diff options
author | Valerij Fredriksen <valerijf@yahooinc.com> | 2021-11-03 16:31:24 +0100 |
---|---|---|
committer | Valerij Fredriksen <valerijf@yahooinc.com> | 2021-11-03 16:31:24 +0100 |
commit | 47725da2cdb6bba4a821d54ccbf65d15cc60ada9 (patch) | |
tree | 4fcad8b4364a7effd6a9530f6f9b97b076298f81 /jdisc-cloud-aws | |
parent | e5bc78b971380cb1245e9c6a36c2b3ea0fe6eebf (diff) |
Do not read AWS credentials from container-data
Diffstat (limited to 'jdisc-cloud-aws')
-rw-r--r-- | jdisc-cloud-aws/src/main/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProvider.java | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/jdisc-cloud-aws/src/main/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProvider.java b/jdisc-cloud-aws/src/main/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProvider.java index 484e82ab00e..4424b63dcc4 100644 --- a/jdisc-cloud-aws/src/main/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProvider.java +++ b/jdisc-cloud-aws/src/main/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProvider.java @@ -11,19 +11,26 @@ import com.yahoo.slime.Slime; import com.yahoo.slime.SlimeUtils; import java.io.IOException; +import java.io.UncheckedIOException; import java.nio.file.Files; +import java.nio.file.NoSuchFileException; import java.nio.file.Path; import java.util.concurrent.atomic.AtomicReference; public class VespaAwsCredentialsProvider implements AWSCredentialsProvider { - private static final String DEFAULT_CREDENTIALS_PATH = "/opt/vespa/var/container-data/opt/vespa/conf/vespa/credentials.json"; + private static final String DEFAULT_CREDENTIALS_PATH = "/opt/vespa/var/vespa/aws/credentials.json"; + // TODO (freva): Remove when host-admin writes to the new path above + private static final String DEFAULT_CREDENTIALS_PATH_OLD = "/opt/vespa/var/container-data/opt/vespa/conf/vespa/credentials.json"; private final AtomicReference<AWSCredentials> credentials = new AtomicReference<>(); private final Path credentialsPath; + private final Path credentialsPathOld; + public VespaAwsCredentialsProvider() { this.credentialsPath = Path.of(DEFAULT_CREDENTIALS_PATH); + this.credentialsPathOld = Path.of(DEFAULT_CREDENTIALS_PATH_OLD); refresh(); } @@ -43,14 +50,19 @@ public class VespaAwsCredentialsProvider implements AWSCredentialsProvider { private AWSSessionCredentials readCredentials() { try { - Slime slime = SlimeUtils.jsonToSlime(Files.readAllBytes(credentialsPath)); + Slime slime; + try { + slime = SlimeUtils.jsonToSlime(Files.readAllBytes(credentialsPath)); + } catch (NoSuchFileException ignored) { + slime = SlimeUtils.jsonToSlime(Files.readAllBytes(credentialsPathOld)); + } Cursor cursor = slime.get(); String accessKey = cursor.field("awsAccessKey").asString(); String secretKey = cursor.field("awsSecretKey").asString(); String sessionToken = cursor.field("sessionToken").asString(); return new BasicSessionCredentials(accessKey, secretKey, sessionToken); } catch (IOException e) { - throw new RuntimeException(e); + throw new UncheckedIOException(e); } } } |