diff options
author | andreer <andreer@verizonmedia.com> | 2020-01-17 16:59:39 +0100 |
---|---|---|
committer | andreer <andreer@verizonmedia.com> | 2020-01-17 16:59:39 +0100 |
commit | e66e0ba2ccd2b973a13eff8645af66073eba31ed (patch) | |
tree | 561e155af40992cab549d8a760207af2ff84e9cc /config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java | |
parent | 0d7939b7036d2b0f8960f43edcafe6eff5051f7a (diff) |
accept and store json endpoint cert metadata on deploy
also refactor from tlsSecretKeys -> several "endpoint certificate" classes
Diffstat (limited to 'config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java')
-rw-r--r-- | config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java new file mode 100644 index 00000000000..f00ad0f0dbb --- /dev/null +++ b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java @@ -0,0 +1,18 @@ +// Copyright 2020 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.model.application.validation; + +import com.yahoo.config.model.api.EndpointCertificateSecrets; +import com.yahoo.config.model.deploy.DeployState; +import com.yahoo.config.provision.CertificateNotReadyException; +import com.yahoo.vespa.model.VespaModel; + +public class EndpointCertificateSecretsValidator extends Validator { + + /** This check is delayed until validation to allow node provisioning to complete while we are waiting for cert */ + @Override + public void validate(VespaModel model, DeployState deployState) { + if (deployState.endpointCertificateSecrets().isPresent() && deployState.endpointCertificateSecrets().get() == EndpointCertificateSecrets.MISSING) { + throw new CertificateNotReadyException("TLS enabled, but could not retrieve certificate yet"); + } + } +} |