Merge pull request #11956 from vespa-engine/andreer/write-endpoint-certificate-metadata-to-zk

write endpoint certificate metadata to zk

3 files changed, 9 insertions, 6 deletions

diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java
index f7ae98befe4..66a7acc6ddf 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java
@@ -572,9 +572,9 @@ public class ApplicationController {
             return endpointCertificateMetadata;
 
         ApplicationCertificate newCertificate = controller.serviceRegistry().applicationCertificateProvider().requestCaSignedCertificate(instance.id(), dnsNamesOf(instance.id()));
-        curator.writeApplicationCertificate(instance.id(), newCertificate);
-
-        return Optional.of(EndpointCertificateMetadataSerializer.fromTlsSecretsKeysString(newCertificate.secretsKeyNamePrefix()));
+        EndpointCertificateMetadata provisionedCertificateMetadata = EndpointCertificateMetadataSerializer.fromTlsSecretsKeysString(newCertificate.secretsKeyNamePrefix());
+        curator.writeEndpointCertificateMetadata(instance.id(), provisionedCertificateMetadata);
+        return Optional.of(provisionedCertificateMetadata);
     }
 
     /** Returns all valid DNS names of given application */
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/CuratorDb.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/CuratorDb.java
index 01ef6db1dc8..6d212afb72a 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/CuratorDb.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/CuratorDb.java
@@ -516,8 +516,8 @@ public class CuratorDb {
 
     // -------------- Application web certificates ----------------------------
 
-    public void writeApplicationCertificate(ApplicationId applicationId, ApplicationCertificate applicationCertificate) {
-        curator.set(applicationCertificatePath(applicationId), applicationCertificate.secretsKeyNamePrefix().getBytes());
+    public void writeEndpointCertificateMetadata(ApplicationId applicationId, EndpointCertificateMetadata endpointCertificateMetadata) {
+        curator.set(applicationCertificatePath(applicationId), asJson(EndpointCertificateMetadataSerializer.toSlime(endpointCertificateMetadata)));
     }
 
     public Optional<EndpointCertificateMetadata> readEndpointCertificateMetadata(ApplicationId applicationId) {
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java
index c2e901bbaea..702234b7634 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java
@@ -27,10 +27,13 @@ public class EndpointCertificateMetadataSerializer {
     private final static String certNameField = "certName";
     private final static String versionField = "version";
 
-    public static void toSlime(EndpointCertificateMetadata metadata, Cursor object) {
+    public static Slime toSlime(EndpointCertificateMetadata metadata) {
+        Slime slime = new Slime();
+        Cursor object = slime.setObject();
         object.setString(keyNameField, metadata.keyName());
         object.setString(certNameField, metadata.certName());
         object.setLong(versionField, metadata.version());
+        return slime;
     }
 
     public static EndpointCertificateMetadata fromSlime(Inspector inspector) {