While reviewing NodeReconciler, I noticed that errors from processNodeAgainstAllRules are logged internally but not returned from the reconcile loop.
Because Reconcile() still returns ctrl.Result{}, nil, transient failures such as API conflicts, patch failures, or temporary Kubernetes errors do not trigger automatic retries/requeueing by controller-runtime.
This can leave nodes in an inconsistent taint state until another unrelated update happens.
Suggested approach:
- aggregate evaluation errors instead of swallowing them
- return retryable errors from the reconcile loop so controller-runtime can handle requeue/backoff properly
While reviewing NodeReconciler, I noticed that errors from processNodeAgainstAllRules are logged internally but not returned from the reconcile loop.
Because Reconcile() still returns ctrl.Result{}, nil, transient failures such as API conflicts, patch failures, or temporary Kubernetes errors do not trigger automatic retries/requeueing by controller-runtime.
This can leave nodes in an inconsistent taint state until another unrelated update happens.
Suggested approach: