Wg parameter store (#25225)

* Remove unused import

* Add a parameter store for Wireguard and a model for its parameters

Co-authored-by: gjoranv <gv@verizonmedia.com>

7 files changed, 149 insertions, 1 deletions

diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverParameters.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverParameters.java
new file mode 100644
index 00000000000..c74ba2b7d6c
--- /dev/null
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverParameters.java
@@ -0,0 +1,36 @@
+package com.yahoo.vespa.hosted.node.admin.wireguard;
+
+import com.yahoo.config.provision.WireguardKey;
+import com.yahoo.slime.Cursor;
+import com.yahoo.slime.Slime;
+import com.yahoo.slime.SlimeUtils;
+
+/**
+ * Wireguard parameters for a configserver.
+ *
+ * @author gjoranv
+ */
+public record ConfigserverParameters(String hostname, String endpoint, WireguardKey publicKey) {
+
+    public static ConfigserverParameters fromJson(String json) {
+        Slime slime = SlimeUtils.jsonToSlime(json);
+        Cursor root = slime.get();
+        return new ConfigserverParameters(
+                root.field("hostname").asString(),
+                root.field("endpoint").asString(),
+                WireguardKey.from(root.field("publicKey").asString())
+        );
+    }
+
+    public String toJson() {
+        Slime slime = new Slime();
+        Cursor cursor = slime.setObject();
+        cursor.setString("hostname", hostname);
+        cursor.setString("endpoint", endpoint);
+        cursor.setString("publicKey", publicKey.value());
+        return SlimeUtils.toJson(slime);
+    }
+
+}
+
+
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ParameterStore.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ParameterStore.java
new file mode 100644
index 00000000000..4c7ddb23ecc
--- /dev/null
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/ParameterStore.java
@@ -0,0 +1,28 @@
+package com.yahoo.vespa.hosted.node.admin.wireguard;
+
+import com.yahoo.config.provision.zone.ZoneApi;
+
+import java.util.List;
+
+/**
+ * A cloud-agnostic store of parameters for Wireguard.
+ *
+ * @author gjoranv
+ */
+public interface ParameterStore {
+
+    /** Returns the configservers for the given zone. */
+    List<ConfigserverParameters> getConfigservers(ZoneApi zoneApi);
+
+    /** Returns the tenant nodes for the given zone. */
+    List<TenantParameters> getTenantNodes(ZoneApi zoneApi);
+
+    void addConfigserver(ConfigserverParameters configserver);
+
+    void addTenantNode(TenantParameters tenant);
+
+    void removeConfigserver(String hostname);
+
+    void removeTenantNode(String hostname);
+
+}
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/TenantParameters.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/TenantParameters.java
new file mode 100644
index 00000000000..81bb0064547
--- /dev/null
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/TenantParameters.java
@@ -0,0 +1,34 @@
+package com.yahoo.vespa.hosted.node.admin.wireguard;
+
+import com.yahoo.config.provision.WireguardKey;
+import com.yahoo.slime.Cursor;
+import com.yahoo.slime.Slime;
+import com.yahoo.slime.SlimeUtils;
+
+/**
+ * Wireguard parameters for a tenant host/node.
+ *
+ * @author gjoranv
+ */
+public record TenantParameters(String hostname, String ip, WireguardKey publicKey) {
+
+    public static TenantParameters fromJson(String json) {
+        Slime slime = SlimeUtils.jsonToSlime(json);
+        Cursor root = slime.get();
+        return new TenantParameters(
+                root.field("hostname").asString(),
+                root.field("ip").asString(),
+                WireguardKey.from(root.field("publicKey").asString())
+        );
+    }
+
+    public String toJson() {
+        Slime slime = new Slime();
+        Cursor cursor = slime.setObject();
+        cursor.setString("hostname", hostname);
+        cursor.setString("ip", ip);
+        cursor.setString("publicKey", publicKey.value());
+        return SlimeUtils.toJson(slime);
+    }
+
+}
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/package-info.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/package-info.java
new file mode 100644
index 00000000000..1e03b70df5f
--- /dev/null
+++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/wireguard/package-info.java
@@ -0,0 +1,5 @@
+// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+@ExportPackage
+package com.yahoo.vespa.hosted.node.admin.wireguard;
+
+import com.yahoo.osgi.annotation.ExportPackage;
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverParametersTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverParametersTest.java
new file mode 100644
index 00000000000..616590d4993
--- /dev/null
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/wireguard/ConfigserverParametersTest.java
@@ -0,0 +1,23 @@
+package com.yahoo.vespa.hosted.node.admin.wireguard;
+
+import com.yahoo.config.provision.WireguardKey;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+/**
+ * @author gjoranv
+ */
+public class ConfigserverParametersTest {
+
+    private static final String dummyKey = "qT+1Kdx7qZZpbqBxHupj7XgmVXSfcXol1RccaSd40XA=";
+
+    @Test
+    public void parameters_can_be_converted_to_json_and_back() {
+        ConfigserverParameters params = new ConfigserverParameters("host", "endpoint",
+                                                                   WireguardKey.from(dummyKey));
+        ConfigserverParameters params2 = ConfigserverParameters.fromJson(params.toJson());
+        assertEquals(params, params2);
+    }
+
+}
diff --git a/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/wireguard/TenantParametersTest.java b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/wireguard/TenantParametersTest.java
new file mode 100644
index 00000000000..c1adce84264
--- /dev/null
+++ b/node-admin/src/test/java/com/yahoo/vespa/hosted/node/admin/wireguard/TenantParametersTest.java
@@ -0,0 +1,23 @@
+package com.yahoo.vespa.hosted.node.admin.wireguard;
+
+import com.yahoo.config.provision.WireguardKey;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+
+/**
+ * @author gjoranv
+ */
+public class TenantParametersTest {
+
+    private static final String dummyKey = "qT+1Kdx7qZZpbqBxHupj7XgmVXSfcXol1RccaSd40XA=";
+
+    @Test
+    public void parameters_can_be_converted_to_json_and_back() {
+        TenantParameters params = new TenantParameters("host", "ip",
+                                                       WireguardKey.from(dummyKey));
+        TenantParameters params2 = TenantParameters.fromJson(params.toJson());
+        assertEquals(params, params2);
+    }
+
+}
diff --git a/vespajlib/src/main/java/com/yahoo/slime/SlimeUtils.java b/vespajlib/src/main/java/com/yahoo/slime/SlimeUtils.java
index c2e11be34be..970c71abb8a 100644
--- a/vespajlib/src/main/java/com/yahoo/slime/SlimeUtils.java
+++ b/vespajlib/src/main/java/com/yahoo/slime/SlimeUtils.java
@@ -3,7 +3,6 @@ package com.yahoo.slime;
 
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
-import java.io.UncheckedIOException;
 import java.nio.charset.StandardCharsets;
 import java.time.Duration;
 import java.time.Instant;