Store certificate and provisioner in one transaction.

This commit is contained in:
Mariano Cano 2022-04-12 18:42:27 -07:00
parent 0a5dc237df
commit 3694ba30dc
2 changed files with 27 additions and 43 deletions

View file

@ -243,9 +243,7 @@ type ProvisionerData struct {
// authorized the certificate. // authorized the certificate.
func (db *DB) StoreCertificateChain(p provisioner.Interface, chain ...*x509.Certificate) error { func (db *DB) StoreCertificateChain(p provisioner.Interface, chain ...*x509.Certificate) error {
leaf := chain[0] leaf := chain[0]
if err := db.StoreCertificate(leaf); err != nil { serialNumber := []byte(leaf.SerialNumber.String())
return err
}
data := &CertificateData{} data := &CertificateData{}
if p != nil { if p != nil {
data.Provisioner = &ProvisionerData{ data.Provisioner = &ProvisionerData{
@ -254,13 +252,16 @@ func (db *DB) StoreCertificateChain(p provisioner.Interface, chain ...*x509.Cert
Type: p.GetType().String(), Type: p.GetType().String(),
} }
} }
b, err := json.Marshal(data) b, err := json.Marshal(data)
if err != nil { if err != nil {
return errors.Wrap(err, "error marshaling json") return errors.Wrap(err, "error marshaling json")
} }
if err := db.Set(certsDataTable, []byte(leaf.SerialNumber.String()), b); err != nil { // Add certificate and certificate data in one transaction.
return errors.Wrap(err, "database Set error") tx := new(database.Tx)
tx.Set(certsTable, serialNumber, leaf.Raw)
tx.Set(certsDataTable, serialNumber, b)
if err := db.Update(tx); err != nil {
return errors.Wrap(err, "database Update error")
} }
return nil return nil
} }

View file

@ -188,53 +188,36 @@ func TestDB_StoreCertificateChain(t *testing.T) {
wantErr bool wantErr bool
}{ }{
{"ok", fields{&MockNoSQLDB{ {"ok", fields{&MockNoSQLDB{
MSet: func(bucket, key, value []byte) error { MUpdate: func(tx *database.Tx) error {
switch string(bucket) { if len(tx.Operations) != 2 {
case "x509_certs": t.Fatal("unexpected number of operations")
assert.Equals(t, key, []byte("1234"))
assert.Equals(t, value, []byte("the certificate"))
case "x509_certs_data":
assert.Equals(t, key, []byte("1234"))
assert.Equals(t, value, []byte(`{"provisioner":{"id":"some-id","name":"admin","type":"JWK"}}`))
default:
t.Errorf("unexpected bucket %s", bucket)
} }
assert.Equals(t, []byte("x509_certs"), tx.Operations[0].Bucket)
assert.Equals(t, []byte("1234"), tx.Operations[0].Key)
assert.Equals(t, []byte("the certificate"), tx.Operations[0].Value)
assert.Equals(t, []byte("x509_certs_data"), tx.Operations[1].Bucket)
assert.Equals(t, []byte("1234"), tx.Operations[1].Key)
assert.Equals(t, []byte(`{"provisioner":{"id":"some-id","name":"admin","type":"JWK"}}`), tx.Operations[1].Value)
return nil return nil
}, },
}, true}, args{p, chain}, false}, }, true}, args{p, chain}, false},
{"ok no provisioner", fields{&MockNoSQLDB{ {"ok no provisioner", fields{&MockNoSQLDB{
MSet: func(bucket, key, value []byte) error { MUpdate: func(tx *database.Tx) error {
switch string(bucket) { if len(tx.Operations) != 2 {
case "x509_certs": t.Fatal("unexpected number of operations")
assert.Equals(t, key, []byte("1234"))
assert.Equals(t, value, []byte("the certificate"))
case "x509_certs_data":
assert.Equals(t, key, []byte("1234"))
assert.Equals(t, value, []byte(`{}`))
default:
t.Errorf("unexpected bucket %s", bucket)
} }
assert.Equals(t, []byte("x509_certs"), tx.Operations[0].Bucket)
assert.Equals(t, []byte("1234"), tx.Operations[0].Key)
assert.Equals(t, []byte("the certificate"), tx.Operations[0].Value)
assert.Equals(t, []byte("x509_certs_data"), tx.Operations[1].Bucket)
assert.Equals(t, []byte("1234"), tx.Operations[1].Key)
assert.Equals(t, []byte(`{}`), tx.Operations[1].Value)
return nil return nil
}, },
}, true}, args{nil, chain}, false}, }, true}, args{nil, chain}, false},
{"fail store certificate", fields{&MockNoSQLDB{ {"fail store certificate", fields{&MockNoSQLDB{
MSet: func(bucket, key, value []byte) error { MUpdate: func(tx *database.Tx) error {
switch string(bucket) {
case "x509_certs":
return errors.New("test error") return errors.New("test error")
default:
return nil
}
},
}, true}, args{p, chain}, true},
{"fail store provisioner", fields{&MockNoSQLDB{
MSet: func(bucket, key, value []byte) error {
switch string(bucket) {
case "x509_certs_data":
return errors.New("test error")
default:
return nil
}
}, },
}, true}, args{p, chain}, true}, }, true}, args{p, chain}, true},
} }