This is an automated email from the ASF dual-hosted git repository.
pvillard pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git
The following commit(s) were added to refs/heads/main by this push:
new b0337da8db NIFI-15208 Fix stale vault configuration in
HashiCorpVaultParameterProvider
b0337da8db is described below
commit b0337da8dbda12ea08f7a35456a821e8cddad65a
Author: Ghislain LE MEUR <[email protected]>
AuthorDate: Wed Nov 12 13:55:58 2025 +0100
NIFI-15208 Fix stale vault configuration in HashiCorpVaultParameterProvider
The HashiCorpVaultParameterProvider was caching the
VaultCommunicationService
in an instance variable, preventing configuration changes from taking effect
after initial fetch. This caused stale vault tokens and connection settings
to be used even after updating the underlying controller service
configuration.
Changes:
- Removed private instance variable vaultCommunicationService
- Modified fetchParameters() to always retrieve fresh communication service
- Removed onPropertyModified() method as cache invalidation is no longer
needed
- Updated verify() method to get fresh communication service
This ensures configuration changes to the Vault Client Service are properly
reflected in subsequent parameter fetches without requiring component
restart.
Signed-off-by: Pierre Villard <[email protected]>
This closes #10518.
---
.../vault/hashicorp/HashiCorpVaultParameterProvider.java | 14 ++------------
1 file changed, 2 insertions(+), 12 deletions(-)
diff --git
a/nifi-extension-bundles/nifi-hashicorp-vault-bundle/nifi-hashicorp-vault-parameter-provider/src/main/java/org/apache/nifi/vault/hashicorp/HashiCorpVaultParameterProvider.java
b/nifi-extension-bundles/nifi-hashicorp-vault-bundle/nifi-hashicorp-vault-parameter-provider/src/main/java/org/apache/nifi/vault/hashicorp/HashiCorpVaultParameterProvider.java
index 90806a9190..407b2f86f5 100644
---
a/nifi-extension-bundles/nifi-hashicorp-vault-bundle/nifi-hashicorp-vault-parameter-provider/src/main/java/org/apache/nifi/vault/hashicorp/HashiCorpVaultParameterProvider.java
+++
b/nifi-extension-bundles/nifi-hashicorp-vault-bundle/nifi-hashicorp-vault-parameter-provider/src/main/java/org/apache/nifi/vault/hashicorp/HashiCorpVaultParameterProvider.java
@@ -86,8 +86,6 @@ public class HashiCorpVaultParameterProvider extends
AbstractParameterProvider i
SECRET_NAME_PATTERN
);
- private HashiCorpVaultCommunicationService vaultCommunicationService;
-
@Override
protected List<PropertyDescriptor> getSupportedPropertyDescriptors() {
return PROPERTY_DESCRIPTORS;
@@ -95,9 +93,8 @@ public class HashiCorpVaultParameterProvider extends
AbstractParameterProvider i
@Override
public List<ParameterGroup> fetchParameters(final ConfigurationContext
context) {
- if (vaultCommunicationService == null) {
- vaultCommunicationService = getVaultCommunicationService(context);
- }
+ // Always get fresh communication service to ensure configuration
changes are reflected
+ final HashiCorpVaultCommunicationService vaultCommunicationService =
getVaultCommunicationService(context);
final List<ParameterGroup> parameterGroups =
getParameterGroups(vaultCommunicationService, context);
return parameterGroups;
@@ -137,13 +134,6 @@ public class HashiCorpVaultParameterProvider extends
AbstractParameterProvider i
return parameterGroups;
}
- @Override
- public void onPropertyModified(final PropertyDescriptor descriptor, final
String oldValue, final String newValue) {
- if (VAULT_CLIENT_SERVICE.equals(descriptor)) {
- vaultCommunicationService = null;
- }
- }
-
@Override
public List<ConfigVerificationResult> verify(final ConfigurationContext
context, final ComponentLog verificationLogger) {
final List<ConfigVerificationResult> results = new ArrayList<>();
