From 65cbc699059677bd159afa369b621a754339daed Mon Sep 17 00:00:00 2001 From: Morten Tokle Date: Mon, 12 Dec 2022 13:27:00 +0100 Subject: [PATCH] Add debug logging --- .../CertificateRemovalChangeValidator.java | 18 +++++++++++++++++- .../CertificateRemovalChangeValidatorTest.java | 4 ++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/config-model/src/main/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidator.java b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidator.java index 1df33ab85173..5e5d5e3437c8 100644 --- a/config-model/src/main/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidator.java +++ b/config-model/src/main/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidator.java @@ -1,3 +1,4 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.model.application.validation.change; import com.yahoo.config.application.api.ValidationId; @@ -10,8 +11,19 @@ import java.time.Instant; import java.util.Collection; import java.util.List; +import java.util.logging.Level; +import java.util.logging.Logger; +import java.util.stream.Collectors; +/** + * Check that data plane certificates are not removed from a cluster. + * + * @author mortent + */ public class CertificateRemovalChangeValidator implements ChangeValidator { + + private static final Logger logger = Logger.getLogger(CertificateRemovalChangeValidator.class.getName()); + @Override public List validate(VespaModel current, VespaModel next, ValidationOverrides overrides, Instant now) { @@ -25,7 +37,6 @@ public List validate(VespaModel current, VespaModel next, Va } void validateClients(String clusterId, List current, List next, ValidationOverrides overrides, Instant now) { - List currentCertificates = current.stream() .map(Client::certificates) .flatMap(Collection::stream) @@ -35,6 +46,11 @@ void validateClients(String clusterId, List current, List next, .flatMap(Collection::stream) .toList(); + logger.log(Level.FINE, "Certificates for cluster %s: Current: [%s], Next: [%s]" + .formatted(clusterId, + currentCertificates.stream().map(cert -> cert.getSubjectX500Principal().getName()).collect(Collectors.joining(", ")), + nextCertificates.stream().map(cert -> cert.getSubjectX500Principal().getName()).collect(Collectors.joining(", ")))); + List missingCerts = currentCertificates.stream().filter(cert -> !nextCertificates.contains(cert)).toList(); if (!missingCerts.isEmpty()) { overrides.invalid(ValidationId.certificateRemoval, diff --git a/config-model/src/test/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidatorTest.java b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidatorTest.java index f89c75362da4..b6815db8b994 100644 --- a/config-model/src/test/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidatorTest.java +++ b/config-model/src/test/java/com/yahoo/vespa/model/application/validation/change/CertificateRemovalChangeValidatorTest.java @@ -1,3 +1,4 @@ +// Copyright Yahoo. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root. package com.yahoo.vespa.model.application.validation.change; import com.yahoo.config.application.api.ValidationOverrides; @@ -15,6 +16,9 @@ import static org.junit.jupiter.api.Assertions.assertThrows; +/** + * @author mortent + */ public class CertificateRemovalChangeValidatorTest { private static final String validationOverrides =