Refactor certificate assignment and migration

author: Martin Polden <mpolden@mpolden.no> 2023-10-06 14:57:17 +0200
committer: Martin Polden <mpolden@mpolden.no> 2023-10-09 11:11:22 +0200
commit: 9eb903f4d1d571be513a70c59e49d38d7a986220 (patch)
tree: 05a1d0206f9a76f9d466155b35d22e4ae6d019f8 /controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/PreparedEndpoints.java
parent: 1a776a01494f1a0291169962814361be3ffca714 (diff)
1 files changed, 6 insertions, 5 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/PreparedEndpoints.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/PreparedEndpoints.java
index 273f8fd8838..5bfd50ce76d 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/PreparedEndpoints.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/PreparedEndpoints.java
@@ -27,14 +27,13 @@ import java.util.stream.Collectors;
 public record PreparedEndpoints(DeploymentId deployment,
                                 EndpointList endpoints,
                                 List<AssignedRotation> rotations,
-                                Optional<EndpointCertificate> certificate) {
+                                EndpointCertificate certificate) {
 
-    public PreparedEndpoints(DeploymentId deployment, EndpointList endpoints, List<AssignedRotation> rotations, Optional<EndpointCertificate> certificate) {
+    public PreparedEndpoints(DeploymentId deployment, EndpointList endpoints, List<AssignedRotation> rotations, EndpointCertificate certificate) {
         this.deployment = Objects.requireNonNull(deployment);
         this.endpoints = Objects.requireNonNull(endpoints);
         this.rotations = List.copyOf(Objects.requireNonNull(rotations));
-        this.certificate = Objects.requireNonNull(certificate);
-        certificate.ifPresent(endpointCertificate -> requireMatchingSans(endpointCertificate, endpoints));
+        this.certificate = requireMatchingSans(certificate, endpoints);
     }
 
     /** Returns the endpoints contained in this as {@link com.yahoo.vespa.hosted.controller.api.integration.configserver.ContainerEndpoint} */
@@ -101,13 +100,15 @@ public record PreparedEndpoints(DeploymentId deployment,
         };
     }
 
-    private static void requireMatchingSans(EndpointCertificate certificate, EndpointList endpoints) {
+    private static EndpointCertificate requireMatchingSans(EndpointCertificate certificate, EndpointList endpoints) {
+        Objects.requireNonNull(certificate);
         for (var endpoint : endpoints.not().scope(Endpoint.Scope.weighted)) { // Weighted endpoints are not present in certificate
             if (!certificate.sanMatches(endpoint.dnsName())) {
                 throw new IllegalArgumentException(endpoint + " has no matching SAN. Certificate contains " +
                                                    certificate.requestedDnsSans());
             }
         }
+        return certificate;
     }
 
 }
author	Martin Polden <mpolden@mpolden.no>	2023-10-06 14:57:17 +0200
committer	Martin Polden <mpolden@mpolden.no>	2023-10-09 11:11:22 +0200
commit	9eb903f4d1d571be513a70c59e49d38d7a986220 (patch)
tree	05a1d0206f9a76f9d466155b35d22e4ae6d019f8 /controller-server/src/main/java/com/yahoo/vespa/hosted/controller/routing/PreparedEndpoints.java
parent	1a776a01494f1a0291169962814361be3ffca714 (diff)