diff options
author | Ola Aunrønning <olaa@yahooinc.com> | 2023-05-11 16:09:38 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-05-11 16:09:38 +0200 |
commit | 4d0d9ac57e4ba7df5de57e425cd5b59490db60ab (patch) | |
tree | e295aaee79bcf731bb6671f486dc226d29e46d19 | |
parent | 386e4198d8459803eec0ead6ad81a821737082a7 (diff) | |
parent | 3df1628d8a081f9d10d974117bfd71a1ad7e29d4 (diff) |
Merge pull request #27078 from vespa-engine/olaa/overwrite-during-copy
Overwrite during copy
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java index 1546b92a22f..c684487b4f8 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java @@ -43,6 +43,7 @@ import java.io.UncheckedIOException; import java.net.URI; import java.nio.file.Files; import java.nio.file.Path; +import java.nio.file.StandardCopyOption; import java.security.KeyPair; import java.security.PrivateKey; import java.security.cert.X509Certificate; @@ -197,7 +198,7 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { .resolve(String.format("%s.cert.pem", role)); var roleKeyPath = siaDirectory.resolve("keys") .resolve(String.format("%s.key.pem", role)); - if (!Files.exists(roleCertificatePath)) { + if (Files.notExists(roleCertificatePath)) { writeRoleCredentials(context, privateKeyFile, certificateFile, roleCertificatePath, roleKeyPath, identity, identityDocument, role); modified = true; } else if (shouldRefreshCertificate(context, roleCertificatePath)) { @@ -215,7 +216,7 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { var certificate = readCertificateFromFile(certificatePath); var now = timer.currentTime(); var shouldRefresh = now.isAfter(certificate.getNotAfter().toInstant()) || - now.isBefore(certificate.getNotBefore().toInstant().plus(REFRESH_PERIOD)); + now.isAfter(certificate.getNotBefore().toInstant().plus(REFRESH_PERIOD)); return !shouldThrottleRefreshAttempts(context.containerName(), now) && shouldRefresh; } @@ -440,8 +441,8 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { var certsDirectory = legacySiaDirectory.resolve("certs"); Files.createDirectories(keysDirectory); Files.createDirectories(certsDirectory); - Files.copy(certificateFile, certsDirectory.resolve(certificateFile.getFileName())); - Files.copy(privateKeyFile, keysDirectory.resolve(privateKeyFile.getFileName())); + Files.copy(certificateFile, certsDirectory.resolve(certificateFile.getFileName()), StandardCopyOption.values()); + Files.copy(privateKeyFile, keysDirectory.resolve(privateKeyFile.getFileName()), StandardCopyOption.values()); } /* |