Store certificate and provisioner in one transaction.
This commit is contained in:
parent
0a5dc237df
commit
3694ba30dc
2 changed files with 27 additions and 43 deletions
13
db/db.go
13
db/db.go
|
@ -243,9 +243,7 @@ type ProvisionerData struct {
|
||||||
// authorized the certificate.
|
// authorized the certificate.
|
||||||
func (db *DB) StoreCertificateChain(p provisioner.Interface, chain ...*x509.Certificate) error {
|
func (db *DB) StoreCertificateChain(p provisioner.Interface, chain ...*x509.Certificate) error {
|
||||||
leaf := chain[0]
|
leaf := chain[0]
|
||||||
if err := db.StoreCertificate(leaf); err != nil {
|
serialNumber := []byte(leaf.SerialNumber.String())
|
||||||
return err
|
|
||||||
}
|
|
||||||
data := &CertificateData{}
|
data := &CertificateData{}
|
||||||
if p != nil {
|
if p != nil {
|
||||||
data.Provisioner = &ProvisionerData{
|
data.Provisioner = &ProvisionerData{
|
||||||
|
@ -254,13 +252,16 @@ func (db *DB) StoreCertificateChain(p provisioner.Interface, chain ...*x509.Cert
|
||||||
Type: p.GetType().String(),
|
Type: p.GetType().String(),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
b, err := json.Marshal(data)
|
b, err := json.Marshal(data)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errors.Wrap(err, "error marshaling json")
|
return errors.Wrap(err, "error marshaling json")
|
||||||
}
|
}
|
||||||
if err := db.Set(certsDataTable, []byte(leaf.SerialNumber.String()), b); err != nil {
|
// Add certificate and certificate data in one transaction.
|
||||||
return errors.Wrap(err, "database Set error")
|
tx := new(database.Tx)
|
||||||
|
tx.Set(certsTable, serialNumber, leaf.Raw)
|
||||||
|
tx.Set(certsDataTable, serialNumber, b)
|
||||||
|
if err := db.Update(tx); err != nil {
|
||||||
|
return errors.Wrap(err, "database Update error")
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -188,53 +188,36 @@ func TestDB_StoreCertificateChain(t *testing.T) {
|
||||||
wantErr bool
|
wantErr bool
|
||||||
}{
|
}{
|
||||||
{"ok", fields{&MockNoSQLDB{
|
{"ok", fields{&MockNoSQLDB{
|
||||||
MSet: func(bucket, key, value []byte) error {
|
MUpdate: func(tx *database.Tx) error {
|
||||||
switch string(bucket) {
|
if len(tx.Operations) != 2 {
|
||||||
case "x509_certs":
|
t.Fatal("unexpected number of operations")
|
||||||
assert.Equals(t, key, []byte("1234"))
|
|
||||||
assert.Equals(t, value, []byte("the certificate"))
|
|
||||||
case "x509_certs_data":
|
|
||||||
assert.Equals(t, key, []byte("1234"))
|
|
||||||
assert.Equals(t, value, []byte(`{"provisioner":{"id":"some-id","name":"admin","type":"JWK"}}`))
|
|
||||||
default:
|
|
||||||
t.Errorf("unexpected bucket %s", bucket)
|
|
||||||
}
|
}
|
||||||
|
assert.Equals(t, []byte("x509_certs"), tx.Operations[0].Bucket)
|
||||||
|
assert.Equals(t, []byte("1234"), tx.Operations[0].Key)
|
||||||
|
assert.Equals(t, []byte("the certificate"), tx.Operations[0].Value)
|
||||||
|
assert.Equals(t, []byte("x509_certs_data"), tx.Operations[1].Bucket)
|
||||||
|
assert.Equals(t, []byte("1234"), tx.Operations[1].Key)
|
||||||
|
assert.Equals(t, []byte(`{"provisioner":{"id":"some-id","name":"admin","type":"JWK"}}`), tx.Operations[1].Value)
|
||||||
return nil
|
return nil
|
||||||
},
|
},
|
||||||
}, true}, args{p, chain}, false},
|
}, true}, args{p, chain}, false},
|
||||||
{"ok no provisioner", fields{&MockNoSQLDB{
|
{"ok no provisioner", fields{&MockNoSQLDB{
|
||||||
MSet: func(bucket, key, value []byte) error {
|
MUpdate: func(tx *database.Tx) error {
|
||||||
switch string(bucket) {
|
if len(tx.Operations) != 2 {
|
||||||
case "x509_certs":
|
t.Fatal("unexpected number of operations")
|
||||||
assert.Equals(t, key, []byte("1234"))
|
|
||||||
assert.Equals(t, value, []byte("the certificate"))
|
|
||||||
case "x509_certs_data":
|
|
||||||
assert.Equals(t, key, []byte("1234"))
|
|
||||||
assert.Equals(t, value, []byte(`{}`))
|
|
||||||
default:
|
|
||||||
t.Errorf("unexpected bucket %s", bucket)
|
|
||||||
}
|
}
|
||||||
|
assert.Equals(t, []byte("x509_certs"), tx.Operations[0].Bucket)
|
||||||
|
assert.Equals(t, []byte("1234"), tx.Operations[0].Key)
|
||||||
|
assert.Equals(t, []byte("the certificate"), tx.Operations[0].Value)
|
||||||
|
assert.Equals(t, []byte("x509_certs_data"), tx.Operations[1].Bucket)
|
||||||
|
assert.Equals(t, []byte("1234"), tx.Operations[1].Key)
|
||||||
|
assert.Equals(t, []byte(`{}`), tx.Operations[1].Value)
|
||||||
return nil
|
return nil
|
||||||
},
|
},
|
||||||
}, true}, args{nil, chain}, false},
|
}, true}, args{nil, chain}, false},
|
||||||
{"fail store certificate", fields{&MockNoSQLDB{
|
{"fail store certificate", fields{&MockNoSQLDB{
|
||||||
MSet: func(bucket, key, value []byte) error {
|
MUpdate: func(tx *database.Tx) error {
|
||||||
switch string(bucket) {
|
|
||||||
case "x509_certs":
|
|
||||||
return errors.New("test error")
|
return errors.New("test error")
|
||||||
default:
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
},
|
|
||||||
}, true}, args{p, chain}, true},
|
|
||||||
{"fail store provisioner", fields{&MockNoSQLDB{
|
|
||||||
MSet: func(bucket, key, value []byte) error {
|
|
||||||
switch string(bucket) {
|
|
||||||
case "x509_certs_data":
|
|
||||||
return errors.New("test error")
|
|
||||||
default:
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
},
|
},
|
||||||
}, true}, args{p, chain}, true},
|
}, true}, args{p, chain}, true},
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue