ananke/internal/cluster/orchestrator_startup_vault.go

package cluster

import (
	"context"
	"fmt"
	"time"
)

// maybeRunEarlyVaultUnseal runs one orchestration or CLI step.
// Signature: (o *Orchestrator) maybeRunEarlyVaultUnseal(ctx context.Context).
// Why: gives startup a best-effort Vault recovery path when the API is already
// live, without consuming the hard startup failure path before workloads recover.
func (o *Orchestrator) maybeRunEarlyVaultUnseal(ctx context.Context) {
	if err := o.waitForAPI(ctx, 1, time.Second); err != nil {
		return
	}

	o.noteStartupCheckState("vault-unseal-early", "running", "best-effort early vault unseal while kubernetes api is already available")
	deferred, detail, err := o.ensureVaultUnsealedWhenRunnable(ctx)
	if err != nil {
		o.log.Printf("warning: early vault unseal deferred: %v", err)
		o.noteStartupAutoHeal(fmt.Sprintf("deferred early vault unseal: %v", err))
		return
	}
	if deferred {
		o.log.Printf("vault early unseal deferred: %s", detail)
		o.noteStartupAutoHeal(detail)
		return
	}
	o.noteStartupCheck("vault-unseal-early", true, "vault is already unsealed")
}

// runStartupVaultUnsealGate runs one orchestration or CLI step.
// Signature: (o *Orchestrator) runStartupVaultUnsealGate(ctx context.Context) error.
// Why: keeps the top-level startup flow readable while allowing Vault unseal to
// defer cleanly until critical workload recovery when the pod is not runnable yet.
func (o *Orchestrator) runStartupVaultUnsealGate(ctx context.Context) error {
	o.noteStartupCheckState("vault-unseal", "running", "ensuring vault is unsealed before startup gates")
	deferred, detail, err := o.ensureVaultUnsealedWhenRunnable(ctx)
	if err != nil {
		o.noteStartupCheck("vault-unseal", false, err.Error())
		return err
	}
	if deferred {
		o.log.Printf("vault unseal deferred until workload recovery: %s", detail)
		o.noteStartupAutoHeal(detail)
		o.noteStartupCheck("vault-unseal", true, detail)
		return nil
	}
	o.noteStartupCheck("vault-unseal", true, "vault is unsealed")
	return nil
}