diff options
author | Ola Aunronning <olaa@yahooinc.com> | 2023-04-28 14:11:36 +0200 |
---|---|---|
committer | Ola Aunronning <olaa@yahooinc.com> | 2023-04-28 14:20:54 +0200 |
commit | 0663b7eacf34674df9759f67ec54e8806e2cb051 (patch) | |
tree | 991b865dbbb7740afd0377b512eb8d58354062ce | |
parent | 0aea87ce6347b9c2e4d3a09caf58dfb3ceb44931 (diff) |
Handle exception when retrieving role list
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java index 3f8107ae830..1c16340641d 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java @@ -48,6 +48,7 @@ import java.security.cert.X509Certificate; import java.time.Clock; import java.time.Duration; import java.time.Instant; +import java.util.List; import java.util.Map; import java.util.Optional; import java.util.Set; @@ -177,10 +178,15 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { } } - private boolean maintainRoleCertificates(NodeAgentContext context, ContainerPath siaDirectory, ContainerPath privateKeyFile, ContainerPath certificateFile, AthenzIdentity identity, IdentityDocument identityDocument) { + private boolean maintainRoleCertificates(NodeAgentContext context, + ContainerPath siaDirectory, + ContainerPath privateKeyFile, + ContainerPath certificateFile, + AthenzIdentity identity, + IdentityDocument identityDocument) { var modified = false; - for (var role : identityDocumentClient.getNodeRoles(context.hostname().value())) { + for (var role : getRoleList(context)) { try { var roleCertificatePath = siaDirectory.resolve("certs") .resolve(String.format("%s.cert.pem", role)); @@ -431,6 +437,15 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { : SignedIdentityDocument.LEGACY_DEFAULT_DOCUMENT_VERSION; } + private List<String> getRoleList(NodeAgentContext context) { + try { + return identityDocumentClient.getNodeRoles(context.hostname().value()); + } catch (Exception e) { + context.log(logger, Level.WARNING, "Failed to retrieve role list", e); + return List.of(); + } + } + enum IdentityType { NODE("vespa-node-identity-document.json"), TENANT("vespa-tenant-identity-document.json"); |