From 320c57291dbe06e00e0759bdb5cbbf0d622e5968 Mon Sep 17 00:00:00 2001
From: Jimmy Lipham <Compy@users.noreply.github.com>
Date: Tue, 6 May 2025 16:28:38 -0500
Subject: [PATCH] =?UTF-8?q?admin:=20Make=20sure=20that=20any=20admin=20rou?=
 =?UTF-8?q?ters=20are=20provisioned=20when=20local/re=E2=80=A6=20(#6997)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* admin: Make sure that any admin routers are provisioned when local/remote admin servers are replaced at runtime.

* admin: check for provisioning errors during admin server replacements
---
 admin.go | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/admin.go b/admin.go
index 244c7d719..45bd574a1 100644
--- a/admin.go
+++ b/admin.go
@@ -424,6 +424,13 @@ func replaceLocalAdminServer(cfg *Config, ctx Context) error {
 
 	handler := cfg.Admin.newAdminHandler(addr, false, ctx)
 
+	// run the provisioners for loaded modules to make sure local
+	// state is properly re-initialized in the new admin server
+	err = cfg.Admin.provisionAdminRouters(ctx)
+	if err != nil {
+		return err
+	}
+
 	ln, err := addr.Listen(context.TODO(), 0, net.ListenConfig{})
 	if err != nil {
 		return err
@@ -545,6 +552,13 @@ func replaceRemoteAdminServer(ctx Context, cfg *Config) error {
 	// because we are using TLS authentication instead
 	handler := cfg.Admin.newAdminHandler(addr, true, ctx)
 
+	// run the provisioners for loaded modules to make sure local
+	// state is properly re-initialized in the new admin server
+	err = cfg.Admin.provisionAdminRouters(ctx)
+	if err != nil {
+		return err
+	}
+
 	// create client certificate pool for TLS mutual auth, and extract public keys
 	// so that we can enforce access controls at the application layer
 	clientCertPool := x509.NewCertPool()