blob: e3f53b5606f20c6d32e11aab267ce3439e2c8dc7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
// Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.vespa.hosted.controller.athenz.impl;
import ai.vespa.metrics.ControllerMetrics;
import com.yahoo.component.annotation.Inject;
import com.yahoo.jdisc.Metric;
import com.yahoo.vespa.athenz.api.AthenzIdentity;
import com.yahoo.vespa.athenz.client.ErrorHandler;
import com.yahoo.vespa.athenz.client.zms.DefaultZmsClient;
import com.yahoo.vespa.athenz.client.zms.ZmsClient;
import com.yahoo.vespa.athenz.client.zts.DefaultZtsClient;
import com.yahoo.vespa.athenz.client.zts.ZtsClient;
import com.yahoo.vespa.athenz.identity.ServiceIdentityProvider;
import com.yahoo.vespa.hosted.controller.api.integration.athenz.AthenzClientFactory;
import com.yahoo.vespa.hosted.controller.athenz.config.AthenzConfig;
import java.net.URI;
import java.util.HashMap;
import java.util.Map;
/**
* @author bjorncs
*/
public class AthenzClientFactoryImpl implements AthenzClientFactory {
private static final String METRIC_NAME = ControllerMetrics.ATHENZ_REQUEST_ERROR.baseName();
private static final String ATHENZ_SERVICE_DIMENSION = "athenz-service";
private static final String EXCEPTION_DIMENSION = "exception";
private final AthenzConfig config;
private final ServiceIdentityProvider identityProvider;
private final Metric metrics;
private final Map<String, Metric.Context> metricContexts;
@Inject
public AthenzClientFactoryImpl(ServiceIdentityProvider identityProvider, AthenzConfig config, Metric metrics) {
this.identityProvider = identityProvider;
this.config = config;
this.metrics = metrics;
this.metricContexts = new HashMap<>();
}
@Override
public AthenzIdentity getControllerIdentity() {
return identityProvider.identity();
}
/**
* @return A ZMS client instance with the service identity as principal.
*/
@Override
public ZmsClient createZmsClient() {
return new DefaultZmsClient(URI.create(config.zmsUrl()), identityProvider, this::reportMetricErrorHandler);
}
/**
* @return A ZTS client instance with the service identity as principal.
*/
@Override
public ZtsClient createZtsClient() {
return new DefaultZtsClient.Builder(URI.create(config.ztsUrl())).withIdentityProvider(identityProvider).build();
}
@Override
public boolean cacheLookups() {
return true;
}
private void reportMetricErrorHandler(ErrorHandler.RequestProperties request, Exception error) {
Metric.Context context = metricContexts.computeIfAbsent(request.hostname(), host -> metrics.createContext(
Map.of(ATHENZ_SERVICE_DIMENSION, host,
EXCEPTION_DIMENSION, error.getClass().getSimpleName())));
metrics.add(METRIC_NAME, 1, context);
}
}
|