From 237983dca2b029698c4512c47abda01682304073 Mon Sep 17 00:00:00 2001 From: Stephen Kitt Date: Mon, 23 Oct 2023 17:52:04 +0200 Subject: [PATCH] Allow halting on certificate errors When certificate errors are encountered, the fix is usually to restart the affected pod. To allow this to happen automatically, add a configuration setting for the Lighthouse agent. The setting is disabled by default; it will be enabled by default by the operator. Signed-off-by: Stephen Kitt --- pkg/agent/controller/types.go | 9 +++++---- pkg/agent/main.go | 2 ++ 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/pkg/agent/controller/types.go b/pkg/agent/controller/types.go index f3b2ecaad..45507513e 100644 --- a/pkg/agent/controller/types.go +++ b/pkg/agent/controller/types.go @@ -58,10 +58,11 @@ type Controller struct { } type AgentSpecification struct { - ClusterID string - Namespace string - GlobalnetEnabled bool `split_words:"true"` - Uninstall bool + ClusterID string + Namespace string + GlobalnetEnabled bool `split_words:"true"` + Uninstall bool + HaltOnCertificateError bool } type ServiceImportAggregator struct { diff --git a/pkg/agent/main.go b/pkg/agent/main.go index eda30be03..6f79e0c5c 100644 --- a/pkg/agent/main.go +++ b/pkg/agent/main.go @@ -110,6 +110,8 @@ func main() { exitOnError(err, "Error processing env config for agent spec") logger.Infof("AgentSpec: %#v", agentSpec) + util.AddCertificateErrorHandler(agentSpec.HaltOnCertificateError) + err = mcsv1a1.AddToScheme(scheme.Scheme) exitOnError(err, "Error adding Multicluster v1alpha1 to the scheme")