4e559c6255
The volumewatcher that runs on the leader needs to make RPC calls rather than writing to raft (as we do in the deploymentwatcher) because the unpublish workflow needs to make RPC calls to the clients. This requires that the volumewatcher has access to the leader's ACL token. But when leadership transitions, the new leader creates a new leader ACL token. This ACL token needs to be passed into the volumewatcher when we enable it, otherwise the volumewatcher can find itself with a stale token.
4 lines
128 B
Plaintext
4 lines
128 B
Plaintext
```release-note:bug
|
|
csi: Fixed a bug where releasing volume claims would fail with ACL errors after leadership transitions.
|
|
```
|