onDeleteLocked must be called while holding c.Mutex for writing
(id idpool.ID, key AllocatorKey, recreateMissingLocalKeys bool)
| 199 | |
| 200 | // onDeleteLocked must be called while holding c.Mutex for writing |
| 201 | func (c *cache) onDeleteLocked(id idpool.ID, key AllocatorKey, recreateMissingLocalKeys bool) { |
| 202 | a := c.allocator |
| 203 | if a.enableMasterKeyProtection && recreateMissingLocalKeys { |
| 204 | if value := a.localKeys.lookupID(id); value != nil { |
| 205 | c.controllers.UpdateController(syncControllerName(id), controller.ControllerParams{ |
| 206 | Context: context.Background(), |
| 207 | MaxRetryInterval: masterKeyRecreateMaxInterval, |
| 208 | Group: syncIdentityGroup, |
| 209 | DoFunc: func(ctx context.Context) error { |
| 210 | c.mutex.Lock() |
| 211 | defer c.mutex.Unlock() |
| 212 | // For each attempt, check if this ciliumidentity is still a candidate for recreation. |
| 213 | // It's possible that since the last iteration that this agent has legitimately deleted |
| 214 | // the key, in which case we can stop trying to recreate it. |
| 215 | if value := c.allocator.localKeys.lookupID(id); value == nil { |
| 216 | return nil |
| 217 | } |
| 218 | |
| 219 | ctx, cancel := context.WithTimeout(ctx, backendOpTimeout) |
| 220 | defer cancel() |
| 221 | |
| 222 | // Each iteration will attempt to grab the key reference, if that succeeds |
| 223 | // then this completes (i.e. the key exists). |
| 224 | // Otherwise we will attempt to create the key, this process repeats until |
| 225 | // the key is created. |
| 226 | if err := a.backend.UpdateKey(ctx, id, value, true); err != nil { |
| 227 | c.logger.Error( |
| 228 | "OnDelete MasterKeyProtection update for key", |
| 229 | logfields.Error, err, |
| 230 | logfields.ID, id, |
| 231 | ) |
| 232 | return err |
| 233 | } |
| 234 | c.logger.Info( |
| 235 | "OnDelete MasterKeyProtection update succeeded", |
| 236 | logfields.ID, id, |
| 237 | ) |
| 238 | return nil |
| 239 | }, |
| 240 | }) |
| 241 | |
| 242 | return |
| 243 | } |
| 244 | } |
| 245 | |
| 246 | if k, ok := c.nextCache[id]; ok && k != nil { |
| 247 | delete(c.nextKeyCache, k.GetKey()) |
| 248 | } |
| 249 | |
| 250 | delete(c.nextCache, id) |
| 251 | a.idPool.Insert(id) |
| 252 | |
| 253 | c.emitChange(AllocatorChange{Kind: AllocatorChangeDelete, ID: id, Key: key}) |
| 254 | |
| 255 | c.sendEvent(AllocatorChangeDelete, id, key) |
| 256 | } |
| 257 | |
| 258 | // start requests a LIST operation from the kvstore and starts watching the |
no test coverage detected