Skip to content

Commit

Permalink
fix: Remove crashOnFailureFetchingExpectations flag (#3453)
Browse files Browse the repository at this point in the history
Signed-off-by: David-Jaeyoon-Lee <davjlee@google.com>
Co-authored-by: Rita Zhang <rita.z.zhang@gmail.com>
  • Loading branch information
David-Jaeyoon-Lee and ritazh authored Jul 30, 2024
1 parent bd96c52 commit 9fff28f
Showing 1 changed file with 5 additions and 3 deletions.
8 changes: 5 additions & 3 deletions pkg/readiness/ready_tracker.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@ package readiness

import (
"context"
"flag"
"fmt"
"net/http"
"sync"
Expand Down Expand Up @@ -46,7 +45,9 @@ import (

var log = logf.Log.WithName("readiness-tracker")

var crashOnFailureFetchingExpectations = flag.Bool("crash-on-failure-fetching-expectations", false, "Unless set (defaults to false), gatekeeper will ignore errors that occur when gathering expectations. This prevents bootstrapping errors from crashing Gatekeeper at the cost of increasing the risk Gatekeeper will under-enforce policy by serving before it has loaded in all policies. Enabling this will help prevent under-enforcement at the risk of crashing during startup for issues like network errors. Note that enabling this flag currently does not achieve the aforementioned effect since fetching expectations are set to retry until success so failures during fetching expectations currently do not occur.")
// TODO: Uncomment the flag and deleted the boolean constant when we support retry limits (currently the value of the flag is moot without a retry limit since failure won't happen due to unlimited retries)
// var crashOnFailureFetchingExpectations = flag.Bool("crash-on-failure-fetching-expectations", false, "Unless set (defaults to false), gatekeeper will ignore errors when gathering expectations. This prevents bootstrapping errors from crashing Gatekeeper at the cost of increasing the risk Gatekeeper will under-enforce policy. Enabling this will help prevent under-enforcement at the risk of crashing during startup. Note that enabling this flag currently does not achieve the aforementioned effect since fetching expectations will retry until success.")
const crashOnFailureFetchingExpectations = false

const (
constraintGroup = "constraints.gatekeeper.sh"
Expand Down Expand Up @@ -90,7 +91,8 @@ type Tracker struct {

// NewTracker creates a new Tracker and initializes the internal trackers.
func NewTracker(lister Lister, mutationEnabled, externalDataEnabled, expansionEnabled bool) *Tracker {
return newTracker(lister, mutationEnabled, externalDataEnabled, expansionEnabled, *crashOnFailureFetchingExpectations, nil, nil)
// TODO: Dereference crashOnFailureFetchingExpectations when we change crashOnFailureFetchingExpectations to a flag
return newTracker(lister, mutationEnabled, externalDataEnabled, expansionEnabled, crashOnFailureFetchingExpectations, nil, nil)
}

func newTracker(lister Lister, mutationEnabled, externalDataEnabled, expansionEnabled bool, crashOnFailure bool, trackListerPredicateOverride retryPredicate, fn objDataFactory) *Tracker {
Expand Down

0 comments on commit 9fff28f

Please sign in to comment.