summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java38
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java32
-rw-r--r--controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializerTest.java53
3 files changed, 116 insertions, 7 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java
index 56a50faa4fa..0aa0df8ae2b 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/certificates/EndpointCertificateMetadata.java
@@ -1,11 +1,13 @@
package com.yahoo.vespa.hosted.controller.api.integration.certificates;
+import java.util.List;
import java.util.Objects;
+import java.util.Optional;
/**
* This class is used for metadata about an application's endpoint certificate on the controller.
* <p>
- * It is a copy of com.yahoo.config.model.api.EndpointCertificateMetadata, but will soon be extended.
+ * It has more properties than com.yahoo.config.model.api.EndpointCertificateMetadata.
*
* @author andreer
*/
@@ -14,11 +16,27 @@ public class EndpointCertificateMetadata {
private final String keyName;
private final String certName;
private final int version;
+ private final Optional<String> request_id;
+ private final Optional<List<String>> requestedDnsSans;
public EndpointCertificateMetadata(String keyName, String certName, int version) {
this.keyName = keyName;
this.certName = certName;
this.version = version;
+ this.request_id = Optional.empty();
+ this.requestedDnsSans = Optional.empty();
+ }
+
+ public EndpointCertificateMetadata(String keyName, String certName, int version, Optional<String> request_id, Optional<List<String>> requestedDnsSans) {
+ this.keyName = keyName;
+ this.certName = certName;
+ this.version = version;
+ this.request_id = request_id;
+ this.requestedDnsSans = requestedDnsSans;
+ }
+
+ public EndpointCertificateMetadata(String keyName, String certName, int version, String request_id, List<String> requestedDnsSans) {
+ this(keyName, certName, version, Optional.of(request_id), Optional.of(requestedDnsSans));
}
public String keyName() {
@@ -33,12 +51,22 @@ public class EndpointCertificateMetadata {
return version;
}
+ public Optional<String> request_id() {
+ return request_id;
+ }
+
+ public Optional<List<String>> requestedDnsSans() {
+ return requestedDnsSans;
+ }
+
@Override
public String toString() {
return "EndpointCertificateMetadata{" +
"keyName='" + keyName + '\'' +
", certName='" + certName + '\'' +
", version=" + version +
+ ", request_id=" + request_id +
+ ", requestedDnsSans=" + requestedDnsSans +
'}';
}
@@ -48,12 +76,14 @@ public class EndpointCertificateMetadata {
if (o == null || getClass() != o.getClass()) return false;
EndpointCertificateMetadata that = (EndpointCertificateMetadata) o;
return version == that.version &&
- Objects.equals(keyName, that.keyName) &&
- Objects.equals(certName, that.certName);
+ keyName.equals(that.keyName) &&
+ certName.equals(that.certName) &&
+ request_id.equals(that.request_id) &&
+ requestedDnsSans.equals(that.requestedDnsSans);
}
@Override
public int hashCode() {
- return Objects.hash(keyName, certName, version);
+ return Objects.hash(keyName, certName, version, request_id, requestedDnsSans);
}
}
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java
index 702234b7634..8537118d309 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializer.java
@@ -6,6 +6,11 @@ import com.yahoo.slime.Slime;
import com.yahoo.vespa.config.SlimeUtils;
import com.yahoo.vespa.hosted.controller.api.integration.certificates.EndpointCertificateMetadata;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+import java.util.stream.IntStream;
+
/**
* (de)serializes endpoint certificate metadata
* <p>
@@ -26,6 +31,8 @@ public class EndpointCertificateMetadataSerializer {
private final static String keyNameField = "keyName";
private final static String certNameField = "certName";
private final static String versionField = "version";
+ private final static String requestIdField = "requestId";
+ private final static String requestedDnsSansField = "requestedDnsSans";
public static Slime toSlime(EndpointCertificateMetadata metadata) {
Slime slime = new Slime();
@@ -33,6 +40,13 @@ public class EndpointCertificateMetadataSerializer {
object.setString(keyNameField, metadata.keyName());
object.setString(certNameField, metadata.certName());
object.setLong(versionField, metadata.version());
+
+ metadata.request_id().ifPresent(id -> object.setString(requestIdField, id));
+ metadata.requestedDnsSans().ifPresent(sans -> {
+ Cursor cursor = object.setArray(requestedDnsSansField);
+ sans.forEach(cursor::addString);
+ });
+
return slime;
}
@@ -44,12 +58,24 @@ public class EndpointCertificateMetadataSerializer {
inspector.asString() + "-cert",
0
);
- case OBJECT:
+ case OBJECT: {
+ Optional<String> request_id = inspector.field(requestIdField).valid() ?
+ Optional.of(inspector.field(requestIdField).asString()) :
+ Optional.empty();
+
+ Optional<List<String>> requestedDnsSans = inspector.field(requestedDnsSansField).valid() ?
+ Optional.of(IntStream.range(0, inspector.field(requestedDnsSansField).entries())
+ .mapToObj(i -> inspector.field(requestedDnsSansField).entry(i).asString()).collect(Collectors.toList())) :
+ Optional.empty();
+
return new EndpointCertificateMetadata(
inspector.field(keyNameField).asString(),
inspector.field(certNameField).asString(),
- Math.toIntExact(inspector.field(versionField).asLong())
+ Math.toIntExact(inspector.field(versionField).asLong()),
+ request_id,
+ requestedDnsSans
);
+ }
default:
throw new IllegalArgumentException("Unknown format encountered for endpoint certificate metadata!");
@@ -61,7 +87,7 @@ public class EndpointCertificateMetadataSerializer {
}
public static EndpointCertificateMetadata fromJsonOrTlsSecretsKeysString(String zkdata) {
- if(zkdata.strip().startsWith("{")) {
+ if (zkdata.strip().startsWith("{")) {
return fromSlime(SlimeUtils.jsonToSlime(zkdata).get());
} else {
return fromTlsSecretsKeysString(zkdata);
diff --git a/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializerTest.java b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializerTest.java
new file mode 100644
index 00000000000..7428b9901a2
--- /dev/null
+++ b/controller-server/src/test/java/com/yahoo/vespa/hosted/controller/persistence/EndpointCertificateMetadataSerializerTest.java
@@ -0,0 +1,53 @@
+package com.yahoo.vespa.hosted.controller.persistence;
+
+import com.yahoo.vespa.hosted.controller.api.integration.certificates.EndpointCertificateMetadata;
+import org.junit.Test;
+
+import java.util.List;
+
+import static org.junit.Assert.*;
+
+public class EndpointCertificateMetadataSerializerTest {
+
+ private EndpointCertificateMetadata sample =
+ new EndpointCertificateMetadata("keyName", "certName", 1);
+ private EndpointCertificateMetadata sampleWithRequestMetadata =
+ new EndpointCertificateMetadata("keyName", "certName", 1, "requestId", List.of("SAN1", "SAN2"));
+
+ @Test
+ public void serialize() {
+ assertEquals(
+ "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1}",
+ EndpointCertificateMetadataSerializer.toSlime(sample).toString());
+ }
+
+ @Test
+ public void serializeWithRequestMetadata() {
+ assertEquals(
+ "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1,\"requestId\":\"requestId\",\"requestedDnsSans\":[\"SAN1\",\"SAN2\"]}",
+ EndpointCertificateMetadataSerializer.toSlime(sampleWithRequestMetadata).toString());
+ }
+
+ @Test
+ public void deserializeFromString() {
+ assertEquals(
+ new EndpointCertificateMetadata("foo-key", "foo-cert", 0),
+ EndpointCertificateMetadataSerializer.fromJsonOrTlsSecretsKeysString("foo"));
+ }
+
+ @Test
+ public void deserializeFromJson() {
+ assertEquals(
+ sample,
+ EndpointCertificateMetadataSerializer.fromJsonOrTlsSecretsKeysString(
+ "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1}"));
+ }
+
+ @Test
+ public void deserializeFromJsonWithRequestMetadata() {
+ assertEquals(
+ sampleWithRequestMetadata,
+ EndpointCertificateMetadataSerializer.fromJsonOrTlsSecretsKeysString(
+ "{\"keyName\":\"keyName\",\"certName\":\"certName\",\"version\":1,\"requestId\":\"requestId\",\"requestedDnsSans\":[\"SAN1\",\"SAN2\"]}"));
+ }
+} \ No newline at end of file