Skip undefined secrets in keyring migration (#1098)

* Skip undefined secrets in keyring migration If a secret does not exist in datastore, log and skip it.
2025-07-21 18:26:12 +02:00 · 2021-04-20 16:26:40 -04:00 · 2021-04-20 16:26:40 -04:00 · fff95b20e6
commit fff95b20e6
parent 23896b64c7
1 changed files with 7 additions and 1 deletions
--- a/core/src/main/java/google/registry/keyring/kms/KmsKeyring.java
+++ b/core/src/main/java/google/registry/keyring/kms/KmsKeyring.java
@ -266,7 +266,13 @@ public class KmsKeyring implements Keyring {
            .collect(ImmutableList.toImmutableList());
    for (String keyName : labels) {
-      byte[] dsData = getDecryptedDataFromDatastore(keyName);
+      byte[] dsData;
      try {
        dsData = getDecryptedDataFromDatastore(keyName);
      } catch (IllegalStateException e) {
        logger.atWarning().log("Cannot load %s from Datastore. Skipping...", keyName);
        continue;
      }
      byte[] secretStoreData = getDataFromSecretStore(keyName);
      if (Arrays.equals(dsData, secretStoreData)) {
        logger.atInfo().log("%s is already up to date.\n", keyName);