Add nodes/v2/wireguard/

.. to allow tenant nodes to get peer config for configservers.

2 files changed, 38 insertions, 1 deletions

diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiHandler.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiHandler.java
index b1a66e34c9e..543901621d0 100644
--- a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiHandler.java
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/NodesV2ApiHandler.java
@@ -115,7 +115,7 @@ public class NodesV2ApiHandler extends ThreadedHttpRequestHandler {
     private HttpResponse handleGET(HttpRequest request) {
         Path path = new Path(request.getUri());
         String pathS = request.getUri().getPath();
-        if (path.matches(    "/nodes/v2")) return new ResourceResponse(request.getUri(), "node", "state", "acl", "command", "archive", "locks", "maintenance", "upgrade", "capacity", "application", "stats");
+        if (path.matches(    "/nodes/v2")) return new ResourceResponse(request.getUri(), "node", "state", "acl", "command", "archive", "locks", "maintenance", "upgrade", "capacity", "application", "stats", "wireguard");
         if (path.matches(    "/nodes/v2/node")) return new NodesResponse(ResponseType.nodeList, request, orchestrator, nodeRepository);
         if (pathS.startsWith("/nodes/v2/node/")) return new NodesResponse(ResponseType.singleNode, request, orchestrator, nodeRepository);
         if (path.matches(    "/nodes/v2/state")) return new NodesResponse(ResponseType.stateList, request, orchestrator, nodeRepository);
@@ -130,6 +130,7 @@ public class NodesV2ApiHandler extends ThreadedHttpRequestHandler {
         if (path.matches(    "/nodes/v2/application")) return applicationList(request.getUri());
         if (path.matches(    "/nodes/v2/application/{applicationId}")) return application(path.get("applicationId"), request.getUri());
         if (path.matches(    "/nodes/v2/stats")) return stats();
+        if (path.matches(    "/nodes/v2/wireguard")) return new WireguardResponse(nodeRepository);
         throw new NotFoundException("Nothing at " + path);
     }
 
diff --git a/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/WireguardResponse.java b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/WireguardResponse.java
new file mode 100644
index 00000000000..0bac6f09029
--- /dev/null
+++ b/node-repository/src/main/java/com/yahoo/vespa/hosted/provision/restapi/WireguardResponse.java
@@ -0,0 +1,36 @@
+package com.yahoo.vespa.hosted.provision.restapi;
+
+import com.yahoo.config.provision.NodeType;
+import com.yahoo.restapi.SlimeJsonResponse;
+import com.yahoo.slime.Cursor;
+import com.yahoo.vespa.hosted.provision.Node;
+import com.yahoo.vespa.hosted.provision.NodeList;
+import com.yahoo.vespa.hosted.provision.NodeRepository;
+
+/**
+ * @author gjoranv
+ */
+public class WireguardResponse extends SlimeJsonResponse {
+
+    public WireguardResponse(NodeRepository nodeRepository) {
+        Cursor root = slime.setObject();
+        Cursor cfgArray = root.setArray("configservers");
+
+        NodeList configservers = nodeRepository.nodes()
+                .list(Node.State.active)
+                .nodeType(NodeType.config);
+
+        configservers.forEach(
+                configserver -> addConfigserver(cfgArray.addObject(), configserver));
+    }
+
+    private void addConfigserver(Cursor cfgEntry, Node configserver) {
+        cfgEntry.setString("hostname", configserver.hostname());
+
+        configserver.wireguardPubKey().ifPresent(
+                key -> cfgEntry.setString("wireguardPubkey", key.value()));
+
+        NodesResponse.ipAddressesToSlime(configserver.ipConfig().primary(), cfgEntry.setArray("ipAddresses"));
+    }
+
+}