diff options
author | Andreas Eriksen <andreer@pvv.ntnu.no> | 2020-01-21 10:18:22 +0100 |
---|---|---|
committer | andreer <andreer@verizonmedia.com> | 2020-01-21 12:39:08 +0100 |
commit | ef85cda373ff63f08b8ea8f4a11e1e5c48b42772 (patch) | |
tree | 96bf4523129112addc52f609d37ae6dcd8843672 /config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java | |
parent | a53cde292481f4523f66e0dc5b176d452a4db20b (diff) |
Revert "Revert "accept and store json endpoint cert metadata on deploy""
Diffstat (limited to 'config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java')
-rw-r--r-- | config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java new file mode 100644 index 00000000000..f00ad0f0dbb --- /dev/null +++ b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/EndpointCertificateSecretsValidator.java @@ -0,0 +1,18 @@ +// Copyright 2020 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. +package com.yahoo.vespa.model.application.validation; + +import com.yahoo.config.model.api.EndpointCertificateSecrets; +import com.yahoo.config.model.deploy.DeployState; +import com.yahoo.config.provision.CertificateNotReadyException; +import com.yahoo.vespa.model.VespaModel; + +public class EndpointCertificateSecretsValidator extends Validator { + + /** This check is delayed until validation to allow node provisioning to complete while we are waiting for cert */ + @Override + public void validate(VespaModel model, DeployState deployState) { + if (deployState.endpointCertificateSecrets().isPresent() && deployState.endpointCertificateSecrets().get() == EndpointCertificateSecrets.MISSING) { + throw new CertificateNotReadyException("TLS enabled, but could not retrieve certificate yet"); + } + } +} |