Merged
Conversation
- Do not cancel ongoing refresh - Better logging in case of error
r0mant
reviewed
Jan 29, 2026
r0mant
reviewed
Jan 29, 2026
espadolini
reviewed
Jan 29, 2026
Comment on lines
+33
to
+35
| const ( | ||
| requestTimeout = 30 * time.Second | ||
| ) |
Contributor
There was a problem hiding this comment.
Do we need to add a timeout here? It's always better to let the caller do this IMO.
Contributor
Author
There was a problem hiding this comment.
I don't agree, I don't trust the caller to set a deadline and I don't want this to hang. I'm still honouring the caller's context by cancelling when they want, but I don't see why this should be the caller's responsibility to be sure my HTTP client will not block infinitely.
Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
espadolini
approved these changes
Jan 30, 2026
tigrato
approved these changes
Jan 30, 2026
Contributor
There was a problem hiding this comment.
Should we also prevent multiple replicas of auth server trying to refresh the same plugin/credentials?
from my understanding, every auth server replica runs the slack plugin and tries to revalidate the credentials
It also seems the case that the plugin manager shutsdown every single plugin on credentials refresh as per:
- https://github.com/gravitational/teleport.e/blob/51394a756619197fedd762a5726e1f0bfde7d0a9/lib/plugins/manager.go#L331-L333
- https://github.com/gravitational/teleport.e/blob/51394a756619197fedd762a5726e1f0bfde7d0a9/lib/plugins/instance/instance.go#L33-L36
This means that after the first update, all plugins will eventually synchronize and refresh the credentials at the same time
public-teleport-github-review-bot
bot
removed the request for review
from bernardjkim
r0mant
approved these changes
Jan 30, 2026
Contributor
|
@hugoShaka See the table below for backport results.
|
hugoShaka
added a commit
that referenced
this pull request
Jan 30, 2026
* Slack plugin hardening - Do not cancel ongoing refresh - Better logging in case of error * fixup! Slack plugin hardening * fixup! fixup! Slack plugin hardening * Apply suggestions from code review Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> * address feedback * fixup! address feedback --------- Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
hugoShaka
added a commit
that referenced
this pull request
Jan 30, 2026
* Slack plugin hardening - Do not cancel ongoing refresh - Better logging in case of error * fixup! Slack plugin hardening * fixup! fixup! Slack plugin hardening * Apply suggestions from code review Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> * address feedback * fixup! address feedback --------- Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
github-merge-queue bot
pushed a commit
that referenced
this pull request
Jan 30, 2026
* Slack plugin hardening - Do not cancel ongoing refresh - Better logging in case of error * fixup! Slack plugin hardening * fixup! fixup! Slack plugin hardening * Apply suggestions from code review * address feedback * fixup! address feedback --------- Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR improves how we handle issues during Slack token renewal, or renewal during shutdown. It makes sure we try everything possible to finish the renewal. The server can still crash/be ungracefully terminated, but at least we support graceful termination better.
Twin
ePR: https://github.com/gravitational/teleport.e/pull/7951This PR does the following changes:
More context in Slack:
Changelog: Improved robustness of the Slack hosted plugin to reduce the likeliness of failed token refresh when experiencing external disruption.