mirror of https://github.com/status-im/consul.git
ca-manager: move provider shutdown into CAManager
Reducing the coupling between Server and CAManager
This commit is contained in:
parent
8fce7083c1
commit
b1877660d5
|
@ -387,9 +387,6 @@ func (s *Server) revokeLeadership() {
|
|||
|
||||
s.stopConnectLeader()
|
||||
|
||||
s.caManager.setCAProvider(nil, nil)
|
||||
s.caManager.setState(caStateUninitialized, false)
|
||||
|
||||
s.stopACLTokenReaping()
|
||||
|
||||
s.stopACLUpgrade()
|
||||
|
|
|
@ -49,14 +49,6 @@ func (s *Server) stopConnectLeader() {
|
|||
s.leaderRoutineManager.Stop(caRootPruningRoutineName)
|
||||
s.leaderRoutineManager.Stop(caRootMetricRoutineName)
|
||||
s.leaderRoutineManager.Stop(caSigningMetricRoutineName)
|
||||
|
||||
// If the provider implements NeedsStop, we call Stop to perform any shutdown actions.
|
||||
provider, _ := s.caManager.getCAProvider()
|
||||
if provider != nil {
|
||||
if needsStop, ok := provider.(ca.NeedsStop); ok {
|
||||
needsStop.Stop()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// createProvider returns a connect CA provider from the given config.
|
||||
|
|
|
@ -271,6 +271,14 @@ func (c *CAManager) Stop() {
|
|||
c.leaderRoutineManager.Stop(secondaryCARootWatchRoutineName)
|
||||
c.leaderRoutineManager.Stop(intermediateCertRenewWatchRoutineName)
|
||||
c.leaderRoutineManager.Stop(backgroundCAInitializationRoutineName)
|
||||
|
||||
if provider, _ := c.getCAProvider(); provider != nil {
|
||||
if needsStop, ok := provider.(ca.NeedsStop); ok {
|
||||
needsStop.Stop()
|
||||
}
|
||||
}
|
||||
c.setCAProvider(nil, nil)
|
||||
c.setState(caStateUninitialized, false)
|
||||
}
|
||||
|
||||
func (c *CAManager) startPostInitializeRoutines(ctx context.Context) {
|
||||
|
|
|
@ -138,6 +138,7 @@ func (s *Server) getCARoots(ws memdb.WatchSet, state *state.Store) (*structs.Ind
|
|||
return indexedRoots, nil
|
||||
}
|
||||
|
||||
// TODO: Move this off Server. This is only called by RPC endpoints.
|
||||
func (s *Server) SignCertificate(csr *x509.CertificateRequest, spiffeID connect.CertURI) (*structs.IssuedCert, error) {
|
||||
provider, caRoot := s.caManager.getCAProvider()
|
||||
if provider == nil {
|
||||
|
|
Loading…
Reference in New Issue