From 85c8adabe405b3b691a0ca132377f1261edb9395 Mon Sep 17 00:00:00 2001 From: busma13 Date: Tue, 9 Apr 2024 09:00:08 -0700 Subject: [PATCH] remove global_ca_certificate functionality --- docs/configuration/overview.md | 1 - .../terafoundation/src/connector-utils.ts | 25 +++++++------------ packages/terafoundation/src/connectors/s3.ts | 13 +++------- packages/terafoundation/src/schema.ts | 5 ---- .../terafoundation/src/validate-configs.ts | 16 ++++++------ 5 files changed, 20 insertions(+), 40 deletions(-) diff --git a/docs/configuration/overview.md b/docs/configuration/overview.md index 48099a1c601..b16eafed3b1 100644 --- a/docs/configuration/overview.md +++ b/docs/configuration/overview.md @@ -37,7 +37,6 @@ teraslice: | **asset_storage_bucket** | `String` | `ts-assets-` | Name of S3 bucket if using S3 external asset storage. | | **asset_storage_connection** | `String` | `"default"` | Name of the connection of `asset_storage_connection_type` where asset bundles will be stored. | | **asset_storage_connection_type** | `String` | `"elasticsearch-next"` | Name of the connection type that will store asset bundles. options: `elasticsearch-next`, `s3`. | -| **global_ca_certificate** | `String` | none | A global ca-certificate that will get passed down to all connectors. | **connectors** | `Object` | none | Required. An object whose keys are connection types and values are objects describing each connection of that type. See [Terafoundation Connectors](#terafoundation-connectors). | | **environment** | `String` | `"development"` | If set to `development` console logging will automatically be turned on. | | **log_level** | `String` | `"info"` | Default logging levels | diff --git a/packages/terafoundation/src/connector-utils.ts b/packages/terafoundation/src/connector-utils.ts index ae1ef5567f4..799d51a2c59 100644 --- a/packages/terafoundation/src/connector-utils.ts +++ b/packages/terafoundation/src/connector-utils.ts @@ -25,18 +25,13 @@ function requireConnector(filePath: string, errors: ErrorResult[]) { valid = false; } - /* TODO: Add this once we add validate_config function to all connectors because - as of right now this fucntion is unique to the s3 connector - - */ - - // if (mod && typeof mod.validate_config !== 'function') { - // errors.push({ - // filePath, - // message: `Connector ${filePath} missing required validate_config function`, - // }); - // valid = false; - // } + if (mod && mod.validate_config && typeof mod.validate_config !== 'function') { + errors.push({ + filePath, + message: `Connector ${filePath} validate_config must be a function`, + }); + valid = false; + } if (mod && typeof mod.create !== 'function') { errors.push({ @@ -110,17 +105,15 @@ export function getConnectorModule(name: string, reason: string): any { return null; } -export function getConnectorSchema(name: string): Record { +export function getConnectorInitializers(name: string): Record { const reason = `Could not retrieve schema code for: ${name}\n`; const mod = getConnectorModule(name, reason); if (!mod) { console.warn(`[WARNING] ${reason}`); return {}; - } if (typeof mod.validate_config === 'function') { - return { schema: mod.config_schema(), validator: mod.validate_config }; } - return { schema: mod.config_schema() }; + return { connectorSchema: mod.config_schema(), validatorFn: mod.validate_config }; } export function createConnection( diff --git a/packages/terafoundation/src/connectors/s3.ts b/packages/terafoundation/src/connectors/s3.ts index b6a4c105bfa..9eb10ccc6e8 100644 --- a/packages/terafoundation/src/connectors/s3.ts +++ b/packages/terafoundation/src/connectors/s3.ts @@ -62,24 +62,19 @@ export default { } }; }, - validate_config(config: any, sysconfig: any): any { - /// Copy globalCaCertificate into s3 connector - config.globalCaCertificate = sysconfig.terafoundation.global_ca_certificate; - + validate_config(config: Record): void { /// Cross validate s3 configuration const caCertExists: boolean = (config.caCertificate.length !== 0); const certLocationExists: boolean = (config.certLocation.length !== 0); if (caCertExists && certLocationExists) { - throw new Error('"caCertificate" and "certLocation" contradict inside of the s3 connection config. ' - + 'Use only one or the other.'); + throw new Error('"caCertificate" and "certLocation" contradict inside of the s3 connection config.\n' + + ' Use only one or the other.'); } else if ( (caCertExists && !config.sslEnabled) || (certLocationExists && !config.sslEnabled) ) { throw new Error('A certificate is provided but sslEnabled is set to "false".\n' - + 'Set sslEnabled to "true" or don\'t provide a certificate inside of the s3 connection config.'); + + ' Set sslEnabled to "true" or don\'t provide a certificate inside of the s3 connection config.'); } - - return config; } }; diff --git a/packages/terafoundation/src/schema.ts b/packages/terafoundation/src/schema.ts index 08cfe3c6013..da9363d8016 100644 --- a/packages/terafoundation/src/schema.ts +++ b/packages/terafoundation/src/schema.ts @@ -125,11 +125,6 @@ export function foundationSchema(sysconfig: Terafoundation.SysConfig): conv } // TODO: add regex to check if valid bucket name } - }, - global_ca_certificate: { - doc: 'CA certificate that will be available for all connectors', - default: undefined, - format: String } }; diff --git a/packages/terafoundation/src/validate-configs.ts b/packages/terafoundation/src/validate-configs.ts index d1fc7430581..47acd32c530 100644 --- a/packages/terafoundation/src/validate-configs.ts +++ b/packages/terafoundation/src/validate-configs.ts @@ -8,7 +8,7 @@ import { import convict_format_with_validator from 'convict-format-with-validator'; // @ts-expect-error no types import convict_format_with_moment from 'convict-format-with-moment'; -import { getConnectorSchema } from './connector-utils'; +import { getConnectorInitializers } from './connector-utils'; import { foundationSchema } from './schema'; import * as i from './interfaces'; @@ -19,8 +19,7 @@ function validateConfig( cluster: { isMaster: boolean }, schema: convict.Schema, namespaceConfig: any, - sysconfig?: any, - connectorValidation?: ((config: any, sysconfig: any) => void) | undefined + crossFieldValidation?: ((config: Record) => void) | undefined ) { try { const config = convict(schema || {}); @@ -35,8 +34,8 @@ function validateConfig( allowed: true, } as any); } - if (typeof connectorValidation === 'function') { - return connectorValidation(config.getProperties(), sysconfig); + if (crossFieldValidation) { + crossFieldValidation(config.getProperties()); } return config.getProperties(); @@ -102,16 +101,15 @@ export default function validateConfigs< const connectors: Record = subConfig.connectors || {}; for (const [connector, connectorConfig] of Object.entries(connectors)) { - const connectorSchema = getConnectorSchema(connector); + const { connectorSchema, validatorFn } = getConnectorInitializers(connector); result[schemaKey].connectors[connector] = {}; for (const [connection, connectionConfig] of Object.entries(connectorConfig)) { result[schemaKey].connectors[connector][connection] = validateConfig( cluster, - connectorSchema.schema, + connectorSchema, connectionConfig as any, - sysconfig, - connectorSchema.validator + validatorFn ); } }