remove global_ca_certificate functionality

terascope · Apr 9, 2024 · 85c8ada · 85c8ada
1 parent 396c712
commit 85c8ada
Show file tree

Hide file tree

Showing 5 changed files with 20 additions and 40 deletions.
diff --git a/docs/configuration/overview.md b/docs/configuration/overview.md
@@ -37,7 +37,6 @@ teraslice:
 | **asset_storage_bucket** |  `String` | `ts-assets-<teraslice.name>` |       Name of S3 bucket if using S3 external asset storage.        |
 | **asset_storage_connection** |  `String`  | `"default"` |       Name of the connection of `asset_storage_connection_type` where asset bundles will be stored.        |
 | **asset_storage_connection_type** |  `String`  | `"elasticsearch-next"` |       Name of the connection type that will store asset bundles. options: `elasticsearch-next`, `s3`.        |
-| **global_ca_certificate** |  `String` | none |       A global ca-certificate that will get passed down to all connectors.
 | **connectors** |  `Object`  | none |       Required. An object whose keys are connection types and values are objects describing each connection of that type. See [Terafoundation Connectors](#terafoundation-connectors).        |
 | **environment** |  `String`  | `"development"` |       If set to `development` console logging will automatically be turned on.        |
 |  **log_level**  |  `String`  |    `"info"`     |                                Default logging levels                                 |

diff --git a/packages/terafoundation/src/connector-utils.ts b/packages/terafoundation/src/connector-utils.ts
@@ -25,18 +25,13 @@ function requireConnector(filePath: string, errors: ErrorResult[]) {
         valid = false;
     }
 
-    /* TODO: Add this once we add validate_config function to all connectors because
-        as of right now this fucntion is unique to the s3 connector
-
-    */
-
-    // if (mod && typeof mod.validate_config !== 'function') {
-    //     errors.push({
-    //         filePath,
-    //         message: `Connector ${filePath} missing required validate_config function`,
-    //     });
-    //     valid = false;
-    // }
+    if (mod && mod.validate_config && typeof mod.validate_config !== 'function') {
+        errors.push({
+            filePath,
+            message: `Connector ${filePath} validate_config must be a function`,
+        });
+        valid = false;
+    }
 
     if (mod && typeof mod.create !== 'function') {
         errors.push({
@@ -110,17 +105,15 @@ export function getConnectorModule(name: string, reason: string): any {
     return null;
 }
 
-export function getConnectorSchema(name: string): Record<string, any> {
+export function getConnectorInitializers(name: string): Record<string, any> {
     const reason = `Could not retrieve schema code for: ${name}\n`;
 
     const mod = getConnectorModule(name, reason);
     if (!mod) {
         console.warn(`[WARNING] ${reason}`);
         return {};
-    } if (typeof mod.validate_config === 'function') {
-        return { schema: mod.config_schema(), validator: mod.validate_config };
     }
-    return { schema: mod.config_schema() };
+    return { connectorSchema: mod.config_schema(), validatorFn: mod.validate_config };
 }
 
 export function createConnection(

diff --git a/packages/terafoundation/src/connectors/s3.ts b/packages/terafoundation/src/connectors/s3.ts
@@ -62,24 +62,19 @@ export default {
             }
         };
     },
-    validate_config(config: any, sysconfig: any): any {
-        /// Copy globalCaCertificate into s3 connector
-        config.globalCaCertificate = sysconfig.terafoundation.global_ca_certificate;
-
+    validate_config(config: Record<string, any>): void {
         /// Cross validate s3 configuration
         const caCertExists: boolean = (config.caCertificate.length !== 0);
         const certLocationExists: boolean = (config.certLocation.length !== 0);
         if (caCertExists && certLocationExists) {
-            throw new Error('"caCertificate" and "certLocation" contradict inside of the s3 connection config. '
-            + 'Use only one or the other.');
+            throw new Error('"caCertificate" and "certLocation" contradict inside of the s3 connection config.\n'
+            + '  Use only one or the other.');
         } else if (
             (caCertExists && !config.sslEnabled)
             || (certLocationExists && !config.sslEnabled)
         ) {
             throw new Error('A certificate is provided but sslEnabled is set to "false".\n'
-                + 'Set sslEnabled to "true" or don\'t provide a certificate inside of the s3 connection config.');
+                + '  Set sslEnabled to "true" or don\'t provide a certificate inside of the s3 connection config.');
         }
-
-        return config;
     }
 };
diff --git a/packages/terafoundation/src/schema.ts b/packages/terafoundation/src/schema.ts
@@ -125,11 +125,6 @@ export function foundationSchema(sysconfig: Terafoundation.SysConfig<any>): conv
                 }
                 // TODO: add regex to check if valid bucket name
             }
-        },
-        global_ca_certificate: {
-            doc: 'CA certificate that will be available for all connectors',
-            default: undefined,
-            format: String
         }
     };
 

diff --git a/packages/terafoundation/src/validate-configs.ts b/packages/terafoundation/src/validate-configs.ts
@@ -8,7 +8,7 @@ import {
 import convict_format_with_validator from 'convict-format-with-validator';
 // @ts-expect-error no types
 import convict_format_with_moment from 'convict-format-with-moment';
-import { getConnectorSchema } from './connector-utils';
+import { getConnectorInitializers } from './connector-utils';
 import { foundationSchema } from './schema';
 import * as i from './interfaces';
 
@@ -19,8 +19,7 @@ function validateConfig(
     cluster: { isMaster: boolean },
     schema: convict.Schema<any>,
     namespaceConfig: any,
-    sysconfig?: any,
-    connectorValidation?: ((config: any, sysconfig: any) => void) | undefined
+    crossFieldValidation?: ((config: Record<string, any>) => void) | undefined
 ) {
     try {
         const config = convict(schema || {});
@@ -35,8 +34,8 @@ function validateConfig(
                 allowed: true,
             } as any);
         }
-        if (typeof connectorValidation === 'function') {
-            return connectorValidation(config.getProperties(), sysconfig);
+        if (crossFieldValidation) {
+            crossFieldValidation(config.getProperties());
         }
 
         return config.getProperties();
@@ -102,16 +101,15 @@ export default function validateConfigs<
 
             const connectors: Record<string, any> = subConfig.connectors || {};
             for (const [connector, connectorConfig] of Object.entries(connectors)) {
-                const connectorSchema = getConnectorSchema(connector);
+                const { connectorSchema, validatorFn } = getConnectorInitializers(connector);
 
                 result[schemaKey].connectors[connector] = {};
                 for (const [connection, connectionConfig] of Object.entries(connectorConfig)) {
                     result[schemaKey].connectors[connector][connection] = validateConfig(
                         cluster,
-                        connectorSchema.schema,
+                        connectorSchema,
                         connectionConfig as any,
-                        sysconfig,
-                        connectorSchema.validator
+                        validatorFn
                     );
                 }
             }