diff options
| author | Håkon Hallingstad <hakon@verizonmedia.com> | 2019-10-07 11:48:33 +0200 |
|---|---|---|
| committer | Håkon Hallingstad <hakon@verizonmedia.com> | 2019-10-07 11:48:33 +0200 |
| commit | c7a11b4b15a8bb6005c5183079c29f46a3a37dfc (patch) | |
| tree | 65da4637c5ea64b72c338c305d88c9938f45c545 | |
| parent | aae9aed70d9d500d3db6a6bfa3bb3405c4301410 (diff) | |
Update flag definition of include-sis-in-truststore
| -rw-r--r-- | flags/src/main/java/com/yahoo/vespa/flags/Flags.java | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java index ae782bf32ff..4b1befc1770 100644 --- a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java +++ b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java @@ -82,9 +82,14 @@ public class Flags { public static final UnboundBooleanFlag INCLUDE_SIS_IN_TRUSTSTORE = defineFeatureFlag( "include-sis-in-truststore", false, - "Whether to use the trust store backed by Athenz and Service Identity certificates.", - "Takes effect on next tick, but may get throttled due to orchestration.", - HOSTNAME); + "Whether to use the trust store backed by Athenz and (in public) Service Identity certificates in " + + "host-admin and/or Docker containers", + "Takes effect on restart of host-admin (for host-admin), and restart of Docker container.", + // For host-admin, HOSTNAME and NODE_TYPE is available + // For Docker containers, HOSTNAME and APPLICATION_ID is available + // WARNING: Having different sets of dimensions is DISCOURAGED in general, but needed for here since + // trust store for host-admin is determined before having access to application ID from node repo. + HOSTNAME, NODE_TYPE, APPLICATION_ID); public static final UnboundStringFlag TLS_INSECURE_MIXED_MODE = defineStringFlag( "tls-insecure-mixed-mode", "tls_client_mixed_server", |