From da86ba0bda9284d0d8884a8e9220d4f317dccb77 Mon Sep 17 00:00:00 2001 From: Morten Tokle Date: Tue, 21 Dec 2021 12:43:15 +0100 Subject: Allow developers to deploy application in manual zones --- .../hosted/controller/api/integration/athenz/ZmsClientMock.java | 2 +- .../main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java | 5 +++++ .../com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java | 3 +++ 3 files changed, 9 insertions(+), 1 deletion(-) (limited to 'controller-api') diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java index 4679f660319..9fb6fa1501b 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/ZmsClientMock.java @@ -40,7 +40,7 @@ public class ZmsClientMock implements ZmsClient { private final AthenzDbMock athenz; private final AthenzIdentity controllerIdentity; private static final Pattern TENANT_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.(?[\\w\\-_]+)\\..*"); - private static final Pattern APPLICATION_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.[\\w\\-_]+\\.res_group\\.(?[\\w\\-_]+)\\.wildcard"); + private static final Pattern APPLICATION_RESOURCE_PATTERN = Pattern.compile("service\\.hosting\\.tenant\\.[\\w\\-_]+\\.res_group\\.(?[\\w\\-_]+)\\.(?[.*]+)"); public ZmsClientMock(AthenzDbMock athenz, AthenzIdentity controllerIdentity) { this.athenz = athenz; diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java index 5cdd12ecb1c..c40c2d4db01 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/Role.java @@ -52,6 +52,11 @@ public abstract class Role { return new TenantRole(RoleDefinition.developer, tenant); } + /** Returns a {@link RoleDefinition#hostedDeveloper} for the current system and given tenant. */ + public static TenantRole hostedDeveloper(TenantName tenant) { + return new TenantRole(RoleDefinition.hostedDeveloper, tenant); + } + /** Returns a {@link RoleDefinition#administrator} for the current system and given tenant. */ public static TenantRole administrator(TenantName tenant) { return new TenantRole(RoleDefinition.administrator, tenant); diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java index eeb3bae4431..aed5c08f0db 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/role/RoleDefinition.java @@ -60,6 +60,9 @@ public enum RoleDefinition { Policy.billingInformationRead, Policy.secretStoreOperations), + /** Developer for manual deployments for a tenant */ + hostedDeveloper(Policy.developmentDeployment), + /** Admin — the administrative function for user management etc. */ administrator(Policy.tenantUpdate, Policy.tenantManager, -- cgit v1.2.3