flasharray: rate-limit legacy-auth deprecation WARN to once per URL

Eugenio Grosso · Eugenio Grosso · commit e49809f733db · 2026-06-14T00:38:38.000Z
Copilot pointed out that the legacy-auth deprecation WARN is emitted on every login/refresh; with the default ~14-minute key TTL and multiple legacy-configured pools, that spams the logs without giving the operator any new information.

Gate the WARN behind a static Set&lt;String&gt; keyed by FlashArray URL so it fires once per endpoint per JVM lifetime. Subsequent refreshes against the same URL stay silent. Uses ConcurrentHashMap.newKeySet() for thread-safety since multiple pools poll concurrently.

Signed-off-by: Eugenio Grosso &lt;eugenio.grosso@gmail.com&gt;
diff --git a/plugins/storage/volume/flasharray/src/main/java/org/apache/cloudstack/storage/datastore/adapter/flasharray/FlashArrayAdapter.java b/plugins/storage/volume/flasharray/src/main/java/org/apache/cloudstack/storage/datastore/adapter/flasharray/FlashArrayAdapter.java
@@ -27,6 +27,8 @@
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.Set;
+import java.util.concurrent.ConcurrentHashMap;
 
 import javax.net.ssl.HostnameVerifier;
 import javax.net.ssl.SSLContext;
@@ -86,6 +88,10 @@ public class FlashArrayAdapter implements ProviderAdapter {
     private static final String API_LOGIN_VERSION_DEFAULT = "1.19";
     private static final String API_VERSION_DEFAULT = "2.23";
 
+    // URLs for which the legacy-auth deprecation WARN has already been emitted,
+    // so we don't spam the logs once per refresh per pool while it's still configured.
+    private static final Set<String> WARNED_LEGACY_URLS = ConcurrentHashMap.newKeySet();
+
     static final ObjectMapper mapper = new ObjectMapper();
     public String pod = null;
     public String hostgroup = null;
@@ -712,10 +718,12 @@ private void login() {
             }
 
             if (usingLegacyUserPass) {
-                logger.warn("FlashArray adapter at [" + url + "] is using deprecated username/password "
-                        + "login against Purity REST 1.x. Replace with a pre-minted "
-                        + ProviderAdapter.API_TOKEN_KEY + " detail; the username/password code path will be "
-                        + "removed in a future release.");
+                if (WARNED_LEGACY_URLS.add(url)) {
+                    logger.warn("FlashArray adapter at [" + url + "] is using deprecated username/password "
+                            + "login against Purity REST 1.x. Replace with a pre-minted "
+                            + ProviderAdapter.API_TOKEN_KEY + " detail; the username/password code path will be "
+                            + "removed in a future release.");
+                }
                 HttpPost request = new HttpPost(url + "/" + apiLoginVersion + "/auth/apitoken");
                 ArrayList<NameValuePair> postParms = new ArrayList<NameValuePair>();
                 postParms.add(new BasicNameValuePair("username", username));
