[arvados] updated: 2.7.0-6266-g4637d2c632
git repository hosting
git at public.arvados.org
Tue Apr 2 14:44:26 UTC 2024
Summary of changes:
services/keepstore/s3_volume.go | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
via 4637d2c632e4d6c1a759f5a1aa8ac5195e1c362c (commit)
from 4ec8e3b32cd11141f9d639f651b721feff66c437 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit 4637d2c632e4d6c1a759f5a1aa8ac5195e1c362c
Author: Tom Clegg <tom at curii.com>
Date: Tue Apr 2 10:43:59 2024 -0400
21636: Increase ExpiryWindow and add doc reference.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>
diff --git a/services/keepstore/s3_volume.go b/services/keepstore/s3_volume.go
index affcc988dd..2e2e97a974 100644
--- a/services/keepstore/s3_volume.go
+++ b/services/keepstore/s3_volume.go
@@ -226,7 +226,13 @@ func (v *s3Volume) check(ec2metadataHostname string) error {
// expiring credentials do not cause
// request to fail unexpectedly due to
// ExpiredTokenException exceptions."
- opts.ExpiryWindow = time.Minute
+ //
+ // (from
+ // https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html)
+ // "We make new credentials available
+ // at least five minutes before the
+ // expiration of the old credentials."
+ opts.ExpiryWindow = 5 * time.Minute
}),
})
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list