From b4e6e7caa8f41978d12de15c2fab22cd13e1e4dc Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 30 Oct 2020 08:18:27 -0400 Subject: [PATCH] Check for some issues in a manual assign request One is to provide clear feedback when a nodename is requested that was not previously defined, to make it more clear that it is a requirement and/or guard against going too far while the config function will be missing data it needs to complete onboarding. Another is to break if the request is trying to assign a node to a different definition when it already exists under a different name. --- confluent_server/confluent/discovery/core.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/confluent_server/confluent/discovery/core.py b/confluent_server/confluent/discovery/core.py index 9b879354..ccf0ab13 100644 --- a/confluent_server/confluent/discovery/core.py +++ b/confluent_server/confluent/discovery/core.py @@ -1050,6 +1050,20 @@ def eval_node(cfg, handler, info, nodename, manual=False): def discover_node(cfg, handler, info, nodename, manual): + if manual: + if not cfg.is_node(nodename): + raise exc.InvalidArgumentException( + '{0} is not a defined node, must be defined before an ' + 'endpoint may be assigned to it'.format(nodename)) + if handler.https_supported: + currcert = handler.https_cert + if currcert: + currprint = util.get_fingerprint(currcert, 'sha256') + prevnode = nodes_by_fprint.get(currprint, None) + if prevnode and prevnode != nodename: + raise exc.InvalidArgumentException( + 'Attempt to assign {0} conflicts with existing node {1} ' + 'based on TLS certificate.'.format(nodename, prevnode)) known_nodes[nodename][info['hwaddr']] = info if info['hwaddr'] in unknown_info: del unknown_info[info['hwaddr']]