mirror of
https://github.com/tailscale/tailscale.git
synced 2025-09-21 05:31:36 +02:00
cmd/containerboot: do not reset state on non-existant secret (#17021)
This commit modifies containerboot's state reset process to handle the state secret not existing. During other parts of the boot process we gracefully handle the state secret not being created yet, but missed that check within `resetContainerbootState` Fixes https://github.com/tailscale/tailscale/issues/16804 Signed-off-by: David Bond <davidsbond93@gmail.com>
This commit is contained in:
David Bond
GitHub
parent
d8ac539bf9
commit
624cdd2961
@ -124,10 +124,13 @@ func (kc *kubeClient) deleteAuthKey(ctx context.Context) error {
|
|||||||
// ensure the operator doesn't use stale state when a Pod is first recreated.
|
// ensure the operator doesn't use stale state when a Pod is first recreated.
|
||||||
func (kc *kubeClient) resetContainerbootState(ctx context.Context, podUID string) error {
|
func (kc *kubeClient) resetContainerbootState(ctx context.Context, podUID string) error {
|
||||||
existingSecret, err := kc.GetSecret(ctx, kc.stateSecret)
|
existingSecret, err := kc.GetSecret(ctx, kc.stateSecret)
|
||||||
if err != nil {
|
switch {
|
||||||
|
case kubeclient.IsNotFoundErr(err):
|
||||||
|
// In the case that the Secret doesn't exist, we don't have any state to reset and can return early.
|
||||||
|
return nil
|
||||||
|
case err != nil:
|
||||||
return fmt.Errorf("failed to read state Secret %q to reset state: %w", kc.stateSecret, err)
|
return fmt.Errorf("failed to read state Secret %q to reset state: %w", kc.stateSecret, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
s := &kubeapi.Secret{
|
s := &kubeapi.Secret{
|
||||||
Data: map[string][]byte{
|
Data: map[string][]byte{
|
||||||
kubetypes.KeyCapVer: fmt.Appendf(nil, "%d", tailcfg.CurrentCapabilityVersion),
|
kubetypes.KeyCapVer: fmt.Appendf(nil, "%d", tailcfg.CurrentCapabilityVersion),
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user