diff options
| author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-10-07 15:58:08 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-10-07 15:58:08 +0200 |
| commit | 0f4a59699f97235953e2a6972b069fea32153eb5 (patch) | |
| tree | c437aafa2f70caa4e34dc36fba10258a6c7146f6 | |
| parent | 7e98cb4e81bb112571b97b0be70740d5a84a5983 (diff) | |
| parent | ce74c9f674979e7ad977c4d744740e82aef6a9b2 (diff) | |
Merge pull request #10905 from vespa-engine/hakonhall/order-authorized-peers-in-json-to-stabilize-tests
Order authorized peers in JSON to stabilize tests
| -rw-r--r-- | security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java | 42 |
1 files changed, 23 insertions, 19 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java index a6291477942..5487bad24e7 100644 --- a/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java +++ b/security-utils/src/main/java/com/yahoo/security/tls/json/TransportSecurityOptionsJsonSerializer.java @@ -20,6 +20,7 @@ import java.io.UncheckedIOException; import java.nio.file.Paths; import java.util.ArrayList; import java.util.Collections; +import java.util.Comparator; import java.util.List; import java.util.Set; @@ -132,25 +133,28 @@ public class TransportSecurityOptionsJsonSerializer { options.getCaCertificatesFile().ifPresent(value -> entity.files.caCertificatesFile = value.toString()); options.getCertificatesFile().ifPresent(value -> entity.files.certificatesFile = value.toString()); options.getPrivateKeyFile().ifPresent(value -> entity.files.privateKeyFile = value.toString()); - options.getAuthorizedPeers().ifPresent( authorizedPeers -> { - entity.authorizedPeers = new ArrayList<>(); - for (PeerPolicy peerPolicy : authorizedPeers.peerPolicies()) { - AuthorizedPeer authorizedPeer = new AuthorizedPeer(); - authorizedPeer.name = peerPolicy.policyName(); - authorizedPeer.requiredCredentials = new ArrayList<>(); - for (RequiredPeerCredential requiredPeerCredential : peerPolicy.requiredCredentials()) { - RequiredCredential requiredCredential = new RequiredCredential(); - requiredCredential.field = toField(requiredPeerCredential.field()); - requiredCredential.matchExpression = requiredPeerCredential.pattern().asString(); - authorizedPeer.requiredCredentials.add(requiredCredential); - } - if (!peerPolicy.assumedRoles().isEmpty()) { - authorizedPeer.roles = new ArrayList<>(); - peerPolicy.assumedRoles().forEach(role -> authorizedPeer.roles.add(role.name())); - } - entity.authorizedPeers.add(authorizedPeer); - } - }); + options.getAuthorizedPeers().ifPresent( authorizedPeers -> entity.authorizedPeers = + authorizedPeers.peerPolicies().stream() + // Makes tests stable + .sorted(Comparator.comparing(PeerPolicy::policyName)) + .map(peerPolicy -> { + AuthorizedPeer authorizedPeer = new AuthorizedPeer(); + authorizedPeer.name = peerPolicy.policyName(); + authorizedPeer.requiredCredentials = new ArrayList<>(); + for (RequiredPeerCredential requiredPeerCredential : peerPolicy.requiredCredentials()) { + RequiredCredential requiredCredential = new RequiredCredential(); + requiredCredential.field = toField(requiredPeerCredential.field()); + requiredCredential.matchExpression = requiredPeerCredential.pattern().asString(); + authorizedPeer.requiredCredentials.add(requiredCredential); + } + if (!peerPolicy.assumedRoles().isEmpty()) { + authorizedPeer.roles = new ArrayList<>(); + peerPolicy.assumedRoles().forEach(role -> authorizedPeer.roles.add(role.name())); + } + + return authorizedPeer; + }) + .collect(toList())); if (!options.getAcceptedCiphers().isEmpty()) { entity.acceptedCiphers = options.getAcceptedCiphers(); } |