diff options
author | Morten Tokle <mortent@verizonmedia.com> | 2020-02-18 09:09:05 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-02-18 09:09:05 +0100 |
commit | 864cc6e1f0d7b9b34152b34d4785080c0c94eaac (patch) | |
tree | 441d329957a34ecfd405eb77d3c2c7303ed405bb /controller-server | |
parent | d30adfcada5fdf8941f81d2f1c97ba0bf77d1d54 (diff) | |
parent | abc7494ad1f89250c7b32db32d4672f990cd2027 (diff) |
Merge pull request #12222 from vespa-engine/andreer/on-prem-cameo-cert-feature-flag
enable using endpoint certs for apps with shared routing
Diffstat (limited to 'controller-server')
-rw-r--r-- | controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java index 1bb449b0a16..3d28549fa3e 100644 --- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java +++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java @@ -58,6 +58,7 @@ public class EndpointCertificateManager { private final Clock clock; private final BooleanFlag useRefreshedEndpointCertificate; private final StringFlag endpointCertificateBackfill; + private final BooleanFlag endpointCertInSharedRouting; public EndpointCertificateManager(ZoneRegistry zoneRegistry, CuratorDb curator, @@ -71,6 +72,7 @@ public class EndpointCertificateManager { this.clock = clock; this.useRefreshedEndpointCertificate = Flags.USE_REFRESHED_ENDPOINT_CERTIFICATE.bindTo(flagSource); this.endpointCertificateBackfill = Flags.ENDPOINT_CERTIFICATE_BACKFILL.bindTo(flagSource); + this.endpointCertInSharedRouting = Flags.ENDPOINT_CERT_IN_SHARED_ROUTING.bindTo(flagSource); Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate(() -> { try { this.backfillCertificateMetadata(); @@ -82,7 +84,8 @@ public class EndpointCertificateManager { public Optional<EndpointCertificateMetadata> getEndpointCertificateMetadata(Instance instance, ZoneId zone) { - if (!zoneRegistry.zones().directlyRouted().ids().contains(zone)) return Optional.empty(); + boolean endpointCertInSharedRouting = this.endpointCertInSharedRouting.with(FetchVector.Dimension.APPLICATION_ID, instance.id().serializedForm()).value(); + if (!zoneRegistry.zones().directlyRouted().ids().contains(zone) && !endpointCertInSharedRouting) return Optional.empty(); // Re-use existing certificate if already provisioned var endpointCertificateMetadata = |