Hot reload of HCLOUD_TOKEN, ROBOT_USER and ROBOT_PASSWORD

[guettli]

TL;DR

Currently, the CCM does not notice when the secret containing HCLOUD_TOKEN, ROBOT_USER, and ROBOT_PASSWORD is changed.

A user would need to reload the CCM, or use a workaround like stakater/Reloader, which automates reloading.

Aside from this workaround, we (Syself) think automatic reloading would be nice. It works in our CCM, but we want to switch to your CCM.

Would you accept a PR that implements hot reloading?

Expected behavior

When the secret containing credentials changes, the controller should use the new values (without the need for a manual reload).

[jooola]

Implementation note: Consider using the SIGHUP signal to trigger a reload.

[lukasmetzner]

Hey @guettli,

Thanks for the proposal. The feature request sounds reasonable to me and we would accept the PR. If you are interested, you could also update our Helm chart to switch from HCLOUD_TOKEN to HCLOUD_TOKEN_FILE by default.

[guettli]

@lukasmetzner thank you. Now we need to think about the implementation. I see three different ways:

• option1: If the secret got changes, terminate the process and restart.
• option2: Read mounted secrets (not env vars), and watch changes via inotify. I did that for the Syself ccm and it was more work than I initially estimated.
• option3: Everytime the secret gets used, it gets read from the mounted secret. Sound like "slow", but this only needs some milliseconds. Linux has the file buffered.

Currently I would prefer option3, but it currently does not work:

hcloud-go client.go:

// NewRequest creates an HTTP request against the API. The returned request
// is assigned with ctx and has all necessary headers set (auth, user agent, etc.).
func (c *Client) NewRequest(ctx context.Context, method, path string, body io.Reader) (*http.Request, error) {
	url := c.endpoint + path
	req, err := http.NewRequestWithContext(ctx, method, url, body)
	if err != nil {
		return nil, err
	}
	req.Header.Set("User-Agent", c.userAgent)
	req.Header.Set("Accept", "application/json")

	if !c.tokenValid {
		return nil, errors.New("authorization token contains invalid characters")
	} else if c.token != "" {
		req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", c.token))
	}

	if body != nil {
		req.Header.Set("Content-Type", "application/json")
	}
	return req, nil
}

If this method would use a function to get the token, then it would work to read the credentials eveytime again and again.

The hcloud client could be initialized with an (optional) function which returns a token.

@lukasmetzner what do you think about that? I am fine with opt2 and opt3. I would like to avoid restarting the ccm.

[lukasmetzner]

@guettli I agree, I don't think option 1 is the way to go. I would prefer option 2 in this case, especially if it is already working.

[guettli]

@lukasmetzner thank you for the feedback. I will work on a PR.