letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Restore SelectCertificateStatuses to SA. (#4902) 

And use it in ocsp-updater. This was cleaned up in #4546 because it was
unused, but it should have been in use in ocsp-updater now that we can
make a straightforward query here instead of a JOIN.

This makes the SA the single source of truth for what columns are in the
certificateStatus table.
This commit is contained in:
Jacob Hoffman-Andrews 2020-07-01 12:20:29 -07:00 committed by GitHub
parent ca26126ca9
commit fe79f727a9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
cmd/ocsp-updater/main.go
View File

@ -142,21 +142,12 @@ func newUpdater(
} }
func (updater *OCSPUpdater) findStaleOCSPResponses(oldestLastUpdatedTime time.Time, batchSize int) ([]core.CertificateStatus, error) { func (updater *OCSPUpdater) findStaleOCSPResponses(oldestLastUpdatedTime time.Time, batchSize int) ([]core.CertificateStatus, error) {
var statuses []core.CertificateStatus statuses, err := sa.SelectCertificateStatuses(
updater.dbMap,
certStatusFields := "cs.serial, cs.status, cs.revokedDate, cs.notAfter, cs.revokedReason" `WHERE ocspLastUpdated < :lastUpdate
if features.Enabled(features.StoreIssuerInfo) { AND NOT isExpired
certStatusFields += ", cs.issuerID" ORDER BY ocspLastUpdated ASC
} LIMIT :limit`,
_, err := updater.dbMap.Select(
&statuses,
fmt.Sprintf(`SELECT
%s
FROM certificateStatus AS cs
WHERE cs.ocspLastUpdated < :lastUpdate
AND NOT cs.isExpired
ORDER BY cs.ocspLastUpdated ASC
LIMIT :limit`, certStatusFields),
map[string]interface{}{ map[string]interface{}{
"lastUpdate": oldestLastUpdatedTime, "lastUpdate": oldestLastUpdatedTime,
"limit": batchSize, "limit": batchSize,

21
sa/model.go
View File

@ -113,19 +113,34 @@ func certStatusFields() []string {
return []string{"serial", "status", "ocspLastUpdated", "revokedDate", "revokedReason", "lastExpirationNagSent", "ocspResponse", "notAfter", "isExpired", "issuerID"} return []string{"serial", "status", "ocspLastUpdated", "revokedDate", "revokedReason", "lastExpirationNagSent", "ocspResponse", "notAfter", "isExpired", "issuerID"}
} }
func certStatusFieldsSelect(restOfQuery string) string {
fields := strings.Join(certStatusFields(), ",")
return fmt.Sprintf("SELECT %s FROM certificateStatus %s", fields, restOfQuery)
}
// SelectCertificateStatus selects all fields of one certificate status model // SelectCertificateStatus selects all fields of one certificate status model
func SelectCertificateStatus(s db.OneSelector, q string, args ...interface{}) (certStatusModel, error) { func SelectCertificateStatus(s db.OneSelector, q string, args ...interface{}) (certStatusModel, error) {
var model certStatusModel var model certStatusModel
fields := strings.Join(certStatusFields(), ",")
err := s.SelectOne( err := s.SelectOne(
&model, &model,
`SELECT `+fields+ certStatusFieldsSelect(q),
` FROM certificateStatus `+q,
args..., args...,
) )
return model, err return model, err
} }
// SelectCertificateStatuses selects all fields of multiple certificate status
// objects
func SelectCertificateStatuses(s db.Selector, q string, args ...interface{}) ([]core.CertificateStatus, error) {
var models []core.CertificateStatus
_, err := s.Select(
&models,
certStatusFieldsSelect(q),
args...,
)
return models, err
}
var mediumBlobSize = int(math.Pow(2, 24)) var mediumBlobSize = int(math.Pow(2, 24))
type issuedNameModel struct { type issuedNameModel struct {