[HWORKS-855] Remove Kagent ability to do service key rotation (logica…

…lclocks#1077)
ErmiasG · Nov 30, 2023 · 247d8af · 247d8af
1 parent 3bbcdb0
commit 247d8af
Show file tree

Hide file tree

Showing 4 changed files with 2 additions and 13 deletions.
diff --git a/attributes/default.rb b/attributes/default.rb
@@ -111,15 +111,13 @@
 default['hopsworks']['twofactor_auth']              = "false"
 default['hopsworks']['twofactor_exclude_groups']    = "AGENT;CLUSTER_AGENT" #semicolon separated list of roles
 
-default['hopsworks']['service_key_rotation_enabled'] = "false"
 ## Suffix can be: (defaults to minutes if omitted)
 ## ms: milliseconds
 ## s: seconds
 ## m: minutes (default)
 ## h: hours
 ## d: days
 default['hopsworks']['cert_mater_delay']                            = "3m"
-default['hopsworks']['service_key_rotation_interval']               = "2d"
 default['hopsworks']['application_certificate_validity_period']     = "3650d"
 
 #Time in milliseconds to wait after a TensorBoard is requested before considering it old (and should be killed)

diff --git a/metadata.rb b/metadata.rb
@@ -81,14 +81,6 @@
           :description => "Delay for the Certificate Materialization service of Hopsworks to delete the certificates from the local fs",
           :type => 'string'
 
-attribute "hopsworks/service_key_rotation_enabled",
-          :description => "Configuration option to enable/disable automatic service key rotation",
-          :type => 'string'
-
-attribute "hopsworks/service_key_rotation_interval",
-          :description => "Interval for Hops service certificates rotation",
-          :type => 'string'
-
 attribute "hopsworks/application_certificate_validity_period",
           :description => "Application certificate validity period. Certificates will be rotated well before the expiration",
           :type => 'string'

diff --git a/templates/default/sql/dml/0.5.0.sql.erb b/templates/default/sql/dml/0.5.0.sql.erb
@@ -1,10 +1,7 @@
-REPLACE INTO `hopsworks`.`variables`(`id`, `value`) VALUES ("service_key_rotation_interval", "<%= node['hopsworks']['service_key_rotation_interval'] %>");
 REPLACE INTO `hopsworks`.`variables`(`id`, `value`) VALUES ("conda_default_repo", "<%= @conda_repo %>");
 REPLACE INTO `hopsworks`.`variables`(`id`, `value`) VALUES ("user_cert_valid_days", "<%= @user_cert_valid_days %>");
 REPLACE INTO `hopsworks`.`variables`(`id`, `value`) VALUES ("support_email_addr", "<%= node['hopsworks']['support_email_addr'] %>");
 
-REPLACE INTO `hopsworks`.`variables`(`id`, `value`) VALUES ("service_key_rotation_enabled", "<%= node['hopsworks']['service_key_rotation_enabled'] %>");
-
 REPLACE INTO `hopsworks`.`variables`(`id`, `value`, `visibility`) VALUES ("zookeeper_version", "<%= node['kzookeeper']['version'] %>", 1);
 REPLACE INTO `hopsworks`.`variables`(`id`, `value`, `visibility`) VALUES ("grafana_version", "<%= node['grafana']['version'] %>", 1);
 REPLACE INTO `hopsworks`.`variables`(`id`, `value`, `visibility`) VALUES ("logstash_version", "<%= node['logstash']['version'] %>", 1);

diff --git a/templates/default/sql/dml/3.7.0.sql.erb b/templates/default/sql/dml/3.7.0.sql.erb
@@ -0,0 +1,2 @@
+DELETE FROM `hopsworks`.`variables` WHERE `id`='service_key_rotation_enabled';
+DELETE FROM `hopsworks`.`variables` WHERE `id`='service_key_rotation_interval';
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		DELETE FROM `hopsworks`.`variables` WHERE `id`='service_key_rotation_enabled';
		DELETE FROM `hopsworks`.`variables` WHERE `id`='service_key_rotation_interval';