New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[NET-8412] Fix order of APIGW ACL policy/role creation #3779
Conversation
…onsul when policy/role already exists
gatewayNameToPolicy map[string]*api.ACLPolicy | ||
policyMutex *sync.Mutex | ||
|
||
gatewayNameToRole map[string]*api.ACLRole |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I debated having the values here just be the aclpolicy name or id (same for the role) but decided on keeping the entire role/policy on there in case we need more from there in the future but don't feel too strongly about it
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like it needs a changelog entry, but generally LGTM
I don't think this fix is working properly. After adding a CRD - API gateway and then deleting it in consul, the role remains and adding such a CRD again causes an error. The error occurs even without any intervention, if we shutdown and up the environment, the API gateway will no longer be running, but will hang on INIT, trying to re-add an existing role, i.e. the same error again:
|
Changes proposed in this PR
How I've tested this PR
How I expect reviewers to test this PR
Checklist