Skip to content

Commit

Permalink
[iamclient] RenewCertNotification adaptation
Browse files Browse the repository at this point in the history 
Signed-off-by: Mykola Kobets <[email protected]>
  • Loading branch information
@mykola-kobets-epam
mykola-kobets-epam committed Aug 7, 2024
1 parent d2b5c01 commit 95a6bfa
Show file tree
Hide file tree
Showing 5 changed files with 17 additions and 11 deletions.
6 changes: 2 additions & 4 deletions amqphandler/amqphandler_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -299,11 +299,9 @@ func TestReceiveMessages(t *testing.T) {
expectedData: &cloudprotocol.RenewCertsNotification{
MessageType: cloudprotocol.RenewCertsNotificationMessageType,
Certificates: []cloudprotocol.RenewCertData{
{Type: "online", Serial: "1234", ValidTill: testTime},
{NodeID: "node0", Type: "online", Serial: "1234", ValidTill: testTime},
},
UnitSecret: cloudprotocol.UnitSecret{Version: 1, Data: struct {
OwnerPassword string `json:"ownerPassword"`
}{OwnerPassword: "pwd"}},
UnitSecrets: cloudprotocol.UnitSecrets{Version: "1.0.0", Nodes: map[string]string{"node0": "pwd"}},
},
},
{
Expand Down
4 changes: 2 additions & 2 deletions communicationmanager.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -394,12 +394,12 @@ func (cm *communicationManager) processMessage(message amqp.Message) (err error)
case *cloudprotocol.RenewCertsNotification:
log.Info("Receive renew certificates notification message")

if data.UnitSecret.Version != cloudprotocol.UnitSecretVersion {
if data.UnitSecrets.Version != cloudprotocol.UnitSecretVersion {
return aoserrors.New("unit secure version mismatch")
}

if err = cm.iam.RenewCertificatesNotification(
data.UnitSecret.Data.OwnerPassword, data.Certificates); err != nil {
data.UnitSecrets, data.Certificates); err != nil {
return aoserrors.Wrap(err)
}

Expand Down
9 changes: 8 additions & 1 deletion iamclient/iamclient.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,7 +211,9 @@ func (client *Client) SubscribeNodeInfoChange() <-chan cloudprotocol.NodeInfo {
}

// RenewCertificatesNotification renew certificates notification.
func (client *Client) RenewCertificatesNotification(pwd string, certInfo []cloudprotocol.RenewCertData) (err error) {
func (client *Client) RenewCertificatesNotification(secrets cloudprotocol.UnitSecrets,
certInfo []cloudprotocol.RenewCertData,
) (err error) {
newCerts := make([]cloudprotocol.IssueCertData, 0, len(certInfo))

for _, cert := range certInfo {
Expand All @@ -222,6 +224,11 @@ func (client *Client) RenewCertificatesNotification(pwd string, certInfo []cloud
ctx, cancel := context.WithTimeout(context.Background(), iamRequestTimeout)
defer cancel()

pwd, ok := secrets.Nodes[cert.NodeID]
if !ok {
return aoserrors.New("not found password for node: " + cert.NodeID)
}

request := &pb.CreateKeyRequest{Type: cert.Type, Password: pwd, NodeId: cert.NodeID}

response, err := client.certificateService.CreateKey(ctx, request)
Expand Down
7 changes: 4 additions & 3 deletions iamclient/iamclient_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,11 +188,12 @@ func TestRenewCertificatesNotification(t *testing.T) {
defer client.Close()

certInfo := []cloudprotocol.RenewCertData{
{Type: "online", Serial: "serail1", ValidTill: time.Now()},
{Type: "offline", Serial: "serail2", ValidTill: time.Now()},
{NodeID: "node0", Type: "online", Serial: "serial1", ValidTill: time.Now()},
{NodeID: "node0", Type: "offline", Serial: "serial2", ValidTill: time.Now()},
}
secrets := cloudprotocol.UnitSecrets{Nodes: map[string]string{"node0": "pwd"}}

if err = client.RenewCertificatesNotification("pwd", certInfo); err != nil {
if err = client.RenewCertificatesNotification(secrets, certInfo); err != nil {
t.Fatalf("Can't process renew certificate notification: %s", err)
}

Expand Down
2 changes: 1 addition & 1 deletion vendor/github.com/aosedge/aos_common/api/cloudprotocol/certificates.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 95a6bfa

Please sign in to comment.