diff options
author | jonmv <venstad@gmail.com> | 2022-11-03 18:38:44 +0100 |
---|---|---|
committer | jonmv <venstad@gmail.com> | 2022-11-03 18:38:44 +0100 |
commit | f571f9c77b811275a923528890455e20c1d53628 (patch) | |
tree | b534063942b82f5ea7a0c15a43deb7cd99096dad | |
parent | ca439b0dcb570d8eda73f1177dcef31f647e287f (diff) |
Update test and clean up
3 files changed, 14 insertions, 21 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackage.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackage.java index f0c278c51cf..53c78d7c8ec 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackage.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackage.java @@ -59,9 +59,7 @@ import static java.util.stream.Collectors.toMap; * A representation of the content of an application package. * Only meta-data content can be accessed as anything other than compressed data. * A package is identified by a hash of the content. - * - * This is immutable. - * + * * @author bratseth * @author jonmv */ @@ -124,17 +122,6 @@ public class ApplicationPackage { preProcessAndPopulateCache(); } - /** Returns a copy of this with the given certificate appended. */ - public ApplicationPackage withTrustedCertificate(X509Certificate certificate) { - List<X509Certificate> trustedCertificates = new ArrayList<>(this.trustedCertificates); - trustedCertificates.add(certificate); - byte[] certificatesBytes = X509CertificateUtils.toPem(trustedCertificates).getBytes(UTF_8); - - ByteArrayOutputStream modified = new ByteArrayOutputStream(zippedContent.length + certificatesBytes.length); - ZipEntries.transferAndWrite(modified, new ByteArrayInputStream(zippedContent), trustedCertificatesFile, certificatesBytes); - return new ApplicationPackage(modified.toByteArray()); - } - /** Hash of all files and settings that influence what is deployed to config servers. */ public String bundleHash() { return bundleHash; diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageStream.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageStream.java index 4bdba3f2864..3288759b174 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageStream.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageStream.java @@ -9,6 +9,7 @@ import java.io.IOException; import java.io.InputStream; import java.io.UncheckedIOException; import java.security.cert.X509Certificate; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -20,6 +21,7 @@ import java.util.zip.ZipEntry; import java.util.zip.ZipInputStream; import java.util.zip.ZipOutputStream; +import static com.yahoo.security.X509CertificateUtils.certificateListFromPem; import static java.io.OutputStream.nullOutputStream; import static java.lang.Math.min; import static java.nio.charset.StandardCharsets.UTF_8; @@ -52,9 +54,10 @@ public class ApplicationPackageStream { .orElse(Replacer.of(Map.of())); } - static InputStream append(InputStream trustBytes, X509Certificate cert) { + static InputStream append(InputStream trustIn, X509Certificate cert) { try { - List<X509Certificate> trusted = X509CertificateUtils.certificateListFromPem(new String(trustBytes.readAllBytes(), UTF_8)); + List<X509Certificate> trusted = trustIn == null ? new ArrayList<>() + : new ArrayList<>(certificateListFromPem(new String(trustIn.readAllBytes(), UTF_8))); trusted.add(cert); return new ByteArrayInputStream(X509CertificateUtils.toPem(trusted).getBytes(UTF_8)); } diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java index 7b951889a44..609b7abf5f0 100644 --- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java +++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/application/pkg/ApplicationPackageTest.java @@ -24,12 +24,14 @@ import java.security.cert.X509Certificate; import java.time.Instant; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.function.Predicate; import java.util.function.UnaryOperator; import java.util.stream.Collectors; import java.util.stream.IntStream; import static com.yahoo.vespa.hosted.controller.application.pkg.ApplicationPackage.filesZip; +import static com.yahoo.vespa.hosted.controller.application.pkg.ApplicationPackageStream.addingCertificate; import static java.nio.charset.StandardCharsets.UTF_8; import static org.junit.jupiter.api.Assertions.assertArrayEquals; import static org.junit.jupiter.api.Assertions.assertEquals; @@ -170,8 +172,8 @@ public class ApplicationPackageTest { } @Test - void test_replacement() { - ApplicationPackage applicationPackage = new ApplicationPackage(new byte[0]); + void test_replacement() throws IOException { + byte[] zip = zip(Map.of()); List<X509Certificate> certificates = IntStream.range(0, 3) .mapToObj(i -> { KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC, 256); @@ -185,10 +187,11 @@ public class ApplicationPackageTest { .build(); }).toList(); - assertEquals(List.of(), applicationPackage.trustedCertificates()); + assertEquals(List.of(), new ApplicationPackage(zip).trustedCertificates()); for (int i = 0; i < certificates.size(); i++) { - applicationPackage = applicationPackage.withTrustedCertificate(certificates.get(i)); - assertEquals(certificates.subList(0, i + 1), applicationPackage.trustedCertificates()); + InputStream in = new ByteArrayInputStream(zip); + zip = new ApplicationPackageStream(() -> in, __ -> false, addingCertificate(Optional.of(certificates.get(i)))).zipStream().readAllBytes(); + assertEquals(certificates.subList(0, i + 1), new ApplicationPackage(zip).trustedCertificates()); } } |