vault: reset token TTL to 0 when renewing token

This commit resets the token TTL to zero once we start another re-authentication attempt. The reason is that if we fail to re-authenticate, we should not wait again for 80% of the prev. token TTL but instead re-authenticate right away. Signed-off-by: Andreas Auernhammer <[email protected]>
minio · Jan 13, 2025 · 1b15621 · 1b15621
1 parent 4945c09
commit 1b15621
Show file tree

Hide file tree

Showing 2 changed files with 1 addition and 0 deletions.
diff --git a/internal/keystore/vault/client.go b/internal/keystore/vault/client.go
@@ -196,6 +196,7 @@ func (c *client) RenewToken(ctx context.Context, authenticate authFunc, secret *
 		}
 
 		renewIn := 80 * (ttl / 100) // Renew token after 80% of its TTL has passed
+		ttl = 0                     // Set TTL to zero to trigger an immediate re-authentication in case of auth failure
 		select {
 		case <-ctx.Done():
 			return

diff --git a/kes-linux-amd64 b/kes-linux-amd64