diff options
-rw-r--r-- | flags/src/main/java/com/yahoo/vespa/flags/Flags.java | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java index ae782bf32ff..4b1befc1770 100644 --- a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java +++ b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java @@ -82,9 +82,14 @@ public class Flags { public static final UnboundBooleanFlag INCLUDE_SIS_IN_TRUSTSTORE = defineFeatureFlag( "include-sis-in-truststore", false, - "Whether to use the trust store backed by Athenz and Service Identity certificates.", - "Takes effect on next tick, but may get throttled due to orchestration.", - HOSTNAME); + "Whether to use the trust store backed by Athenz and (in public) Service Identity certificates in " + + "host-admin and/or Docker containers", + "Takes effect on restart of host-admin (for host-admin), and restart of Docker container.", + // For host-admin, HOSTNAME and NODE_TYPE is available + // For Docker containers, HOSTNAME and APPLICATION_ID is available + // WARNING: Having different sets of dimensions is DISCOURAGED in general, but needed for here since + // trust store for host-admin is determined before having access to application ID from node repo. + HOSTNAME, NODE_TYPE, APPLICATION_ID); public static final UnboundStringFlag TLS_INSECURE_MIXED_MODE = defineStringFlag( "tls-insecure-mixed-mode", "tls_client_mixed_server", |