From 9bb8b1ebc9f59e62980a09a6591a220412031936 Mon Sep 17 00:00:00 2001 From: Fernando Giorgetti Date: Fri, 6 Dec 2024 17:14:54 -0300 Subject: [PATCH 1/2] Fixes grant server updating grant status before site is ready * AccessGrant status.redeemed count was being increased before generateLinkConfig was able to resolve endpoints, returning the "Could not resolve any endpoints for requested link" error and exhausting the AccessGrant before it is actually consumed * Fixed null pointer issue found (eventually) while deleting a namespace for an active site --- pkg/kube/grants/grants.go | 22 ++++++++++++++++------ pkg/kube/site/site.go | 4 ++-- 2 files changed, 18 insertions(+), 8 deletions(-) diff --git a/pkg/kube/grants/grants.go b/pkg/kube/grants/grants.go index 5251566ce..54a2040c7 100644 --- a/pkg/kube/grants/grants.go +++ b/pkg/kube/grants/grants.go @@ -1,6 +1,7 @@ package grants import ( + "bytes" "context" "fmt" "io" @@ -282,13 +283,12 @@ func (g *Grants) ServeHTTP(w http.ResponseWriter, r *http.Request) { http.Error(w, "Request body not valid", http.StatusBadRequest) return } - - grant, e := g.checkAndUpdateAccessToken(key, body) - if e != nil { - e.write(w) + grant := g.get(key) + if grant == nil { + log.Printf("No such claim: %s", key) + http.Error(w, fmt.Sprintf("No such claim: %s", key), http.StatusBadRequest) return } - name := r.Header.Get("name") if name == "" { log.Printf("No name specified when redeeming access token for %s/%s, using access grant name", grant.Namespace, grant.Name) @@ -298,11 +298,21 @@ func (g *Grants) ServeHTTP(w http.ResponseWriter, r *http.Request) { if subject == "" { subject = name } - if err := g.generator(grant.Namespace, name, subject, w); err != nil { + buf := bytes.NewBufferString("") + if err := g.generator(grant.Namespace, name, subject, buf); err != nil { log.Printf("Failed to create token for %s/%s: %s", grant.Namespace, grant.Name, err.Error()) http.Error(w, err.Error(), http.StatusInternalServerError) return } + grant, e := g.checkAndUpdateAccessToken(key, body) + if e != nil { + e.write(w) + return + } + if _, err := w.Write(buf.Bytes()); err != nil { + log.Printf("Failed to write access token for %s/%s: %s", grant.Namespace, grant.Name, err.Error()) + http.Error(w, err.Error(), http.StatusInternalServerError) + } log.Printf("Redemption of access token %s/%s succeeded", grant.Namespace, grant.Name) } diff --git a/pkg/kube/site/site.go b/pkg/kube/site/site.go index d28ce979d..668b239e2 100644 --- a/pkg/kube/site/site.go +++ b/pkg/kube/site/site.go @@ -679,7 +679,7 @@ func (s *Site) updateConnectorConfiguredStatusWithSelectedPods(connector *skuppe func (s *Site) CheckConnector(name string, connector *skupperv2alpha1.Connector) error { update := s.bindings.UpdateConnector(name, connector) - if s.site == nil { + if s.site == nil && connector != nil { return s.updateConnectorConfiguredStatus(connector, stderrors.New("No active site in namespace")) } if update == nil { @@ -705,7 +705,7 @@ func (s *Site) updateListenerStatus(listener *skupperv2alpha1.Listener, err erro func (s *Site) CheckListener(name string, listener *skupperv2alpha1.Listener) error { update, err1 := s.bindings.UpdateListener(name, listener) - if s.site == nil { + if s.site == nil && listener != nil { return s.updateListenerStatus(listener, stderrors.New("No active site in namespace")) } if update == nil { From 994acbc884a08729cb52d913d4515c1250756611 Mon Sep 17 00:00:00 2001 From: Fernando Giorgetti Date: Fri, 6 Dec 2024 17:36:30 -0300 Subject: [PATCH 2/2] updated not known test --- pkg/kube/grants/grants.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/kube/grants/grants.go b/pkg/kube/grants/grants.go index 54a2040c7..6f5a6c434 100644 --- a/pkg/kube/grants/grants.go +++ b/pkg/kube/grants/grants.go @@ -286,7 +286,7 @@ func (g *Grants) ServeHTTP(w http.ResponseWriter, r *http.Request) { grant := g.get(key) if grant == nil { log.Printf("No such claim: %s", key) - http.Error(w, fmt.Sprintf("No such claim: %s", key), http.StatusBadRequest) + httpError("No such claim", http.StatusNotFound).write(w) return } name := r.Header.Get("name")