admin: Make sure that any admin routers are provisioned when local/re… (#6997)

* admin: Make sure that any admin routers are provisioned when local/remote admin servers are replaced at runtime. * admin: check for provisioning errors during admin server replacements
2025-05-23 17:52:26 -04:00 · 2025-05-06 16:28:38 -05:00 · 2025-05-06 16:28:38 -05:00 · 320c57291d
commit 320c57291d
parent aa3d20be3e
1 changed files with 14 additions and 0 deletions
--- a/admin.go
+++ b/admin.go
@ -424,6 +424,13 @@ func replaceLocalAdminServer(cfg *Config, ctx Context) error {

 	handler := cfg.Admin.newAdminHandler(addr, false, ctx)

+	// run the provisioners for loaded modules to make sure local
+	// state is properly re-initialized in the new admin server
+	err = cfg.Admin.provisionAdminRouters(ctx)
+	if err != nil {
+		return err
+	}
+
 	ln, err := addr.Listen(context.TODO(), 0, net.ListenConfig{})
 	if err != nil {
 		return err
@ -545,6 +552,13 @@ func replaceRemoteAdminServer(ctx Context, cfg *Config) error {
 	// because we are using TLS authentication instead
 	handler := cfg.Admin.newAdminHandler(addr, true, ctx)

+	// run the provisioners for loaded modules to make sure local
+	// state is properly re-initialized in the new admin server
+	err = cfg.Admin.provisionAdminRouters(ctx)
+	if err != nil {
+		return err
+	}
+
 	// create client certificate pool for TLS mutual auth, and extract public keys
 	// so that we can enforce access controls at the application layer
 	clientCertPool := x509.NewCertPool()