// SetCert tells all members to add the cert to their database.
// rolls back on failure
func (r Redis) SetCert(cert core.CertBundle) error {
conn := pool.Get()
defer conn.Close()
// publishJson to others
err := r.publishJson(conn, "set-cert", cert)
if err != nil {
// nothing to rollback yet (nobody received)
return err
}
actionHash := fmt.Sprintf("%x", md5.Sum([]byte(fmt.Sprintf("set-cert %s", cert))))
// ensure all members applied action
err = r.waitForMembers(conn, actionHash)
if err != nil {
uActionHash := fmt.Sprintf("%x", md5.Sum([]byte(fmt.Sprintf("delete-cert %s", cert))))
// cleanup rollback cruft. clear actionHash ensures no mistakes on re-submit
defer conn.Do("DEL", uActionHash, actionHash)
// attempt rollback - no need to waitForMembers here
uerr := r.publishJson(conn, "delete-cert", cert)
if uerr != nil {
err = fmt.Errorf("%v - %v", err, uerr)
}
return err
}
if database.CentralStore {
return database.SetCert(cert)
}
return nil
}
func SetCert(cert core.CertBundle) error {
// in case of failure
oldCerts, err := database.GetCerts()
if err != nil {
return err
}
// apply to proxymgr
err = proxymgr.SetCert(cert)
if err != nil {
return err
}
if !database.CentralStore {
// save to backend
err = database.SetCert(cert)
if err != nil {
// undo proxymgr action
if uerr := proxymgr.SetCerts(oldCerts); uerr != nil {
err = fmt.Errorf("%v - %v", err.Error(), uerr.Error())
}
return err
}
}
return nil
}
func TestSetCert(t *testing.T) {
if err := database.SetCert(testCert); err != nil {
t.Errorf("Failed to SET cert - %v", err)
}
if err := database.SetCert(testCert); err != nil {
t.Errorf("Failed to SET cert - %v", err)
}
certs, err := database.GetCerts()
if err != nil {
t.Error(err)
}
if len(certs) != 1 {
t.Errorf("Wrong number of certs")
}
}
func (n None) SetCert(cert core.CertBundle) error {
err := common.SetCert(cert)
if err != nil {
return err
}
if database.CentralStore {
return database.SetCert(cert)
}
return nil
}
