Merge pull request #24835 from yashykt/filewatcherprovider

Update file watcher certificate provider factory with provider implementation
4 years ago · d7907e6ba1
parent 4abb6027ac 82b158f249
commit d7907e6ba1
4 changed files with 45 additions and 4 deletions
--- a/src/core/ext/xds/file_watcher_certificate_provider_factory.cc
+++ b/src/core/ext/xds/file_watcher_certificate_provider_factory.cc
@ -23,6 +23,7 @@
 #include "absl/strings/str_format.h"
 #include "absl/strings/str_join.h"

+#include "src/core/ext/xds/certificate_provider_registry.h"
 #include "src/core/lib/json/json_util.h"

 namespace grpc_core {
@ -116,4 +117,28 @@ FileWatcherCertificateProviderFactory::CreateCertificateProviderConfig(
                                                              error);
 }

+RefCountedPtr<grpc_tls_certificate_provider>
+FileWatcherCertificateProviderFactory::CreateCertificateProvider(
+    RefCountedPtr<CertificateProviderFactory::Config> config) {
+  if (config->name() != name()) {
+    gpr_log(GPR_ERROR, "Wrong config type Actual:%s vs Expected:%s",
+            config->name(), name());
+    return nullptr;
+  }
+  auto* file_watcher_config =
+      static_cast<FileWatcherCertificateProviderFactory::Config*>(config.get());
+  return MakeRefCounted<FileWatcherCertificateProvider>(
+      file_watcher_config->private_key_file(),
+      file_watcher_config->identity_cert_file(),
+      file_watcher_config->root_cert_file(),
+      file_watcher_config->refresh_interval_ms() / GPR_MS_PER_SEC);
+}
+
+void FileWatcherCertificateProviderInit() {
+  CertificateProviderRegistry::RegisterCertificateProviderFactory(
+      absl::make_unique<FileWatcherCertificateProviderFactory>());
+}
+
+void FileWatcherCertificateProviderShutdown() {}
+
 }  // namespace grpc_core
--- a/src/core/ext/xds/file_watcher_certificate_provider_factory.h
+++ b/src/core/ext/xds/file_watcher_certificate_provider_factory.h
@ -61,10 +61,7 @@ class FileWatcherCertificateProviderFactory
                                  grpc_error** error) override;

  RefCountedPtr<grpc_tls_certificate_provider> CreateCertificateProvider(
-      RefCountedPtr<CertificateProviderFactory::Config> config) override {
-    // TODO(yashykt) : To be implemented
-    return nullptr;
-  }
+      RefCountedPtr<CertificateProviderFactory::Config> config) override;
 };

 }  // namespace grpc_core
--- a/src/core/plugin_registry/grpc_plugin_registry.cc
+++ b/src/core/plugin_registry/grpc_plugin_registry.cc
@ -68,6 +68,10 @@ void XdsClientGlobalShutdown();
 }  // namespace grpc_core
 void grpc_certificate_provider_registry_init(void);
 void grpc_certificate_provider_registry_shutdown(void);
+namespace grpc_core {
+void FileWatcherCertificateProviderInit();
+void FileWatcherCertificateProviderShutdown();
+}  // namespace grpc_core
 void grpc_lb_policy_cds_init(void);
 void grpc_lb_policy_cds_shutdown(void);
 void grpc_lb_policy_eds_init(void);
@ -126,6 +130,8 @@ void grpc_register_built_in_plugins(void) {
                       grpc_core::XdsClientGlobalShutdown);
  grpc_register_plugin(grpc_certificate_provider_registry_init,
                       grpc_certificate_provider_registry_shutdown);
+  grpc_register_plugin(grpc_core::FileWatcherCertificateProviderInit,
+                       grpc_core::FileWatcherCertificateProviderShutdown);
  grpc_register_plugin(grpc_lb_policy_cds_init,
                       grpc_lb_policy_cds_shutdown);
  grpc_register_plugin(grpc_lb_policy_eds_init,
--- a/test/cpp/end2end/xds_end2end_test.cc
+++ b/test/cpp/end2end/xds_end2end_test.cc
@ -184,6 +184,14 @@ constexpr char kBootstrapFileV3[] =
    "    },\n"
    "    \"fake_plugin2\": {\n"
    "      \"plugin_name\": \"fake2\"\n"
+    "    },\n"
+    "    \"file_plugin\": {\n"
+    "      \"plugin_name\": \"file_watcher\",\n"
+    "      \"config\": {\n"
+    "        \"certificate_file\": \"src/core/tsi/test_creds/client.pem\",\n"
+    "        \"private_key_file\": \"src/core/tsi/test_creds/client.key\",\n"
+    "        \"ca_certificate_file\": \"src/core/tsi/test_creds/ca.pem\"\n"
+    "      }"
    "    }\n"
    "  }\n"
    "}\n";
@ -5649,6 +5657,11 @@ TEST_P(XdsSecurityTest, TestFallbackToTls) {
  g_fake1_cert_data_map = nullptr;
 }

+TEST_P(XdsSecurityTest, TestFileWatcherCertificateProvider) {
+  UpdateAndVerifyXdsSecurityConfiguration("file_plugin", "", "file_plugin", "",
+                                          authenticated_identity_1_);
+}
+
 using EdsTest = BasicTest;

 // Tests that EDS client should send a NACK if the EDS update contains