diff options
author | Morten Tokle <mortent@yahooinc.com> | 2023-03-01 08:08:43 +0100 |
---|---|---|
committer | Morten Tokle <mortent@yahooinc.com> | 2023-03-01 08:08:43 +0100 |
commit | b89daea639b8137dbbe1e70a751d90f9aa90044f (patch) | |
tree | b7ff35ac815a3f6778156d7882635f232f19883f /node-admin/src | |
parent | db79672ed6e23c031a5827c7f171ab6a66fbbefa (diff) |
Revert "Use ztsUrl from identity document"
This reverts commit 45c17559d689c6654a00fda220cf52ce7431fbdf.
Diffstat (limited to 'node-admin/src')
-rw-r--r-- | node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java | 14 |
1 files changed, 2 insertions, 12 deletions
diff --git a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java index 9f3763cf25c..fc49dcc744c 100644 --- a/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java +++ b/node-admin/src/main/java/com/yahoo/vespa/hosted/node/admin/maintenance/identity/AthenzCredentialsMaintainer.java @@ -41,7 +41,6 @@ import java.time.Clock; import java.time.Duration; import java.time.Instant; import java.util.Map; -import java.util.Optional; import java.util.Set; import java.util.concurrent.ConcurrentHashMap; import java.util.logging.Level; @@ -194,7 +193,7 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { HostnameVerifier ztsHostNameVerifier = useInternalZts ? new AthenzIdentityVerifier(Set.of(configserverIdentity)) : null; - try (ZtsClient ztsClient = new DefaultZtsClient.Builder(ztsEndpoint(doc)).withIdentityProvider(hostIdentityProvider).withHostnameVerifier(ztsHostNameVerifier).build()) { + try (ZtsClient ztsClient = new DefaultZtsClient.Builder(ztsEndpoint).withIdentityProvider(hostIdentityProvider).withHostnameVerifier(ztsHostNameVerifier).build()) { InstanceIdentity instanceIdentity = ztsClient.registerInstance( configserverIdentity, @@ -207,15 +206,6 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { } } - /** - * Return zts url from identity document, fallback to ztsEndpoint - */ - private URI ztsEndpoint(SignedIdentityDocument doc) { - return Optional.ofNullable(doc.ztsUrl()) - .filter(s -> !s.isBlank()) - .map(URI::create) - .orElse(ztsEndpoint); - } private void refreshIdentity(NodeAgentContext context, ContainerPath privateKeyFile, ContainerPath certificateFile, ContainerPath identityDocumentFile, SignedIdentityDocument doc) { KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.RSA); @@ -231,7 +221,7 @@ public class AthenzCredentialsMaintainer implements CredentialsMaintainer { HostnameVerifier ztsHostNameVerifier = useInternalZts ? new AthenzIdentityVerifier(Set.of(configserverIdentity)) : null; - try (ZtsClient ztsClient = new DefaultZtsClient.Builder(ztsEndpoint(doc)).withSslContext(containerIdentitySslContext).withHostnameVerifier(ztsHostNameVerifier).build()) { + try (ZtsClient ztsClient = new DefaultZtsClient.Builder(ztsEndpoint).withSslContext(containerIdentitySslContext).withHostnameVerifier(ztsHostNameVerifier).build()) { InstanceIdentity instanceIdentity = ztsClient.refreshInstance( configserverIdentity, |