private static KeyStore getK8sKeystore()

in aws-xray-recorder-sdk-core/src/main/java/com/amazonaws/xray/utils/ContainerInsightsUtil.java [144:186]

• 36 lines of code
• 7 McCabe index (conditional complexity)

    private static KeyStore getK8sKeystore() {

        InputStream certificateFile = null;

        try {
            KeyStore k8sTrustStore = null;
            File caFile = Paths.get(K8S_CRED_FOLDER, K8S_CRED_CERT_SUFFIX).toFile();

            if (caFile.exists()) {
                k8sTrustStore = KeyStore.getInstance(KeyStore.getDefaultType());
                k8sTrustStore.load(null, null);
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");

                certificateFile =
                        new FileInputStream(caFile);
                Collection<? extends Certificate> certificates =
                        certificateFactory.generateCertificates(certificateFile);

                if (certificates.isEmpty()) {
                    throw new IllegalArgumentException("K8s cert file contained no certificates.");
                }

                for (Certificate certificate : certificates) {
                    k8sTrustStore.setCertificateEntry("k8sca", certificate);
                }
            } else {
                logger.debug("K8s CA Cert file does not exists.");
            }

            return k8sTrustStore;
        } catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException e) {
            logger.warn("Unable to load K8s CA certificate.", e);
            return null;
        } finally {
            if (certificateFile != null) {
                try {
                    certificateFile.close();
                } catch (IOException e) {
                    logger.error("Can't close K8s CA certificate file.", e);
                }
            }
        }
    }