Re: [PR] Get token on every request and make fs calls async [pekko-management]

Tue, 18 Nov 2025 09:45:29 -0800 


mdedetrich commented on code in PR #546:
URL: https://github.com/apache/pekko-management/pull/546#discussion_r2539140405


##########
lease-kubernetes/src/main/scala/org/apache/pekko/coordination/lease/kubernetes/internal/AbstractKubernetesApiImpl.scala:
##########
@@ -148,17 +160,34 @@ import scala.util.control.NonFatal
   protected def requestForPath(
       path: Uri.Path,
       method: HttpMethod = HttpMethods.GET,
-      entity: RequestEntity = HttpEntity.Empty): HttpRequest = {
+      entity: RequestEntity = HttpEntity.Empty): Future[HttpRequest] = {
     val uri = Uri.from(scheme = scheme, host = settings.apiServerHost, port = 
settings.apiServerPort).withPath(path)
-    HttpRequest(uri = uri, headers = headers, method = method, entity = entity)
+    headers().map { headers =>
+      HttpRequest(uri = uri, headers = headers, method = method, entity = 
entity)
+    }(ExecutionContext.parasitic)
+  }
+
+  private[pekko] def makeRawRequest(request: HttpRequest): 
Future[HttpResponse] = {
+    if (settings.secure)
+      http.singleRequest(request, clientSslContext)
+    else
+      http.singleRequest(request)
   }
 
   protected def makeRequest(request: HttpRequest, timeoutMsg: String): 
Future[HttpResponse] = {
-    val response =
-      if (settings.secure)
-        http.singleRequest(request, clientSslContext)
-      else
-        http.singleRequest(request)
+    // It's possible to legitimately get a 401 response due to kubernetes 
doing a token rotation
+    implicit val scheduler: Scheduler = system.scheduler
+    val response = RetrySupport.retry(
+      () => makeRawRequest(request: HttpRequest),
+      (response: HttpResponse, _: Throwable) => {
+        log.warning("Received status code 401 as response, retrying due to 
possible token rotation")
+        response.status == StatusCodes.Unauthorized
+      },
+      settings.tokenRetrySettings.attempts,
+      settings.tokenRetrySettings.minBackoff,
+      settings.tokenRetrySettings.maxBackoff,
+      settings.tokenRetrySettings.randomFactor
+    )

Review Comment:
   This is also wrong, we know that the token will refresh (there is also a 
test for it).



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to