Reverts usage of new database column x509_svid_ttl in favor of existi…

…ng ttl Signed-off-by: Dennis Gove <[email protected]>
spiffe · Oct 26, 2022 · d3f9a58 · d3f9a58
1 parent 1556e75
commit d3f9a58
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 55 deletions.
diff --git a/pkg/server/datastore/sqlstore/models.go b/pkg/server/datastore/sqlstore/models.go
@@ -76,9 +76,7 @@ type RegisteredEntry struct {
 	EntryID  string `gorm:"unique_index"`
 	SpiffeID string `gorm:"index"`
 	ParentID string `gorm:"index"`
-	// TTL of identities derived from this entry. This field is deprecated in favor of
-	// X509SvidTTL and JWTSvidTTL and will be removed in a future version.
-	// Deprecated: remove this in 1.6.0
+	// TTL of identities derived from this entry. This field represents the X509-SVID TTL of the Entry
 	TTL           int32
 	Selectors     []Selector
 	FederatesWith []Bundle `gorm:"many2many:federated_registration_entries;"`
@@ -101,6 +99,7 @@ type RegisteredEntry struct {
 	Hint string
 
 	// TTL of X509 identities derived from this entry
+	// Deprecated: remove this in 1.6.0. The purpose of this column will be fulfilled by the TTL column
 	X509SvidTTL int32 `gorm:"column:x509_svid_ttl"`
 
 	// TTL of JWT identities derived from this entry

diff --git a/pkg/server/datastore/sqlstore/sqlstore.go b/pkg/server/datastore/sqlstore/sqlstore.go
@@ -1779,16 +1779,15 @@ func createRegistrationEntry(tx *gorm.DB, entry *common.RegistrationEntry) (*com
 	}
 
 	newRegisteredEntry := RegisteredEntry{
-		EntryID:     entryID,
-		SpiffeID:    entry.SpiffeId,
-		ParentID:    entry.ParentId,
-		TTL:         entry.X509SvidTtl,
-		Admin:       entry.Admin,
-		Downstream:  entry.Downstream,
-		Expiry:      entry.EntryExpiry,
-		StoreSvid:   entry.StoreSvid,
-		X509SvidTTL: entry.X509SvidTtl,
-		JWTSvidTTL:  entry.JwtSvidTtl,
+		EntryID:    entryID,
+		SpiffeID:   entry.SpiffeId,
+		ParentID:   entry.ParentId,
+		TTL:        entry.X509SvidTtl,
+		Admin:      entry.Admin,
+		Downstream: entry.Downstream,
+		Expiry:     entry.EntryExpiry,
+		StoreSvid:  entry.StoreSvid,
+		JWTSvidTTL: entry.JwtSvidTtl,
 	}
 
 	if err := tx.Create(&newRegisteredEntry).Error; err != nil {
@@ -1910,7 +1909,6 @@ SELECT
 	NULL AS dns_name_id,
 	NULL AS dns_name,
 	revision_number,
-	x509_svid_ttl AS reg_x509_svid_ttl,
 	jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries
@@ -1919,7 +1917,7 @@ WHERE id IN (SELECT id FROM listing)
 UNION
 
 SELECT
-	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL, NULL
+	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL
 FROM
 	bundles B
 INNER JOIN
@@ -1932,15 +1930,15 @@ WHERE
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL
 FROM
 	dns_names
 WHERE registered_entry_id IN (SELECT id FROM listing)
 
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL
 FROM
 	selectors
 WHERE registered_entry_id IN (SELECT id FROM listing)
@@ -1972,7 +1970,6 @@ SELECT
 	NULL ::integer AS dns_name_id,
 	NULL AS dns_name,
 	revision_number,
-	x509_svid_ttl AS reg_x509_svid_ttl,
 	jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries
@@ -1981,7 +1978,7 @@ WHERE id IN (SELECT id FROM listing)
 UNION
 
 SELECT
-	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL, NULL
+	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL
 FROM
 	bundles B
 INNER JOIN
@@ -1994,15 +1991,15 @@ WHERE
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL
 FROM
 	dns_names
 WHERE registered_entry_id IN (SELECT id FROM listing)
 
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL
 FROM
 	selectors
 WHERE registered_entry_id IN (SELECT id FROM listing)
@@ -2031,7 +2028,6 @@ SELECT
 	D.id AS dns_name_id,
 	D.value AS dns_name,
 	E.revision_number,
-	E.x509_svid_ttl AS reg_x509_svid_ttl,
 	E.jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries E
@@ -2071,7 +2067,6 @@ SELECT
 	NULL AS dns_name_id,
 	NULL AS dns_name,
 	revision_number,
-	x509_svid_ttl AS reg_x509_svid_ttl,
 	jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries
@@ -2080,7 +2075,7 @@ WHERE id IN (SELECT id FROM listing)
 UNION
 
 SELECT
-	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL, NULL
+	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL
 FROM
 	bundles B
 INNER JOIN
@@ -2093,15 +2088,15 @@ WHERE
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL
 FROM
 	dns_names
 WHERE registered_entry_id IN (SELECT id FROM listing)
 
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL
 FROM
 	selectors
 WHERE registered_entry_id IN (SELECT id FROM listing)
@@ -2320,7 +2315,6 @@ SELECT
 	NULL AS dns_name_id,
 	NULL AS dns_name,
 	revision_number,
-	x509_svid_ttl AS reg_x509_svid_ttl,
 	jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries
@@ -2332,7 +2326,7 @@ FROM
 UNION
 
 SELECT
-	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL, NULL
+	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL
 FROM
 	bundles B
 INNER JOIN
@@ -2347,7 +2341,7 @@ ON
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL
 FROM
 	dns_names
 `)
@@ -2358,7 +2352,7 @@ FROM
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL
 FROM
 	selectors
 `)
@@ -2401,7 +2395,6 @@ SELECT
 	NULL ::integer AS dns_name_id,
 	NULL AS dns_name,
 	revision_number,
-	x509_svid_ttl AS reg_x509_svid_ttl,
 	jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries
@@ -2413,7 +2406,7 @@ FROM
 UNION
 
 SELECT
-	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL, NULL
+	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL
 FROM
 	bundles B
 INNER JOIN
@@ -2428,7 +2421,7 @@ ON
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL
 FROM
 	dns_names
 `)
@@ -2439,7 +2432,7 @@ FROM
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL
 FROM
 	selectors
 `)
@@ -2486,7 +2479,6 @@ SELECT
 	D.id AS dns_name_id,
 	D.value AS dns_name,
 	E.revision_number,
-	E.x509_svid_ttl AS reg_x509_svid_ttl,
 	E.jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries E
@@ -2543,7 +2535,6 @@ SELECT
 	NULL AS dns_name_id,
 	NULL AS dns_name,
 	revision_number,
-	x509_svid_ttl AS reg_x509_svid_ttl,
 	jwt_svid_ttl AS reg_jwt_svid_ttl
 FROM
 	registered_entries
@@ -2555,7 +2546,7 @@ FROM
 UNION
 
 SELECT
-	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL, NULL
+	F.registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, B.trust_domain, NULL, NULL, NULL, NULL
 FROM
 	bundles B
 INNER JOIN
@@ -2570,7 +2561,7 @@ ON
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, value, NULL, NULL
 FROM
 	dns_names
 `)
@@ -2581,7 +2572,7 @@ FROM
 UNION
 
 SELECT
-	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL, NULL
+	registered_entry_id, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, id, type, value, NULL, NULL, NULL, NULL, NULL
 FROM
 	selectors
 `)
@@ -3036,7 +3027,6 @@ type entryRow struct {
 	DNSNameID      sql.NullInt64
 	DNSName        sql.NullString
 	RevisionNumber sql.NullInt64
-	RegX509SvidTTL sql.NullInt64
 	RegJwtSvidTTL  sql.NullInt64
 }
 
@@ -3058,7 +3048,6 @@ func scanEntryRow(rs *sql.Rows, r *entryRow) error {
 		&r.DNSNameID,
 		&r.DNSName,
 		&r.RevisionNumber,
-		&r.RegX509SvidTTL,
 		&r.RegJwtSvidTTL,
 	))
 }
@@ -3107,10 +3096,7 @@ func fillEntryFromRow(entry *common.RegistrationEntry, r *entryRow) error {
 		entry.FederatesWith = append(entry.FederatesWith, r.TrustDomain.String)
 	}
 
-	// Default to X509SvidTTL database value. If not found then try TTL database value
-	if r.RegX509SvidTTL.Valid {
-		entry.X509SvidTtl = int32(r.RegX509SvidTTL.Int64)
-	} else if r.RegTTL.Valid {
+	if r.RegTTL.Valid {
 		entry.X509SvidTtl = int32(r.RegTTL.Int64)
 	}
 
@@ -3208,9 +3194,6 @@ func updateRegistrationEntry(tx *gorm.DB, e *common.RegistrationEntry, mask *com
 	if mask == nil || mask.EntryExpiry {
 		entry.Expiry = e.EntryExpiry
 	}
-	if mask == nil || mask.X509SvidTtl {
-		entry.X509SvidTTL = e.X509SvidTtl
-	}
 	if mask == nil || mask.JwtSvidTtl {
 		entry.JWTSvidTTL = e.JwtSvidTtl
 	}
@@ -3689,18 +3672,12 @@ func modelToEntry(tx *gorm.DB, model RegisteredEntry) (*common.RegistrationEntry
 		federatesWith = append(federatesWith, bundle.TrustDomain)
 	}
 
-	// Determine appropriate X509 TTL
-	x509SvidTTL := model.X509SvidTTL
-	if x509SvidTTL <= 0 {
-		x509SvidTTL = model.TTL
-	}
-
 	return &common.RegistrationEntry{
 		EntryId:        model.EntryID,
 		Selectors:      selectors,
 		SpiffeId:       model.SpiffeID,
 		ParentId:       model.ParentID,
-		X509SvidTtl:    x509SvidTTL,
+		X509SvidTtl:    model.TTL,
 		FederatesWith:  federatesWith,
 		Admin:          model.Admin,
 		Downstream:     model.Downstream,