blob: 5afb2188fac583bb2b3c3f85fa99427db0766fc3 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
// Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.vespa.config.server.tenant;
import com.yahoo.config.model.api.TenantSecretStore;
import com.yahoo.config.provision.SystemName;
import com.yahoo.config.provision.TenantName;
import com.yahoo.container.jdisc.secretstore.SecretStore;
import java.util.List;
import java.util.stream.Collectors;
/**
* @author olaa
*/
public class SecretStoreExternalIdRetriever {
private static final String SECRET_NAME_FORMAT = "%s.external.id.%s.%s";
public static List<TenantSecretStore> populateExternalId(SecretStore secretStore, TenantName tenant, SystemName system, List<TenantSecretStore> tenantSecretStores) {
return tenantSecretStores.stream()
.map(tenantSecretStore -> {
var secretName = secretName(tenant, system, tenantSecretStore.getName());
String secret = secretStore.getSecret(secretName);
if (secret == null)
throw new RuntimeException("No secret found in secret store for " + secretName);
return tenantSecretStore.withExternalId(secret);
})
.toList();
}
public static String secretName(TenantName tenant, SystemName system, String storeName) {
return String.format(SECRET_NAME_FORMAT, tenantSecretGroup(system), tenant.value(), storeName);
}
private static String tenantSecretGroup(SystemName system) {
switch (system) {
case Public:
return "vespa.external.tenant.secrets";
case PublicCd:
return "vespa.external.cd.tenant.secrets";
default:
throw new IllegalArgumentException("No tenant secret store key group defined for system " + system);
}
}
}
|
