comms: retry mas token for room cleanup

2026-01-08 04:29:29 -03:00 · 2026-01-08 04:29:29 -03:00 · 31ca499c04
commit 31ca499c04
parent 52df8094f5
1 changed files with 17 additions and 8 deletions
--- a/services/comms/bstein-force-leave-job.yaml
+++ b/services/comms/bstein-force-leave-job.yaml
@ -2,7 +2,7 @@
 apiVersion: batch/v1
 kind: Job
 metadata:
-  name: bstein-leave-rooms-2
+  name: bstein-leave-rooms-3
  namespace: comms
 spec:
  backoffLimit: 0
@ -50,6 +50,7 @@ spec:
              import urllib.error
              import urllib.parse
              import urllib.request
              import time
              MAS_ADMIN_CLIENT_ID = os.environ["MAS_ADMIN_CLIENT_ID"]
              MAS_ADMIN_CLIENT_SECRET_FILE = os.environ["MAS_ADMIN_CLIENT_SECRET_FILE"]
@ -87,6 +88,8 @@ spec:
                      except Exception:
                          payload = None
                      return e.code, payload
                  except urllib.error.URLError:
                      return 0, None
              with open(MAS_ADMIN_CLIENT_SECRET_FILE, "r", encoding="utf-8") as f:
                  mas_admin_client_secret = f.read().strip()
@ -94,13 +97,19 @@ spec:
                  raise RuntimeError("MAS admin client secret file is empty")
              basic = base64.b64encode(f"{MAS_ADMIN_CLIENT_ID}:{mas_admin_client_secret}".encode()).decode()
-              token_status, token_payload = http_json(
+              token_status = 0
-                  "POST",
+              token_payload = None
-                  MAS_TOKEN_URL,
+              for attempt in range(1, 6):
-                  headers={"Authorization": f"Basic {basic}"},
+                  token_status, token_payload = http_json(
-                  form={"grant_type": "client_credentials", "scope": "urn:mas:admin"},
+                      "POST",
-                  timeout=30,
+                      MAS_TOKEN_URL,
-              )
+                      headers={"Authorization": f"Basic {basic}"},
                      form={"grant_type": "client_credentials", "scope": "urn:mas:admin"},
                      timeout=30,
                  )
                  if token_status == 200 and token_payload and "access_token" in token_payload:
                      break
                  time.sleep(attempt * 2)
              if token_status != 200 or not token_payload or "access_token" not in token_payload:
                  raise RuntimeError(f"MAS admin token request failed (HTTP {token_status})")
              mas_admin_token = token_payload["access_token"]