Skip to content

Commit

Permalink
delete only Ca create time > 24 hours
Browse files Browse the repository at this point in the history
  • Loading branch information
@Sita04
Sita04 committed Feb 16, 2023
1 parent c1e3d21 commit adc5f5a
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 0 deletions.
1 change: 1 addition & 0 deletions privateca/snippets/src/test/java/privateca/SnippetsIT.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,6 +109,7 @@ public static void setUp()

// Delete stale resources
Util.cleanUpCaPool(PROJECT_ID, LOCATION);
TimeUnit.SECONDS.sleep(30);

// <--- START CA POOL --->
// Create CA Pool.
Expand Down
16 changes: 16 additions & 0 deletions privateca/snippets/src/test/java/privateca/Util.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,18 @@
import com.google.cloud.security.privateca.v1.DisableCertificateAuthorityRequest;
import com.google.cloud.security.privateca.v1.ListCaPoolsRequest;
import com.google.cloud.security.privateca.v1.LocationName;
import com.google.protobuf.Timestamp;
import java.io.IOException;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;

public class Util {

private static final int DELETION_THRESHOLD_TIME_HOURS = 24;

// Delete Ca pools which starts with the given prefixToDelete.
public static void cleanUpCaPool(String projectId,
String location)
Expand Down Expand Up @@ -74,6 +79,11 @@ public static void deleteCertificateAuthority(String caPoolName)
CertificateAuthorityServiceClient.create()) {
for (CertificateAuthority certificateAuthority :
certificateAuthorityServiceClient.listCertificateAuthorities(caPoolName).iterateAll()) {
// Check if the CA was created before the threshold time.
if (!isCreatedBeforeThresholdTime(certificateAuthority.getCreateTime())) {
continue;
}

// Check if the CA is enabled.
State caState =
certificateAuthorityServiceClient
Expand Down Expand Up @@ -112,4 +122,10 @@ public static void disableCertificateAuthority(String caName)
.get(5, TimeUnit.MINUTES);
}
}

public static boolean isCreatedBeforeThresholdTime(Timestamp timestamp) {
Instant instant = Instant.ofEpochSecond(timestamp.getSeconds(), timestamp.getNanos());
return instant
.isBefore(Instant.now().minus(DELETION_THRESHOLD_TIME_HOURS, ChronoUnit.HOURS));
}
}

0 comments on commit adc5f5a

Please sign in to comment.