Move setup of hosted specific 4443 connector to new class

yehzu · Aug 21, 2019 · 2ea2314 · 2ea2314
1 parent f5c9952
commit 2ea2314
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 14 deletions.
diff --git a/config-model/src/main/java/com/yahoo/vespa/model/container/ApplicationContainer.java b/config-model/src/main/java/com/yahoo/vespa/model/container/ApplicationContainer.java
@@ -8,10 +8,9 @@
 import com.yahoo.osgi.provider.model.ComponentModel;
 import com.yahoo.prelude.fastsearch.FS4ResourcePool;
 import com.yahoo.vespa.model.container.component.Component;
-import com.yahoo.vespa.model.container.http.ConnectorFactory;
 import com.yahoo.vespa.model.container.http.Http;
 import com.yahoo.vespa.model.container.http.JettyHttpServer;
-import com.yahoo.vespa.model.container.http.ssl.ConfiguredDirectSslProvider;
+import com.yahoo.vespa.model.container.http.ssl.HostedSslConnectorFactory;
 
 import java.util.Optional;
 
@@ -35,22 +34,15 @@ public ApplicationContainer(AbstractConfigProducer parent, String name, boolean
         this.isHostedVespa = isHostedVespa;
 
         if (isHostedVespa && tlsSecrets.isPresent()) {
-            String connectorName = "tls4443";
 
             JettyHttpServer server = Optional.ofNullable(getHttp())
                                              .map(Http::getHttpServer)
                                              .orElse(getDefaultHttpServer());
-
-            var sslProvider = new ConfiguredDirectSslProvider(
-                    server.getComponentId().getName(),
-                    tlsSecrets.get().key(),
-                    tlsSecrets.get().certificate(),
-                    null,
-                    tlsCa.orElse(null),
-                    null
-            );
-
-            server.addConnector(new ConnectorFactory(connectorName, 4443, sslProvider));
+            String serverName = server.getComponentId().getName();
+            var connectorFactory = tlsCa
+                    .map(caCert -> new HostedSslConnectorFactory(serverName, tlsSecrets.get(), caCert))
+                    .orElseGet(() -> new HostedSslConnectorFactory(serverName, tlsSecrets.get()));
+            server.addConnector(connectorFactory);
         }
         addComponent(getFS4ResourcePool()); // TODO Remove when FS4 based search protocol is gone
     }

diff --git a/...del/src/main/java/com/yahoo/vespa/model/container/http/ssl/HostedSslConnectorFactory.java b/...del/src/main/java/com/yahoo/vespa/model/container/http/ssl/HostedSslConnectorFactory.java
@@ -0,0 +1,33 @@
+// Copyright 2019 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
+package com.yahoo.vespa.model.container.http.ssl;
+
+import com.yahoo.config.model.api.TlsSecrets;
+import com.yahoo.vespa.model.container.http.ConnectorFactory;
+
+/**
+ * Component specification for {@link com.yahoo.jdisc.http.server.jetty.ConnectorFactory} with hosted specific configuration.
+ *
+ * @author bjorncs
+ */
+public class HostedSslConnectorFactory extends ConnectorFactory {
+
+    public HostedSslConnectorFactory(String serverName, TlsSecrets tlsSecrets) {
+        this(serverName, tlsSecrets, null);
+    }
+
+    public HostedSslConnectorFactory(String serverName, TlsSecrets tlsSecrets, String tlsCaCertificates) {
+        super("tls4443", 4443, createSslProvider(serverName, tlsSecrets, tlsCaCertificates));
+    }
+
+    private static ConfiguredDirectSslProvider createSslProvider(
+            String serverName, TlsSecrets tlsSecrets, String tlsCaCertificates) {
+        return new ConfiguredDirectSslProvider(
+                serverName,
+                tlsSecrets.key(),
+                tlsSecrets.certificate(),
+                /*caCertificatePath*/null,
+                tlsCaCertificates,
+                "disabled");
+    }
+
+}