diff --git a/control_plane/src/bin/neon_local.rs b/control_plane/src/bin/neon_local.rs index d05fb4a7ce..472ab60eae 100644 --- a/control_plane/src/bin/neon_local.rs +++ b/control_plane/src/bin/neon_local.rs @@ -1089,8 +1089,8 @@ fn handle_init(args: &InitCmdArgs) -> anyhow::Result { default_tenant_id: TenantId::from_array(std::array::from_fn(|_| 0)), storage_controller: None, control_plane_hooks_api: None, - generate_local_ssl_certs: false, - generate_compute_ssl_certs: false, + generate_local_tls_certs: false, + generate_compute_tls_certs: false, } }; diff --git a/control_plane/src/broker.rs b/control_plane/src/broker.rs index 988b08e875..801c24e904 100644 --- a/control_plane/src/broker.rs +++ b/control_plane/src/broker.rs @@ -23,7 +23,7 @@ impl StorageBroker { } pub fn initialize(&self) -> anyhow::Result<()> { - if self.env.generate_local_ssl_certs { + if self.env.generate_local_tls_certs { self.env.generate_ssl_cert( &self.env.storage_broker_data_dir().join("server.crt"), &self.env.storage_broker_data_dir().join("server.key"), diff --git a/control_plane/src/local_env.rs b/control_plane/src/local_env.rs index 3d2034d816..88a2f3bd3e 100644 --- a/control_plane/src/local_env.rs +++ b/control_plane/src/local_env.rs @@ -96,10 +96,10 @@ pub struct LocalEnv { /// Flag to generate SSL certificates for components that need it. /// Also generates root CA certificate that is used to sign all other certificates. - pub generate_local_ssl_certs: bool, + pub generate_local_tls_certs: bool, /// Flag to generate SSL certificates for compute. - pub generate_compute_ssl_certs: bool, + pub generate_compute_tls_certs: bool, } /// On-disk state stored in `.neon/config`. @@ -127,11 +127,11 @@ pub struct OnDiskConfig { // Note: skip serializing because in compat tests old storage controller fails // to load new config file. May be removed after this field is in release branch. #[serde(skip_serializing_if = "std::ops::Not::not")] - pub generate_local_ssl_certs: bool, + pub generate_local_tls_certs: bool, // Note: skip serializing because in compat tests old storage controller fails // to load new config file. May be removed after this field is in release branch. #[serde(skip_serializing_if = "std::ops::Not::not")] - pub generate_compute_ssl_certs: bool, + pub generate_compute_tls_certs: bool, } fn fail_if_pageservers_field_specified<'de, D>(_: D) -> Result, D::Error> @@ -160,8 +160,8 @@ pub struct NeonLocalInitConf { pub endpoint_storage: EndpointStorageConf, pub control_plane_api: Option, pub control_plane_hooks_api: Option, - pub generate_local_ssl_certs: bool, - pub generate_compute_ssl_certs: bool, + pub generate_local_tls_certs: bool, + pub generate_compute_tls_certs: bool, } #[derive(Serialize, Deserialize, PartialEq, Eq, Clone, Debug)] @@ -520,7 +520,7 @@ impl LocalEnv { } pub fn ssl_ca_cert_path(&self) -> Option { - if self.generate_local_ssl_certs { + if self.generate_local_tls_certs { Some(self.base_data_dir.join("rootCA.crt")) } else { None @@ -528,7 +528,7 @@ impl LocalEnv { } pub fn ssl_ca_key_path(&self) -> Option { - if self.generate_local_ssl_certs { + if self.generate_local_tls_certs { Some(self.base_data_dir.join("rootCA.key")) } else { None @@ -555,7 +555,7 @@ impl LocalEnv { } fn compute_ssl_paths(&self) -> Option<(PathBuf, PathBuf)> { - if self.generate_compute_ssl_certs { + if self.generate_compute_tls_certs { Some(( self.base_data_dir.join("compute_server.crt"), self.base_data_dir.join("compute_server.key"), @@ -709,8 +709,8 @@ impl LocalEnv { control_plane_hooks_api, control_plane_compute_hook_api: _, branch_name_mappings, - generate_local_ssl_certs, - generate_compute_ssl_certs, + generate_local_tls_certs, + generate_compute_tls_certs, endpoint_storage, } = on_disk_config; LocalEnv { @@ -727,8 +727,8 @@ impl LocalEnv { control_plane_api: control_plane_api.unwrap(), control_plane_hooks_api, branch_name_mappings, - generate_local_ssl_certs, - generate_compute_ssl_certs, + generate_local_tls_certs, + generate_compute_tls_certs, endpoint_storage, } }; @@ -844,8 +844,8 @@ impl LocalEnv { control_plane_hooks_api: self.control_plane_hooks_api.clone(), control_plane_compute_hook_api: None, branch_name_mappings: self.branch_name_mappings.clone(), - generate_local_ssl_certs: self.generate_local_ssl_certs, - generate_compute_ssl_certs: self.generate_compute_ssl_certs, + generate_local_tls_certs: self.generate_local_tls_certs, + generate_compute_tls_certs: self.generate_compute_tls_certs, endpoint_storage: self.endpoint_storage.clone(), }, ) @@ -966,8 +966,8 @@ impl LocalEnv { pageservers, safekeepers, control_plane_api, - generate_local_ssl_certs, - generate_compute_ssl_certs, + generate_local_tls_certs, + generate_compute_tls_certs, control_plane_hooks_api, endpoint_storage, } = conf; @@ -1020,15 +1020,15 @@ impl LocalEnv { control_plane_api: control_plane_api.unwrap(), control_plane_hooks_api, branch_name_mappings: Default::default(), - generate_local_ssl_certs, - generate_compute_ssl_certs, + generate_local_tls_certs, + generate_compute_tls_certs, endpoint_storage, }; - if generate_local_ssl_certs { + if generate_local_tls_certs { env.generate_ssl_ca_cert()?; } - if generate_compute_ssl_certs { + if generate_compute_tls_certs { env.generate_compute_ssl_cert()?; } diff --git a/control_plane/src/pageserver.rs b/control_plane/src/pageserver.rs index 843ead807d..013ac44927 100644 --- a/control_plane/src/pageserver.rs +++ b/control_plane/src/pageserver.rs @@ -241,7 +241,7 @@ impl PageServerNode { .context("write identity toml")?; drop(identity_toml); - if self.env.generate_local_ssl_certs { + if self.env.generate_local_tls_certs { self.env.generate_ssl_cert( datadir.join("server.crt").as_path(), datadir.join("server.key").as_path(), diff --git a/control_plane/src/safekeeper.rs b/control_plane/src/safekeeper.rs index 2ba2f3ebe4..86966c653f 100644 --- a/control_plane/src/safekeeper.rs +++ b/control_plane/src/safekeeper.rs @@ -102,7 +102,7 @@ impl SafekeeperNode { /// Initializes a safekeeper node by creating all necessary files, /// e.g. SSL certificates and JWT token file. pub fn initialize(&self) -> anyhow::Result<()> { - if self.env.generate_local_ssl_certs { + if self.env.generate_local_tls_certs { self.env.generate_ssl_cert( &self.datadir_path().join("server.crt"), &self.datadir_path().join("server.key"), diff --git a/control_plane/src/storage_controller.rs b/control_plane/src/storage_controller.rs index 35a197112e..1a420698ff 100644 --- a/control_plane/src/storage_controller.rs +++ b/control_plane/src/storage_controller.rs @@ -353,7 +353,7 @@ impl StorageController { } } - if self.env.generate_local_ssl_certs { + if self.env.generate_local_tls_certs { self.env.generate_ssl_cert( &instance_dir.join("server.crt"), &instance_dir.join("server.key"), diff --git a/test_runner/fixtures/neon_fixtures.py b/test_runner/fixtures/neon_fixtures.py index b2f42c2cf6..233d6c3ab2 100644 --- a/test_runner/fixtures/neon_fixtures.py +++ b/test_runner/fixtures/neon_fixtures.py @@ -1114,16 +1114,16 @@ class NeonEnv: self.initial_tenant = config.initial_tenant self.initial_timeline = config.initial_timeline - self.generate_compute_ssl_certs = config.use_compute_tls - self.generate_local_ssl_certs = ( + self.generate_compute_tls_certs = config.use_compute_tls + self.generate_local_tls_certs = ( config.use_https_pageserver_api or config.use_https_safekeeper_api or config.use_https_storage_controller_api or config.use_https_storage_broker_api or config.use_compute_tls ) - self.ssl_ca_file = ( - self.repo_dir.joinpath("rootCA.crt") if self.generate_local_ssl_certs else None + self.tls_ca_file = ( + self.repo_dir.joinpath("rootCA.crt") if self.generate_local_tls_certs else None ) neon_local_env_vars = {} @@ -1202,8 +1202,8 @@ class NeonEnv: "endpoint_storage": { "listen_addr": f"127.0.0.1:{self.port_distributor.get_port()}", }, - "generate_local_ssl_certs": self.generate_local_ssl_certs, - "generate_compute_ssl_certs": self.generate_compute_ssl_certs, + "generate_local_tls_certs": self.generate_local_tls_certs, + "generate_compute_tls_certs": self.generate_compute_tls_certs, } if config.use_https_storage_broker_api: