summaryrefslogtreecommitdiffstats
path: root/controller-server
diff options
context:
space:
mode:
authorMorten Tokle <mortent@verizonmedia.com>2020-02-18 09:09:05 +0100
committerGitHub <noreply@github.com>2020-02-18 09:09:05 +0100
commit864cc6e1f0d7b9b34152b34d4785080c0c94eaac (patch)
tree441d329957a34ecfd405eb77d3c2c7303ed405bb /controller-server
parentd30adfcada5fdf8941f81d2f1c97ba0bf77d1d54 (diff)
parentabc7494ad1f89250c7b32db32d4672f990cd2027 (diff)
Merge pull request #12222 from vespa-engine/andreer/on-prem-cameo-cert-feature-flag
enable using endpoint certs for apps with shared routing
Diffstat (limited to 'controller-server')
-rw-r--r--controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java5
1 files changed, 4 insertions, 1 deletions
diff --git a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java
index 1bb449b0a16..3d28549fa3e 100644
--- a/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java
+++ b/controller-server/src/main/java/com/yahoo/vespa/hosted/controller/endpointcertificates/EndpointCertificateManager.java
@@ -58,6 +58,7 @@ public class EndpointCertificateManager {
private final Clock clock;
private final BooleanFlag useRefreshedEndpointCertificate;
private final StringFlag endpointCertificateBackfill;
+ private final BooleanFlag endpointCertInSharedRouting;
public EndpointCertificateManager(ZoneRegistry zoneRegistry,
CuratorDb curator,
@@ -71,6 +72,7 @@ public class EndpointCertificateManager {
this.clock = clock;
this.useRefreshedEndpointCertificate = Flags.USE_REFRESHED_ENDPOINT_CERTIFICATE.bindTo(flagSource);
this.endpointCertificateBackfill = Flags.ENDPOINT_CERTIFICATE_BACKFILL.bindTo(flagSource);
+ this.endpointCertInSharedRouting = Flags.ENDPOINT_CERT_IN_SHARED_ROUTING.bindTo(flagSource);
Executors.newSingleThreadScheduledExecutor().scheduleAtFixedRate(() -> {
try {
this.backfillCertificateMetadata();
@@ -82,7 +84,8 @@ public class EndpointCertificateManager {
public Optional<EndpointCertificateMetadata> getEndpointCertificateMetadata(Instance instance, ZoneId zone) {
- if (!zoneRegistry.zones().directlyRouted().ids().contains(zone)) return Optional.empty();
+ boolean endpointCertInSharedRouting = this.endpointCertInSharedRouting.with(FetchVector.Dimension.APPLICATION_ID, instance.id().serializedForm()).value();
+ if (!zoneRegistry.zones().directlyRouted().ids().contains(zone) && !endpointCertInSharedRouting) return Optional.empty();
// Re-use existing certificate if already provisioned
var endpointCertificateMetadata =