Retire `CertificateExpirationGauge` in favor of other expiration monitoring tools
This commit is contained in:
parent
cccccb4dd6
commit
a41d047f58
|
@ -4,9 +4,6 @@
|
||||||
*/
|
*/
|
||||||
package org.whispersystems.textsecuregcm.storage;
|
package org.whispersystems.textsecuregcm.storage;
|
||||||
|
|
||||||
import static com.codahale.metrics.MetricRegistry.name;
|
|
||||||
|
|
||||||
import com.codahale.metrics.SharedMetricRegistries;
|
|
||||||
import java.security.KeyStore;
|
import java.security.KeyStore;
|
||||||
import java.security.cert.CertificateException;
|
import java.security.cert.CertificateException;
|
||||||
import javax.net.ssl.SSLContext;
|
import javax.net.ssl.SSLContext;
|
||||||
|
@ -19,9 +16,7 @@ import org.glassfish.jersey.client.authentication.HttpAuthenticationFeature;
|
||||||
import org.whispersystems.textsecuregcm.configuration.DirectoryServerConfiguration;
|
import org.whispersystems.textsecuregcm.configuration.DirectoryServerConfiguration;
|
||||||
import org.whispersystems.textsecuregcm.entities.DirectoryReconciliationRequest;
|
import org.whispersystems.textsecuregcm.entities.DirectoryReconciliationRequest;
|
||||||
import org.whispersystems.textsecuregcm.entities.DirectoryReconciliationResponse;
|
import org.whispersystems.textsecuregcm.entities.DirectoryReconciliationResponse;
|
||||||
import org.whispersystems.textsecuregcm.util.CertificateExpirationGauge;
|
|
||||||
import org.whispersystems.textsecuregcm.util.CertificateUtil;
|
import org.whispersystems.textsecuregcm.util.CertificateUtil;
|
||||||
import org.whispersystems.textsecuregcm.util.Constants;
|
|
||||||
|
|
||||||
public class DirectoryReconciliationClient {
|
public class DirectoryReconciliationClient {
|
||||||
|
|
||||||
|
@ -33,10 +28,6 @@ public class DirectoryReconciliationClient {
|
||||||
{
|
{
|
||||||
this.replicationUrl = directoryServerConfiguration.getReplicationUrl();
|
this.replicationUrl = directoryServerConfiguration.getReplicationUrl();
|
||||||
this.client = initializeClient(directoryServerConfiguration);
|
this.client = initializeClient(directoryServerConfiguration);
|
||||||
|
|
||||||
SharedMetricRegistries.getOrCreate(Constants.METRICS_NAME)
|
|
||||||
.register(name(getClass(), directoryServerConfiguration.getReplicationName(), "days_until_certificate_expiration"),
|
|
||||||
new CertificateExpirationGauge(CertificateUtil.getCertificate(directoryServerConfiguration.getReplicationCaCertificate())));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public DirectoryReconciliationResponse add(DirectoryReconciliationRequest request) {
|
public DirectoryReconciliationResponse add(DirectoryReconciliationRequest request) {
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2013-2020 Signal Messenger, LLC
|
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
|
||||||
*/
|
|
||||||
|
|
||||||
package org.whispersystems.textsecuregcm.util;
|
|
||||||
|
|
||||||
import com.codahale.metrics.CachedGauge;
|
|
||||||
import java.security.cert.X509Certificate;
|
|
||||||
import java.time.Duration;
|
|
||||||
import java.time.Instant;
|
|
||||||
import java.util.concurrent.TimeUnit;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Measures and reports the number of days until a certificate expires.
|
|
||||||
*/
|
|
||||||
public class CertificateExpirationGauge extends CachedGauge<Long> {
|
|
||||||
|
|
||||||
private final Instant certificateExpiration;
|
|
||||||
|
|
||||||
public CertificateExpirationGauge(final X509Certificate certificate) {
|
|
||||||
super(1, TimeUnit.HOURS);
|
|
||||||
|
|
||||||
certificateExpiration = certificate.getNotAfter().toInstant();
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
protected Long loadValue() {
|
|
||||||
return Duration.between(Instant.now(), certificateExpiration).toDays();
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,36 +0,0 @@
|
||||||
/*
|
|
||||||
* Copyright 2013-2020 Signal Messenger, LLC
|
|
||||||
* SPDX-License-Identifier: AGPL-3.0-only
|
|
||||||
*/
|
|
||||||
|
|
||||||
package org.whispersystems.textsecuregcm.util;
|
|
||||||
|
|
||||||
import org.junit.jupiter.api.Test;
|
|
||||||
|
|
||||||
import java.security.cert.X509Certificate;
|
|
||||||
import java.time.Duration;
|
|
||||||
import java.time.Instant;
|
|
||||||
import java.util.Date;
|
|
||||||
|
|
||||||
import static org.junit.jupiter.api.Assertions.*;
|
|
||||||
import static org.mockito.Mockito.mock;
|
|
||||||
import static org.mockito.Mockito.when;
|
|
||||||
|
|
||||||
class CertificateExpirationGaugeTest {
|
|
||||||
|
|
||||||
@Test
|
|
||||||
void loadValue() {
|
|
||||||
final X509Certificate certificate = mock(X509Certificate.class);
|
|
||||||
|
|
||||||
final long daysUntilExpiration = 17;
|
|
||||||
|
|
||||||
final Instant now = Instant.now();
|
|
||||||
final Instant later = now.plus(Duration.ofDays(daysUntilExpiration)).plus(Duration.ofMinutes(1));
|
|
||||||
|
|
||||||
when(certificate.getNotAfter()).thenReturn(new Date(later.toEpochMilli()));
|
|
||||||
|
|
||||||
final CertificateExpirationGauge gauge = new CertificateExpirationGauge(certificate);
|
|
||||||
|
|
||||||
assertEquals(daysUntilExpiration, (long) gauge.loadValue());
|
|
||||||
}
|
|
||||||
}
|
|
Loading…
Reference in New Issue