(), APPLICATION.value(), "default"); } @Test |