nil secrets as recoverable to keep renew attempts

2026-01-07 10:55:42 +03:00 · 2018-11-20 17:11:55 -05:00
parent 118300ae33
commit 3a57b9c2fe
1 changed files with 2 additions and 2 deletions
--- a/nomad/vault.go
+++ b/nomad/vault.go
@@ -583,15 +583,15 @@ func (v *vaultClient) renew() (bool, error) {
 	// Attempt to renew the token
 	secret, err := v.auth.RenewSelf(v.tokenData.CreationTTL)
 	if err != nil {
-
 		// Check if there is a permission denied
 		recoverable := !structs.VaultUnrecoverableError.MatchString(err.Error())
 		return recoverable, fmt.Errorf("failed to renew the vault token: %v", err)
 	}
+
 	if secret == nil {
 		// It's possible for RenewSelf to return (nil, nil) if the
 		// response body from Vault is empty.
-		return fmt.Errorf("renewal failed: empty response from vault")
+		return true, fmt.Errorf("renewal failed: empty response from vault")
 	}

 	// these treated as transient errors, where can keep renewing