From 9bd1ea0ff940c620460c5181c38541fcd9386483 Mon Sep 17 00:00:00 2001 From: Håkon Hallingstad Date: Wed, 10 Apr 2019 23:43:18 +0200 Subject: Use AthenzIdentity instead of AthensService --- .../hosted/controller/api/integration/athenz/AthenzClientFactory.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'controller-api') diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzClientFactory.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzClientFactory.java index aba3b5f3ab7..fffa849f7d3 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzClientFactory.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzClientFactory.java @@ -1,6 +1,7 @@ // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.controller.api.integration.athenz; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.athenz.client.zms.ZmsClient; import com.yahoo.vespa.athenz.client.zts.ZtsClient; @@ -10,7 +11,7 @@ import com.yahoo.vespa.athenz.client.zts.ZtsClient; */ public interface AthenzClientFactory { - AthenzService getControllerIdentity(); + AthenzIdentity getControllerIdentity(); ZmsClient createZmsClient(); -- cgit v1.2.3 From d10bd1e6874ac66f85adef060c3aaf41cdee3502 Mon Sep 17 00:00:00 2001 From: Håkon Hallingstad Date: Thu, 11 Apr 2019 11:56:48 +0200 Subject: More AthenzService -> AthenzIdentity --- .../vespa/hosted/controller/api/integration/zone/ZoneRegistry.java | 3 ++- .../hosted/controller/proxy/ConfigServerRestExecutorImpl.java | 2 +- .../vespa/hosted/controller/integration/ZoneRegistryMock.java | 2 +- .../yahoo/vespa/hosted/node/admin/component/ConfigServerInfo.java | 7 ++++--- .../admin/maintenance/identity/AthenzCredentialsMaintainer.java | 3 ++- 5 files changed, 10 insertions(+), 7 deletions(-) (limited to 'controller-api') diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/zone/ZoneRegistry.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/zone/ZoneRegistry.java index c168ddf6caf..db9291cd651 100644 --- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/zone/ZoneRegistry.java +++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/zone/ZoneRegistry.java @@ -9,6 +9,7 @@ import com.yahoo.config.provision.SystemName; import com.yahoo.config.provision.zone.UpgradePolicy; import com.yahoo.config.provision.zone.ZoneFilter; import com.yahoo.config.provision.zone.ZoneId; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.hosted.controller.api.identifiers.DeploymentId; import com.yahoo.vespa.hosted.controller.api.integration.deployment.RunId; @@ -53,7 +54,7 @@ public interface ZoneRegistry { SystemName system(); /** Return the configserver's Athenz service identity */ - AthenzService getConfigServerAthenzService(ZoneId zoneId); + AthenzIdentity getConfigServerAthenzIdentity(ZoneId zoneId); /** Returns the Vespa upgrade policy to use for zones in this registry */ UpgradePolicy upgradePolicy(); diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java index c223d051237..01d9a01a316 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/proxy/ConfigServerRestExecutorImpl.java @@ -268,7 +268,7 @@ public class ConfigServerRestExecutorImpl implements ConfigServerRestExecutor { AthenzIdentityVerifier hostnameVerifier = new AthenzIdentityVerifier( singleton( - zoneRegistry.getConfigServerAthenzService( + zoneRegistry.getConfigServerAthenzIdentity( ZoneId.from(proxyRequest.getEnvironment(), proxyRequest.getRegion())))); return HttpClientBuilder.create() .setUserAgent("config-server-proxy-client") diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java index 393268b4750..4248a513950 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/integration/ZoneRegistryMock.java @@ -101,7 +101,7 @@ public class ZoneRegistryMock extends AbstractComponent implements ZoneRegistry return ZoneFilterMock.from(Collections.unmodifiableList(zones)); } - public AthenzService getConfigServerAthenzService(ZoneId zone) { + public AthenzService getConfigServerAthenzIdentity(ZoneId zone) { return new AthenzService("vespadomain", "provider-" + zone.environment().value() + "-" + zone.region().value()); } diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/component/ConfigServerInfo.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/component/ConfigServerInfo.java index 10ac30d8715..1811fc0c8f0 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/component/ConfigServerInfo.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/component/ConfigServerInfo.java @@ -1,6 +1,7 @@ // Copyright 2018 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.hosted.node.admin.component; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import java.net.URI; @@ -16,12 +17,12 @@ import java.util.stream.Collectors; */ public class ConfigServerInfo { private final URI loadBalancerEndpoint; - private final AthenzService configServerIdentity; + private final AthenzIdentity configServerIdentity; private final Function configServerHostnameToUriMapper; private final List configServerURIs; public ConfigServerInfo(String loadBalancerHostName, List configServerHostNames, - String scheme, int port, AthenzService configServerAthenzIdentity) { + String scheme, int port, AthenzIdentity configServerAthenzIdentity) { this.loadBalancerEndpoint = createLoadBalancerEndpoint(loadBalancerHostName, scheme, port); this.configServerIdentity = configServerAthenzIdentity; this.configServerHostnameToUriMapper = hostname -> URI.create(scheme + "://" + hostname + ":" + port); @@ -46,7 +47,7 @@ public class ConfigServerInfo { return loadBalancerEndpoint; } - public AthenzService getConfigServerIdentity() { + public AthenzIdentity getConfigServerIdentity() { return configServerIdentity; } } diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java index 4fe0f420f05..550d6e7021e 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java @@ -8,6 +8,7 @@ import com.yahoo.security.KeyUtils; import com.yahoo.security.Pkcs10Csr; import com.yahoo.security.SslContextBuilder; import com.yahoo.security.X509CertificateUtils; +import com.yahoo.vespa.athenz.api.AthenzIdentity; import com.yahoo.vespa.athenz.api.AthenzService; import com.yahoo.vespa.athenz.client.zts.DefaultZtsClient; import com.yahoo.vespa.athenz.client.zts.InstanceIdentity; @@ -63,7 +64,7 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { private final URI ztsEndpoint; private final Path trustStorePath; - private final AthenzService configserverIdentity; + private final AthenzIdentity configserverIdentity; private final Clock clock; private final ServiceIdentityProvider hostIdentityProvider; private final IdentityDocumentClient identityDocumentClient; -- cgit v1.2.3