make KeysetKeysFailedShutdownHours configurable, simplify reconvery logic

Author: lizk886

conf/default-config.json

@@ -37,6 +37,8 @@
   "optout_inmem_cache": false,
   "enclave_platform": null,
   "failure_shutdown_wait_hours": 120,
+  "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "sharing_token_expiry_seconds": 2592000,
   "operator_type": "public",
   "enable_remote_config": true,

conf/docker-config.json

@@ -40,6 +40,7 @@
   "enclave_platform": null,
   "failure_shutdown_wait_hours": 120,
   "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "operator_type": "public",
   "disable_optout_token": true,
   "enable_remote_config": true,

conf/integ-config.json

@@ -16,6 +16,7 @@
   "cloud_encryption_keys_metadata_path": "http://localhost:8088/cloud_encryption_keys/retrieve",
   "runtime_config_metadata_path": "http://localhost:8088/operator/config",
   "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "operator_type": "public",
   "disable_optout_token": true,
   "enable_remote_config": false,

conf/local-config.json

@@ -38,6 +38,7 @@
   "key_sharing_endpoint_provide_app_names": true,
   "client_side_token_generate_log_invalid_http_origins": true,
   "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "operator_type": "public",
   "encrypted_files": false,
   "disable_optout_token": true,

conf/local-e2e-docker-private-config.json

@@ -30,6 +30,7 @@
   "optout_delta_rotate_interval": 60,
   "cloud_refresh_interval": 30,
   "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "operator_type": "private",
   "enable_remote_config": true,
   "uid_instance_id_prefix": "local-private-operator"

conf/local-e2e-docker-public-config.json

@@ -36,6 +36,7 @@
   "optout_status_api_enabled": true,
   "cloud_refresh_interval": 30,
   "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "operator_type": "public",
   "disable_optout_token": true,
   "enable_remote_config": true,

conf/local-e2e-private-config.json

@@ -41,6 +41,7 @@
   "client_side_token_generate_domain_name_check_enabled": false,
   "client_side_token_generate_log_invalid_http_origins": true,
   "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "operator_type": "private",
   "enable_remote_config": true,
   "uid_instance_id_prefix": "local-private-operator"

conf/local-e2e-public-config.json

@@ -42,6 +42,7 @@
   "key_sharing_endpoint_provide_app_names": true,
   "client_side_token_generate_log_invalid_http_origins": true,
   "salts_expired_shutdown_hours": 12,
+  "keysetkeys_failed_shutdown_hours": 168,
   "operator_type": "public",
   "disable_optout_token": true,
   "enable_remote_config": true,

src/main/java/com/uid2/operator/Main.java

@@ -116,7 +116,8 @@ public Main(Vertx vertx, JsonObject config) throws Exception {
         this.validateServiceLinks = config.getBoolean(Const.Config.ValidateServiceLinks, false);
         this.encryptedCloudFilesEnabled = config.getBoolean(Const.Config.EncryptedFiles, false);
         this.shutdownHandler = new OperatorShutdownHandler(Duration.ofHours(12),
-                Duration.ofHours(config.getInteger(Const.Config.SaltsExpiredShutdownHours, 12)), Duration.ofDays(7),
+                Duration.ofHours(config.getInteger(Const.Config.SaltsExpiredShutdownHours, 12)),
+                Duration.ofHours(config.getInteger(Const.Config.KeysetKeysFailedShutdownHours, 168)),
                 Clock.systemUTC(), new ShutdownService());
         this.uidInstanceIdProvider = new UidInstanceIdProvider(config);
 

src/main/java/com/uid2/operator/vertx/OperatorShutdownHandler.java

@@ -67,28 +67,17 @@ public void logSaltFailureAtInterval() {
 
     public void handleKeysetKeyRefreshResponse(Boolean success) {
         if (success) {
-            Instant previousFailureTime = keysetKeyFailureStartTime.getAndSet(null);
-            if (previousFailureTime != null) {
-                Duration failureDuration = Duration.between(previousFailureTime, clock.instant());
-                LOGGER.info("keyset keys sync recovered after {} ({}d {}h {}m). shutdown timer reset.",
-                        failureDuration,
-                        failureDuration.toDays(),
-                        failureDuration.toHoursPart(),
-                        failureDuration.toMinutesPart());
-            } else {
-                LOGGER.debug("keyset keys sync successful - timer remains null");
-            }
+            keysetKeyFailureStartTime.set(null);
+            LOGGER.debug("keyset keys sync successful"); 
         } else {
             logKeysetKeyFailureAtInterval();
             Instant t = keysetKeyFailureStartTime.get();
             if (t == null) {
                 keysetKeyFailureStartTime.set(clock.instant());
-                LOGGER.warn(
-                        "keyset keys sync started failing. shutdown timer started (will shutdown in 7 days if not recovered)");
+                LOGGER.warn("keyset keys sync started failing. shutdown timer started");
             } else {
                 Duration elapsed = Duration.between(t, clock.instant());
-                LOGGER.debug("keyset keys sync still failing - timer at {} ({}d {}h {}m) / 7 days",
-                        elapsed,
+                LOGGER.debug("keyset keys sync still failing - elapsed time: {}d {}h {}m",
                         elapsed.toDays(),
                         elapsed.toHoursPart(),
                         elapsed.toMinutesPart());