Optimizing profile file loading

Author: cenedhryn

core/auth/src/main/java/software/amazon/awssdk/auth/credentials/InstanceProfileCredentialsProvider.java

@@ -78,6 +78,7 @@ public final class InstanceProfileCredentialsProvider
     private final Clock clock;
     private final String endpoint;
     private final Ec2MetadataConfigProvider configProvider;
+    private final Ec2MetadataDisableV1Resolver ec2MetadataDisableV1Resolver;
     private final HttpCredentialsLoader httpCredentialsLoader;
     private final CachedSupplier<AwsCredentials> credentialsCache;
 
@@ -89,6 +90,7 @@ public final class InstanceProfileCredentialsProvider
 
     private final String profileName;
 
+
     /**
      * @see #builder()
      */
@@ -97,15 +99,18 @@ private InstanceProfileCredentialsProvider(BuilderImpl builder) {
         this.endpoint = builder.endpoint;
         this.asyncCredentialUpdateEnabled = builder.asyncCredentialUpdateEnabled;
         this.asyncThreadName = builder.asyncThreadName;
-        this.profileFile = builder.profileFile;
-        this.profileName = builder.profileName;
+        this.profileFile = Optional.ofNullable(builder.profileFile)
+                                   .orElseGet(() -> ProfileFileSupplier.fixedProfileFile(ProfileFile.defaultProfileFile()));
+        this.profileName = Optional.ofNullable(builder.profileName)
+                                   .orElseGet(ProfileFileSystemSetting.AWS_PROFILE::getStringValueOrThrow);
 
         this.httpCredentialsLoader = HttpCredentialsLoader.create();
         this.configProvider =
             Ec2MetadataConfigProvider.builder()
-                                     .profileFile(builder.profileFile)
-                                     .profileName(builder.profileName)
+                                     .profileFile(profileFile)
+                                     .profileName(profileName)
                                      .build();
+        this.ec2MetadataDisableV1Resolver = Ec2MetadataDisableV1Resolver.create(profileFile, profileName);
 
         if (Boolean.TRUE.equals(builder.asyncCredentialUpdateEnabled)) {
             Validate.paramNotBlank(builder.asyncThreadName, "asyncThreadName");
@@ -268,7 +273,7 @@ private String handleTokenErrorResponse(Exception e) {
     }
 
     private boolean isInsecureFallbackDisabled() {
-        return Ec2MetadataDisableV1Resolver.create(profileFile, profileName).resolve();
+        return ec2MetadataDisableV1Resolver.resolve();
     }
 
     private String[] getSecurityCredentials(String imdsHostname, String metadataToken) {

core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/Ec2MetadataDisableV1Resolver.java

@@ -20,7 +20,6 @@
 import software.amazon.awssdk.annotations.SdkInternalApi;
 import software.amazon.awssdk.core.SdkSystemSetting;
 import software.amazon.awssdk.profiles.ProfileFile;
-import software.amazon.awssdk.profiles.ProfileFileSystemSetting;
 import software.amazon.awssdk.profiles.ProfileProperty;
 import software.amazon.awssdk.utils.OptionalUtils;
 
@@ -49,27 +48,9 @@ private static Optional<Boolean> fromSystemSettings() {
     }
 
     private static Optional<Boolean> fromProfileFile(Supplier<ProfileFile> profileFile, String profileName) {
-        profileFile = profileFile != null ? profileFile : ProfileFile::defaultProfileFile;
-        profileName = profileName != null ? profileName : ProfileFileSystemSetting.AWS_PROFILE.getStringValueOrThrow();
-        if (profileFile.get() == null) {
-            return Optional.empty();
-        }
         return profileFile.get()
                           .profile(profileName)
-                          .flatMap(p -> p.property(ProfileProperty.EC2_METADATA_V1_DISABLED))
-                          .map(Ec2MetadataDisableV1Resolver::safeProfileStringToBoolean);
-    }
-
-    private static boolean safeProfileStringToBoolean(String value) {
-        if (value.equalsIgnoreCase("true")) {
-            return true;
-        }
-        if (value.equalsIgnoreCase("false")) {
-            return false;
-        }
-
-        throw new IllegalStateException("Profile property '" + ProfileProperty.EC2_METADATA_V1_DISABLED + "', "
-                                        + "was defined as '" + value + "', but should be 'false' or 'true'");
+                          .flatMap(p -> p.booleanProperty(ProfileProperty.EC2_METADATA_V1_DISABLED));
     }
 
 }

core/auth/src/main/java/software/amazon/awssdk/auth/credentials/internal/ProfileCredentialsUtils.java

@@ -262,13 +262,7 @@ private AwsCredentialsProvider credentialSourceCredentialProvider(CredentialSour
             case ECS_CONTAINER:
                 return ContainerCredentialsProvider.builder().build();
             case EC2_INSTANCE_METADATA:
-                // The IMDS credentials provider should source the endpoint config properties from the currently active profile
-                Ec2MetadataConfigProvider configProvider = Ec2MetadataConfigProvider.builder()
-                                                                                    .profileFile(() -> profileFile)
-                                                                                    .profileName(name)
-                                                                                    .build();
                 return InstanceProfileCredentialsProvider.builder()
-                                                         .endpoint(configProvider.getEndpoint())
                                                          .profileFile(profileFile)
                                                          .profileName(name)
                                                          .build();

core/auth/src/test/java/software/amazon/awssdk/auth/credentials/internal/Ec2MetadataDisableV1ResolverTest.java

@@ -55,11 +55,13 @@ public void resolveDisableValue_whenBoolean_resolvesCorrectly(
     }
 
     private static Stream<Arguments> booleanConfigValues() {
+        ProfileFile emptyProfile = configFile("profile test", Pair.of("foo", "bar"));
+
         Function<String, ProfileFile> profileDisableValues =
             s -> configFile("profile test", Pair.of(ProfileProperty.EC2_METADATA_V1_DISABLED, s));
 
         return Stream.of(
-            Arguments.of(null, null, null, false),
+            Arguments.of(null, null, emptyProfile, false),
             Arguments.of("false", null, null, false),
             Arguments.of("true", null, null, true),
             Arguments.of(null, "false", null, false),
@@ -84,8 +86,7 @@ public void resolveDisableValue_whenNonBoolean_throws(
         setUpSystemSettings(systemProperty, envVar);
 
         Ec2MetadataDisableV1Resolver resolver = Ec2MetadataDisableV1Resolver.create(() -> profileFile, "test");
-        assertThatThrownBy(resolver::resolve).isInstanceOf(IllegalStateException.class)
-                                             .hasMessageContaining("but should be 'false' or 'true'");
+        assertThatThrownBy(resolver::resolve).isInstanceOf(IllegalStateException.class);
     }
 
     private static Stream<Arguments> nonBooleanConfigValues() {

core/regions/src/test/java/software/amazon/awssdk/regions/internal/util/EC2MetadataUtilsTest.java

@@ -55,6 +55,7 @@ public class EC2MetadataUtilsTest {
     public void methodSetup() {
         System.setProperty(SdkSystemSetting.AWS_EC2_METADATA_SERVICE_ENDPOINT.property(), "http://localhost:" + mockMetadataEndpoint.port());
         EC2MetadataUtils.clearCache();
+        System.clearProperty(SdkSystemSetting.AWS_EC2_METADATA_V1_DISABLED.property());
     }
 
     @Test