From 7ee7634283dde180bb62dbdb127f4a71c2c68077 Mon Sep 17 00:00:00 2001 From: Wim Fournier Date: Fri, 11 Apr 2025 13:02:33 +0200 Subject: [PATCH] Delete config secret when listener pod gets deleted This should fix https://github.com/actions/actions-runner-controller/issues/4029. When the github token gets updated, and the old one expires, the listener pod dies. Only to be recreated with the existing listener config that holds the now expired token. This PR fixes that by deleting the config secret as well, so the reconciler recreates it with the updated token. --- .../autoscalinglistener_controller.go | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/controllers/actions.github.com/autoscalinglistener_controller.go b/controllers/actions.github.com/autoscalinglistener_controller.go index 386e628f..4917457c 100644 --- a/controllers/actions.github.com/autoscalinglistener_controller.go +++ b/controllers/actions.github.com/autoscalinglistener_controller.go @@ -260,6 +260,19 @@ func (r *AutoscalingListenerReconciler) Reconcile(ctx context.Context, req ctrl. log.Error(err, "Unable to delete the listener pod", "namespace", listenerPod.Namespace, "name", listenerPod.Name) return ctrl.Result{}, err } + + // delete the listener config secret as well, so it gets recreated when the listener pod is recreated, with any new data if it exists + var configSecret corev1.Secret + err := r.Get(ctx, types.NamespacedName{Namespace: autoscalingListener.Namespace, Name: scaleSetListenerConfigName(autoscalingListener)}, &configSecret) + switch { + case err == nil: + if configSecret.ObjectMeta.DeletionTimestamp.IsZero() { + log.Info("Deleting the listener config secret") + if err := r.Delete(ctx, &configSecret); err != nil { + return ctrl.Result{}, fmt.Errorf("failed to delete listener config secret: %w", err) + } + } + } } return ctrl.Result{}, nil case cs.State.Running != nil: