diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-06-03 19:44:03 +0200 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2019-06-03 19:44:28 +0200 |
commit | 26ef5973ad94ca94a7b8d3dde5f89c3f46ab6b6b (patch) | |
tree | 4edc4329bac7620abe262add03b0d5810b378464 /security-tools/src | |
parent | 3879fc3ebbad3d1f2045205f99fd6cf4ebab497c (diff) |
Export 'VESPA_TLS_ENABLED' environment variable
Diffstat (limited to 'security-tools/src')
6 files changed, 6 insertions, 0 deletions
diff --git a/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/Main.java b/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/Main.java index 996d2533ae1..ae18700246c 100644 --- a/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/Main.java +++ b/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/Main.java @@ -52,6 +52,7 @@ public class Main { Map<OutputVariable, String> outputVariables = new TreeMap<>(); Optional<TransportSecurityOptions> options = TransportSecurityUtils.getOptions(envVars); if (options.isPresent()) { + outputVariables.put(OutputVariable.TLS_ENABLED, "1"); options.get().getCaCertificatesFile() .ifPresent(caCertFile -> outputVariables.put(OutputVariable.CA_CERTIFICATE, caCertFile.toString())); MixedMode mixedMode = TransportSecurityUtils.getInsecureMixedMode(envVars); diff --git a/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/OutputVariable.java b/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/OutputVariable.java index 9cd4cc1fc67..dd248d05aac 100644 --- a/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/OutputVariable.java +++ b/security-tools/src/main/java/com/yahoo/vespa/security/tool/securityenv/OutputVariable.java @@ -7,6 +7,7 @@ package com.yahoo.vespa.security.tool.securityenv; * @author bjorncs */ enum OutputVariable { + TLS_ENABLED("VESPA_TLS_ENABLED", "Set to '1' if TLS is enabled in Vespa"), CA_CERTIFICATE("VESPA_TLS_CA_CERT", "Path to CA certificates file"), CERTIFICATE("VESPA_TLS_CERT", "Path to certificate file"), PRIVATE_KEY("VESPA_TLS_PRIVATE_KEY", "Path to private key file"); diff --git a/security-tools/src/test/resources/bash-output.txt b/security-tools/src/test/resources/bash-output.txt index 421320f82d5..c07c667af47 100644 --- a/security-tools/src/test/resources/bash-output.txt +++ b/security-tools/src/test/resources/bash-output.txt @@ -1,3 +1,4 @@ +VESPA_TLS_ENABLED="1"; export VESPA_TLS_ENABLED; VESPA_TLS_CA_CERT="/path/to/cacerts"; export VESPA_TLS_CA_CERT; VESPA_TLS_CERT="/path/to/certificate"; export VESPA_TLS_CERT; VESPA_TLS_PRIVATE_KEY="/path/to/key"; export VESPA_TLS_PRIVATE_KEY; diff --git a/security-tools/src/test/resources/csh-output.txt b/security-tools/src/test/resources/csh-output.txt index 47594af9339..2b6716de92b 100644 --- a/security-tools/src/test/resources/csh-output.txt +++ b/security-tools/src/test/resources/csh-output.txt @@ -1,3 +1,4 @@ +setenv VESPA_TLS_ENABLED "1"; setenv VESPA_TLS_CA_CERT "/path/to/cacerts"; setenv VESPA_TLS_CERT "/path/to/certificate"; setenv VESPA_TLS_PRIVATE_KEY "/path/to/key"; diff --git a/security-tools/src/test/resources/expected-help-output.txt b/security-tools/src/test/resources/expected-help-output.txt index e16f1b1dab0..7d125fe15a2 100644 --- a/security-tools/src/test/resources/expected-help-output.txt +++ b/security-tools/src/test/resources/expected-help-output.txt @@ -5,6 +5,7 @@ content of VESPA_TLS_CONFIG_FILE. -s,--shell <arg> Shell type. Shell type is auto-detected if option not present. Valid values: ['bourne', 'cshell']. The output may include the following variables: + - 'VESPA_TLS_ENABLED': Set to '1' if TLS is enabled in Vespa - 'VESPA_TLS_CA_CERT': Path to CA certificates file - 'VESPA_TLS_CERT': Path to certificate file - 'VESPA_TLS_PRIVATE_KEY': Path to private key file diff --git a/security-tools/src/test/resources/no-security-output.txt b/security-tools/src/test/resources/no-security-output.txt index 8ecd1e77902..3467f1316b5 100644 --- a/security-tools/src/test/resources/no-security-output.txt +++ b/security-tools/src/test/resources/no-security-output.txt @@ -1,3 +1,4 @@ +unset VESPA_TLS_ENABLED; unset VESPA_TLS_CA_CERT; unset VESPA_TLS_CERT; unset VESPA_TLS_PRIVATE_KEY; |