Rename EndpointCertificateManager -> EndpointCertificates

author: Martin Polden <mpolden@mpolden.no> 2021-05-10 14:13:20 +0200
committer: Martin Polden <mpolden@mpolden.no> 2021-05-10 14:14:18 +0200
commit: 78c0cd94ad4e4e0fa6c5bff11ee487b7ef61791c (patch)
tree: 6d62b2148a18abd26195d5363b6c8d5af3bde667 /controller-server
parent: 5cb4b6e0ba193e9b0b4740aff22b84793b2509ee (diff)
3 files changed, 22 insertions, 20 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java
index fab67d483ff..0f9188d1f65 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/ApplicationController.java
@@ -52,7 +52,7 @@ import com.yahoo.vespa.hosted.controller.application.QuotaUsage;
 import com.yahoo.vespa.hosted.controller.application.SystemApplication;
 import com.yahoo.vespa.hosted.controller.application.TenantAndApplicationId;
 import com.yahoo.vespa.hosted.controller.athenz.impl.AthenzFacade;
-import com.yahoo.vespa.hosted.controller.certificate.EndpointCertificateManager;
+import com.yahoo.vespa.hosted.controller.certificate.EndpointCertificates;
 import com.yahoo.vespa.hosted.controller.concurrent.Once;
 import com.yahoo.vespa.hosted.controller.deployment.DeploymentTrigger;
 import com.yahoo.vespa.hosted.controller.deployment.JobStatus;
@@ -118,7 +118,7 @@ public class ApplicationController {
     private final Clock clock;
     private final DeploymentTrigger deploymentTrigger;
     private final ApplicationPackageValidator applicationPackageValidator;
-    private final EndpointCertificateManager endpointCertificateManager;
+    private final EndpointCertificates endpointCertificates;
     private final StringFlag dockerImageRepoFlag;
     private final BillingController billingController;
 
@@ -137,9 +137,9 @@ public class ApplicationController {
 
         deploymentTrigger = new DeploymentTrigger(controller, clock);
         applicationPackageValidator = new ApplicationPackageValidator(controller);
-        endpointCertificateManager = new EndpointCertificateManager(controller,
-                                                                    controller.serviceRegistry().endpointCertificateProvider(),
-                                                                    controller.serviceRegistry().endpointCertificateValidator());
+        endpointCertificates = new EndpointCertificates(controller,
+                                                        controller.serviceRegistry().endpointCertificateProvider(),
+                                                        controller.serviceRegistry().endpointCertificateValidator());
 
         // Update serialization format of all applications
         Once.after(Duration.ofMinutes(1), () -> {
@@ -379,7 +379,7 @@ public class ApplicationController {
                     &&   run.testerCertificate().isPresent())
                     applicationPackage = applicationPackage.withTrustedCertificate(run.testerCertificate().get());
 
-                endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(instance, zone, applicationPackage.deploymentSpec().instance(instance.name()));
+                endpointCertificateMetadata = endpointCertificates.getMetadata(instance, zone, applicationPackage.deploymentSpec().instance(instance.name()));
 
                 containerEndpoints = controller.routing().containerEndpointsOf(application.get(), job.application().instance(), zone);
 
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManager.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificates.java
index 9ac31dee424..fead9e26181 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManager.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificates.java
@@ -28,13 +28,14 @@ import java.util.stream.Collectors;
  * Looks up stored endpoint certificate metadata, provisions new certificates if none is found,
  * re-provisions if zone is not covered, and uses refreshed certificates if a newer version is available.
  *
- * See also EndpointCertificateMaintainer, which handles refreshes, deletions and triggers deployments
+ * See also {@link com.yahoo.vespa.hosted.controller.maintenance.EndpointCertificateMaintainer}, which handles
+ * refreshes, deletions and triggers deployments.
  *
  * @author andreer
  */
-public class EndpointCertificateManager {
+public class EndpointCertificates {
 
-    private static final Logger log = Logger.getLogger(EndpointCertificateManager.class.getName());
+    private static final Logger log = Logger.getLogger(EndpointCertificates.class.getName());
 
     private final Controller controller;
     private final CuratorDb curator;
@@ -42,8 +43,8 @@ public class EndpointCertificateManager {
     private final EndpointCertificateProvider certificateProvider;
     private final EndpointCertificateValidator certificateValidator;
 
-    public EndpointCertificateManager(Controller controller, EndpointCertificateProvider certificateProvider,
-                                      EndpointCertificateValidator certificateValidator) {
+    public EndpointCertificates(Controller controller, EndpointCertificateProvider certificateProvider,
+                                EndpointCertificateValidator certificateValidator) {
         this.controller = controller;
         this.curator = controller.curator();
         this.clock = controller.clock();
@@ -51,7 +52,8 @@ public class EndpointCertificateManager {
         this.certificateValidator = certificateValidator;
     }
 
-    public Optional<EndpointCertificateMetadata> getEndpointCertificateMetadata(Instance instance, ZoneId zone, Optional<DeploymentInstanceSpec> instanceSpec) {
+    /** Returns certificate metadata for endpoints of given instance and zone */
+    public Optional<EndpointCertificateMetadata> getMetadata(Instance instance, ZoneId zone, Optional<DeploymentInstanceSpec> instanceSpec) {
         Instant start = clock.instant();
         Optional<EndpointCertificateMetadata> metadata = getOrProvision(instance, zone, instanceSpec);
         metadata.ifPresent(m -> curator.writeEndpointCertificateMetadata(instance.id(), m.withLastRequested(clock.instant().getEpochSecond())));
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManagerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificatesTest.java
index f17a8ac60e2..40abb9ba319 100644
--- a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificateManagerTest.java
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/certificate/EndpointCertificatesTest.java
@@ -38,7 +38,7 @@ import static org.junit.Assert.assertTrue;
 /**
  * @author andreer
  */
-public class EndpointCertificateManagerTest {
+public class EndpointCertificatesTest {
 
     private final ControllerTester tester = new ControllerTester();
     private final SecretStoreMock secretStore = new SecretStoreMock();
@@ -46,7 +46,7 @@ public class EndpointCertificateManagerTest {
     private final ManualClock clock = tester.clock();
     private final EndpointCertificateMock endpointCertificateMock = new EndpointCertificateMock();
     private final EndpointCertificateValidatorImpl endpointCertificateValidator = new EndpointCertificateValidatorImpl(secretStore, clock);
-    private final EndpointCertificateManager endpointCertificateManager = new EndpointCertificateManager(tester.controller(), endpointCertificateMock, endpointCertificateValidator);
+    private final EndpointCertificates endpointCertificates = new EndpointCertificates(tester.controller(), endpointCertificateMock, endpointCertificateValidator);
     private final KeyPair testKeyPair = KeyUtils.generateKeypair(KeyAlgorithm.EC, 192);
 
     private X509Certificate testCertificate;
@@ -109,7 +109,7 @@ public class EndpointCertificateManagerTest {
     @Test
     public void provisions_new_certificate_in_dev() {
         ZoneId testZone = tester.zoneRegistry().zones().directlyRouted().in(Environment.dev).zones().stream().findFirst().orElseThrow().getId();
-        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(testInstance, testZone, Optional.empty());
+        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificates.getMetadata(testInstance, testZone, Optional.empty());
         assertTrue(endpointCertificateMetadata.isPresent());
         assertTrue(endpointCertificateMetadata.get().keyName().matches("vespa.tls.default.default.*-key"));
         assertTrue(endpointCertificateMetadata.get().certName().matches("vespa.tls.default.default.*-cert"));
@@ -119,7 +119,7 @@ public class EndpointCertificateManagerTest {
 
     @Test
     public void provisions_new_certificate_in_prod() {
-        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(testInstance, testZone, Optional.empty());
+        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificates.getMetadata(testInstance, testZone, Optional.empty());
         assertTrue(endpointCertificateMetadata.isPresent());
         assertTrue(endpointCertificateMetadata.get().keyName().matches("vespa.tls.default.default.*-key"));
         assertTrue(endpointCertificateMetadata.get().certName().matches("vespa.tls.default.default.*-cert"));
@@ -138,7 +138,7 @@ public class EndpointCertificateManagerTest {
                 "", Optional.empty(), Optional.empty()));
         secretStore.setSecret(testKeyName, KeyUtils.toPem(testKeyPair.getPrivate()), 7);
         secretStore.setSecret(testCertName, X509CertificateUtils.toPem(testCertificate) + X509CertificateUtils.toPem(testCertificate), 7);
-        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(testInstance, testZone, Optional.empty());
+        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificates.getMetadata(testInstance, testZone, Optional.empty());
         assertTrue(endpointCertificateMetadata.isPresent());
         assertEquals(testKeyName, endpointCertificateMetadata.get().keyName());
         assertEquals(testCertName, endpointCertificateMetadata.get().certName());
@@ -150,7 +150,7 @@ public class EndpointCertificateManagerTest {
         mockCuratorDb.writeEndpointCertificateMetadata(testInstance.id(), new EndpointCertificateMetadata(testKeyName, testCertName, -1, 0, "uuid", List.of(), "issuer", Optional.empty(), Optional.empty()));
         secretStore.setSecret("vespa.tls.default.default.default-key", KeyUtils.toPem(testKeyPair.getPrivate()), 0);
         secretStore.setSecret("vespa.tls.default.default.default-cert", X509CertificateUtils.toPem(testCertificate) + X509CertificateUtils.toPem(testCertificate), 0);
-        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(testInstance, testZone, Optional.empty());
+        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificates.getMetadata(testInstance, testZone, Optional.empty());
         assertTrue(endpointCertificateMetadata.isPresent());
         assertEquals(0, endpointCertificateMetadata.get().version());
         assertEquals(endpointCertificateMetadata, mockCuratorDb.readEndpointCertificateMetadata(testInstance.id()));
@@ -167,7 +167,7 @@ public class EndpointCertificateManagerTest {
         secretStore.setSecret("vespa.tls.default.default.default-key", KeyUtils.toPem(testKeyPair.getPrivate()), 0);
         secretStore.setSecret("vespa.tls.default.default.default-cert", X509CertificateUtils.toPem(testCertificate2) + X509CertificateUtils.toPem(testCertificate2), 0);
 
-        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(testInstance, testZone, Optional.empty());
+        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificates.getMetadata(testInstance, testZone, Optional.empty());
         assertTrue(endpointCertificateMetadata.isPresent());
         assertEquals(0, endpointCertificateMetadata.get().version());
         assertEquals(endpointCertificateMetadata, mockCuratorDb.readEndpointCertificateMetadata(testInstance.id()));
@@ -189,7 +189,7 @@ public class EndpointCertificateManagerTest {
                         "</deployment>\n");
 
         ZoneId testZone = tester.zoneRegistry().zones().all().in(Environment.staging).zones().stream().findFirst().orElseThrow().getId();
-        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificateManager.getEndpointCertificateMetadata(testInstance, testZone, Optional.of(deploymentSpec.requireInstance("default")));
+        Optional<EndpointCertificateMetadata> endpointCertificateMetadata = endpointCertificates.getMetadata(testInstance, testZone, Optional.of(deploymentSpec.requireInstance("default")));
         assertTrue(endpointCertificateMetadata.isPresent());
         assertTrue(endpointCertificateMetadata.get().keyName().matches("vespa.tls.default.default.*-key"));
         assertTrue(endpointCertificateMetadata.get().certName().matches("vespa.tls.default.default.*-cert"));
author	Martin Polden <mpolden@mpolden.no>	2021-05-10 14:13:20 +0200
committer	Martin Polden <mpolden@mpolden.no>	2021-05-10 14:14:18 +0200
commit	78c0cd94ad4e4e0fa6c5bff11ee487b7ef61791c (patch)
tree	6d62b2148a18abd26195d5363b6c8d5af3bde667 /controller-server
parent	5cb4b6e0ba193e9b0b4740aff22b84793b2509ee (diff)