Membership decision includes 'approved' field. Only trigger athenz sync on approval

author: Ola Aunrønning <olaa@verizonmedia.com> 2022-03-17 14:08:59 +0100
committer: Ola Aunrønning <olaa@verizonmedia.com> 2022-03-17 14:08:59 +0100
commit: dcd70dc2889c0463f55bf0bebdf5e78488021e5f (patch)
tree: 7f06f51ea3ec19b2dff59f6cdea66ce52ce06527 /controller-api
parent: 90cdd84b93c368774fa8f30d726c4029ef0638ac (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java
index 9a6a661d7e0..2e4f3f16218 100644
--- a/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java
+++ b/controller-api/src/main/java/com/yahoo/vespa/hosted/controller/api/integration/athenz/AthenzAccessControlService.java
@@ -92,7 +92,7 @@ public class AthenzAccessControlService implements AccessControlService {
                     var reason = roleInformation.getPendingRequest().get().getReason();
 
                     zms.decidePendingRoleMembership(role, vespaTeam, expiry, Optional.of(reason), Optional.of(oAuthCredentials), approve);
-                    athenzInstanceSynchronizer.synchronizeInstances(tenantName);
+                    if (approve) athenzInstanceSynchronizer.synchronizeInstances(tenantName);
                     return true;
                 }
         ).orElseThrow(() -> new UnsupportedOperationException("Only allowed in systems running Vespa Athenz instance"));
author	Ola Aunrønning <olaa@verizonmedia.com>	2022-03-17 14:08:59 +0100
committer	Ola Aunrønning <olaa@verizonmedia.com>	2022-03-17 14:08:59 +0100
commit	dcd70dc2889c0463f55bf0bebdf5e78488021e5f (patch)
tree	7f06f51ea3ec19b2dff59f6cdea66ce52ce06527 /controller-api
parent	90cdd84b93c368774fa8f30d726c4029ef0638ac (diff)