Fix segv due to bad initialization

Author: Noor Malik

main.go

@@ -13,6 +13,7 @@ import (
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
 	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/heptiolabs/healthcheck"
 	log "github.com/sirupsen/logrus"
 	"github.com/zalando-incubator/kube-aws-iam-controller/pkg/clientset"
 	kingpin "gopkg.in/alecthomas/kingpin.v2"
@@ -106,13 +107,16 @@ func main() {
 
 	podsEventCh := make(chan *PodEvent, config.EventQueueSize)
 
+	healthReporter := healthcheck.NewHandler()
+
 	controller := NewSecretsController(
 		client,
 		config.Namespace,
 		config.Interval,
 		config.RefreshLimit,
 		credsGetter,
 		podsEventCh,
+		healthReporter,
 	)
 
 	podWatcher := NewPodWatcher(client, config.Namespace, podsEventCh)
@@ -130,7 +134,11 @@ func main() {
 	go awsIAMRoleController.Run(ctx)
 
 	podWatcher.Run(ctx)
-	go serveHealthz(controller, healthEndpointAddress)
+	go serveHealthz(healthEndpointAddress)
+
+	// Add the liveness endpoint at /healthz
+	http.HandleFunc("/healthz", controller.healthReporter.LiveEndpoint)
+
 	controller.Run(ctx)
 }
 
@@ -144,12 +152,11 @@ func handleSigterm(cancelFunc func()) {
 }
 
 // serve the HTTP endpoint for livenessProbe
-func serveHealthz(controller *SecretsController, address string) {
-	// Add the liveness endpoint at /healthz
-	http.Handle("/healthz", controller.HealthReporter)
+func serveHealthz(address string) {
+	println("Endpoint is live!")
 
 	// Start the HTTP server
-	err := http.ListenAndServe(address, controller.HealthReporter)
+	err := http.ListenAndServe(address, nil)
 	if err != nil {
 		log.Error(err)
 	}

secrets_controller.go

@@ -49,7 +49,7 @@ type SecretsController struct {
 	roleStore      *RoleStore
 	podEvents      <-chan *PodEvent
 	namespace      string
-	HealthReporter healthcheck.Handler
+	healthReporter healthcheck.Handler
 }
 
 // ProcessCredentials defines the format expected from process credentials.
@@ -63,15 +63,16 @@ type ProcessCredentials struct {
 }
 
 // NewSecretsController initializes a new SecretsController.
-func NewSecretsController(client kubernetes.Interface, namespace string, interval, refreshLimit time.Duration, creds CredentialsGetter, podEvents <-chan *PodEvent) *SecretsController {
+func NewSecretsController(client kubernetes.Interface, namespace string, interval, refreshLimit time.Duration, creds CredentialsGetter, podEvents <-chan *PodEvent, healthReporter healthcheck.Handler) *SecretsController {
 	return &SecretsController{
-		client:       client,
-		interval:     interval,
-		refreshLimit: refreshLimit,
-		creds:        creds,
-		roleStore:    NewRoleStore(),
-		podEvents:    podEvents,
-		namespace:    namespace,
+		client:         client,
+		interval:       interval,
+		refreshLimit:   refreshLimit,
+		creds:          creds,
+		roleStore:      NewRoleStore(),
+		podEvents:      podEvents,
+		namespace:      namespace,
+		healthReporter: healthReporter,
 	}
 }
 
@@ -115,12 +116,13 @@ func (c *SecretsController) getCreds(role string) (map[string][]byte, error) {
 // Run runs the secret controller loop. This will refresh secrets with AWS IAM
 // roles.
 func (c *SecretsController) Run(ctx context.Context) {
+	println("Controller is running!")
 	// Defining the liveness check
 	var nextRefresh time.Time
 
 	// If the controller hasn't refreshed credentials in a while, fail liveness
-	c.HealthReporter.AddLivenessCheck("nextRefresh", func() error {
-		if time.Since(nextRefresh) > 5*c.interval {
+	c.healthReporter.AddLivenessCheck("nextRefresh", func() error {
+		if time.Since(nextRefresh) > 5*(c.interval) {
 			return fmt.Errorf("nextRefresh too old")
 		}
 		return nil

secrets_controller_test.go

@@ -5,6 +5,7 @@ import (
 	"testing"
 	"time"
 
+	"github.com/heptiolabs/healthcheck"
 	"github.com/stretchr/testify/require"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -164,6 +165,7 @@ func TestRefresh(tt *testing.T) {
 					},
 				},
 				make(chan *PodEvent, 1),
+				healthcheck.NewHandler(),
 			)
 
 			// setup secrets