diff --git a/service/kas/kas.go b/service/kas/kas.go index 8957e74c8f..2e0960862e 100644 --- a/service/kas/kas.go +++ b/service/kas/kas.go @@ -75,9 +75,6 @@ func NewRegistration() *serviceregistry.Service[kasconnect.AccessServiceHandler] // Configure new delegation service p.KeyDelegator = trust.NewDelegatingKeyService(NewPlatformKeyIndexer(srp.SDK, kasURL.String(), srp.Logger), srp.Logger, cacheClient) - if len(srp.KeyManagerFactories) > 0 { - srp.Logger.Error("kas service ignores legacy KeyManagerFactories; using KeyManagerCtxFactories instead") - } for _, manager := range srp.KeyManagerCtxFactories { p.KeyDelegator.RegisterKeyManagerCtx(manager.Name, manager.Factory) kmgrs = append(kmgrs, manager.Name) diff --git a/service/pkg/server/services.go b/service/pkg/server/services.go index 0ab4834aa2..5af961893a 100644 --- a/service/pkg/server/services.go +++ b/service/pkg/server/services.go @@ -142,18 +142,6 @@ func startServices(ctx context.Context, params startServicesParams) (func(), err cacheManager := params.cacheManager keyManagerCtxFactories := params.keyManagerCtxFactories - // Create a copy of the key manager factories as the context version for legacy services that don't load the new version with context - var keyManagerFactories []trust.NamedKeyManagerFactory - for _, factory := range keyManagerCtxFactories { - keyManagerFactories = append(keyManagerFactories, trust.NamedKeyManagerFactory{ - Name: factory.Name, - //nolint:contextcheck // This is called later, so will be in a new context - Factory: func(opts *trust.KeyManagerFactoryOptions) (trust.KeyManager, error) { - return factory.Factory(context.Background(), opts) - }, - }) - } - // Iterate through the registered namespaces for _, nsInfo := range reg.GetNamespaces() { ns := nsInfo.Name @@ -229,7 +217,6 @@ func startServices(ctx context.Context, params startServicesParams) (func(), err OTDF: otdf, // TODO: REMOVE THIS Tracer: tracer, NewCacheClient: createCacheClient, - KeyManagerFactories: keyManagerFactories, KeyManagerCtxFactories: keyManagerCtxFactories, }) if err != nil { diff --git a/service/pkg/serviceregistry/serviceregistry.go b/service/pkg/serviceregistry/serviceregistry.go index 2dfb064616..85e95f1c01 100644 --- a/service/pkg/serviceregistry/serviceregistry.go +++ b/service/pkg/serviceregistry/serviceregistry.go @@ -51,12 +51,6 @@ type RegistrationParams struct { // NewCacheClient is a function that can be used to create a new cache instance for the service NewCacheClient func(cache.Options) (*cache.Cache, error) - // KeyManagerFactories are the registered key manager factories that can be used to create - // key managers for the service to use. - // Prefer KeyManagerCtxFactories - // EXPERIMENTAL - KeyManagerFactories []trust.NamedKeyManagerFactory - // KeyManagerCtxFactories are the registered key manager context factories that can be used to create // key managers for the service to use. // EXPERIMENTAL diff --git a/service/policy/keymanagement/key_management.go b/service/policy/keymanagement/key_management.go index 440da3b885..6959625407 100644 --- a/service/policy/keymanagement/key_management.go +++ b/service/policy/keymanagement/key_management.go @@ -67,12 +67,8 @@ func NewRegistration(ns string, dbRegister serviceregistry.DBRegister) *servicer ksvc.config = cfg ksvc.dbClient = policydb.NewClient(srp.DBClient, srp.Logger, int32(cfg.ListRequestLimitMax), int32(cfg.ListRequestLimitDefault)) - // Register key managers in well-known configuration - ksvc.keyManagerFactories = make([]registeredManagers, 0, len(srp.KeyManagerFactories)) - if len(srp.KeyManagerFactories) > 0 { - srp.Logger.Error("keymanagement: ignoring legacy KeyManagerFactories; using KeyManagerCtxFactories instead") - } managersMap := make(map[string]any) + ksvc.keyManagerFactories = make([]registeredManagers, 0, len(srp.KeyManagerCtxFactories)) for i, factory := range srp.KeyManagerCtxFactories { rm := registeredManagers{ Name: factory.Name,