Test TlsSecrets in xml builder test

author: Morten Tokle <mortent@oath.com> 2019-06-21 11:20:40 +0200
committer: Morten Tokle <mortent@oath.com> 2019-06-21 11:20:40 +0200
commit: 29ac30c6107f6a2617d67ac6eb158ec8eccba1fb (patch)
tree: ab71818d8ce9586237b742fb8b4fd4cc417133d6
parent: 9036567ebd385d69cf70917d84785dc3cb72cddd (diff)
2 files changed, 41 insertions, 5 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/ApplicationContainer.java b/config-model/src/main/java/com/yahoo/vespa/model/container/ApplicationContainer.java
index 75907f26916..48f7fa3c1a2 100644
--- a/config-model/src/main/java/com/yahoo/vespa/model/container/ApplicationContainer.java
+++ b/config-model/src/main/java/com/yahoo/vespa/model/container/ApplicationContainer.java
@@ -5,6 +5,7 @@ import com.yahoo.config.model.api.TlsSecrets;
 import com.yahoo.config.model.api.container.ContainerServiceType;
 import com.yahoo.config.model.producer.AbstractConfigProducer;
 import com.yahoo.vespa.model.container.http.ConnectorFactory;
+import com.yahoo.vespa.model.container.http.Http;
 import com.yahoo.vespa.model.container.http.JettyHttpServer;
 import com.yahoo.vespa.model.container.http.ssl.ConfiguredDirectSslProvider;
 
@@ -31,10 +32,10 @@ public final class ApplicationContainer extends Container {
 
         if (isHostedVespa && tlsSecrets.isPresent()) {
             String connectorName = "tls4443";
-            JettyHttpServer server = getDefaultHttpServer();
-            if(getHttp() != null) {
-                server = getHttp().getHttpServer();
-            }
+
+            JettyHttpServer server = Optional.ofNullable(getHttp())
+                                             .map(Http::getHttpServer)
+                                             .orElse(getDefaultHttpServer());
             server.addConnector(new ConnectorFactory(connectorName, 4443,
                                                      new ConfiguredDirectSslProvider(server.getComponentId().getName(), tlsSecrets.get().key(), tlsSecrets.get().certificate(), null, null)));
         }
diff --git a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java
index 6ff513f6f74..880cccf02e4 100644
--- a/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java
+++ b/config-model/src/test/java/com/yahoo/vespa/model/container/xml/JettyContainerModelBuilderTest.java
@@ -1,12 +1,15 @@
 // Copyright 2017 Yahoo Holdings. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 package com.yahoo.vespa.model.container.xml;
 
+import com.yahoo.config.model.api.TlsSecrets;
 import com.yahoo.config.model.builder.xml.test.DomBuilderTest;
+import com.yahoo.config.model.deploy.DeployState;
+import com.yahoo.config.model.deploy.TestProperties;
 import com.yahoo.container.ComponentsConfig;
 import com.yahoo.container.jdisc.FilterBindingsProvider;
 import com.yahoo.jdisc.http.ConnectorConfig;
-import com.yahoo.vespa.model.container.ContainerCluster;
 import com.yahoo.vespa.model.container.ApplicationContainerCluster;
+import com.yahoo.vespa.model.container.ContainerCluster;
 import com.yahoo.vespa.model.container.component.SimpleComponent;
 import com.yahoo.vespa.model.container.http.ConnectorFactory;
 import com.yahoo.vespa.model.container.http.JettyHttpServer;
@@ -21,6 +24,7 @@ import static org.hamcrest.CoreMatchers.equalTo;
 import static org.hamcrest.CoreMatchers.is;
 import static org.hamcrest.CoreMatchers.not;
 import static org.hamcrest.CoreMatchers.nullValue;
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertThat;
 import static org.junit.Assert.assertTrue;
 
@@ -222,6 +226,37 @@ public class JettyContainerModelBuilderTest extends ContainerModelBuilderTestBas
         assertTrue(sslProvider.ssl().enabled());
     }
 
+    @Test
+    public void verify_that_container_setup_additional_tls4443(){
+        Element clusterElem = DomBuilderTest.parse(
+                "<jdisc id='default' version='1.0' jetty='true'>",
+                "    <http>",
+                "        <server port='9000' id='ssl'>",
+                "            <ssl>",
+                "                <private-key-file>/foo/key</private-key-file>",
+                "                <certificate-file>/foo/cert</certificate-file>",
+                "            </ssl>",
+                "        </server>",
+                "    </http>",
+                nodesXml,
+                "",
+                "</jdisc>");
+
+        DeployState deployState = new DeployState.Builder().properties(new TestProperties().setHostedVespa(true).setTlsSecrets(Optional.of(new TlsSecrets("CERT", "KEY")))).build();
+        createModel(root, deployState, null, clusterElem);
+        ConnectorConfig sslProvider = root.getConfig(ConnectorConfig.class, "default/http/jdisc-jetty/ssl");
+        assertTrue(sslProvider.ssl().enabled());
+        assertEquals("", sslProvider.ssl().certificate());
+        assertEquals("", sslProvider.ssl().privateKey());
+
+        ConnectorConfig providedTls = root.getConfig(ConnectorConfig.class, "default/http/jdisc-jetty/tls4443");
+        assertTrue(providedTls.ssl().enabled());
+        assertEquals("CERT", providedTls.ssl().certificate());
+        assertEquals("KEY", providedTls.ssl().privateKey());
+        assertEquals(4443, providedTls.listenPort());
+
+    }
+
     private static void assertChildComponentExists(ConnectorFactory connectorFactory, String className) {
         Optional<SimpleComponent> simpleComponent = connectorFactory.getChildren().values().stream()
                 .map(z -> (SimpleComponent) z)
author	Morten Tokle <mortent@oath.com>	2019-06-21 11:20:40 +0200
committer	Morten Tokle <mortent@oath.com>	2019-06-21 11:20:40 +0200
commit	29ac30c6107f6a2617d67ac6eb158ec8eccba1fb (patch)
tree	ab71818d8ce9586237b742fb8b4fd4cc417133d6
parent	9036567ebd385d69cf70917d84785dc3cb72cddd (diff)