Galsza opened a new pull request, #6981: URL: https://github.com/apache/ozone/pull/6981
## To simplify the CertificateClient the HAUtils#buildCAX509List can be refactored There are 3 methods on DefaultCertificateClient that solely exist to serve the HAUtils method, preferably these should be removed. BuildCAList is now refactored, the places where it used the certificateClient are replaced by direct calls on the certClient. There are a couple of technical details here: before the refactor BuildCAList went to the CertificateClient for a list of CAs, and if the CertClient didn't have that value cached it reached out to SCM. Ever since the CertificateRotation has been implemented the CertClient should be able to provide the actual current certificates even without going to the SCM. Therefore it can be supplemented by direct calls to the client. Instead of using certificates and propagating them further, it turns out the the client can return a ClientTrustManager directly which aligns better with how the CertificateClient should look in its ideal state where only key/trustmanagers are accessible. ## [HDDS-11216](https://issues.apache.org/jira/browse/HDDS-11216) ## How was this patch tested? Clean CI run: https://github.com/Galsza/ozone/actions/runs/10041809622 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
