From 9c56d767a3c5b1bf15e896048717a7cfffd1ac8d Mon Sep 17 00:00:00 2001
From: Joe Julian <me@joejulian.name>
Date: Tue, 17 Oct 2023 15:14:51 -0700
Subject: [PATCH] operator: add readiness check to Cluster statefulset

---
 src/go/k8s/pkg/resources/statefulset.go | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/go/k8s/pkg/resources/statefulset.go b/src/go/k8s/pkg/resources/statefulset.go
index b249cce000355..a2e4bec3c46e0 100644
--- a/src/go/k8s/pkg/resources/statefulset.go
+++ b/src/go/k8s/pkg/resources/statefulset.go
@@ -319,6 +319,20 @@ func (r *StatefulSetResource) obj(
 
 	tlsVolumes, tlsVolumeMounts := r.volumeProvider.Volumes()
 
+	rpkFlags := []string{}
+	u := fmt.Sprintf("%s://${POD_NAME}.%s:%d", r.pandaCluster.AdminAPIInternal().GetHTTPScheme(), r.serviceFQDN, r.pandaCluster.AdminAPIInternal().GetPort())
+	rpkFlags = append(rpkFlags, fmt.Sprintf("--api-urls %q", u))
+	if r.pandaCluster.AdminAPIInternal().GetTLS().Enabled {
+		rpkFlags = append(rpkFlags,
+			"--admin-api-tls-enabled",
+			fmt.Sprintf("--admin-api-tls-truststore %q", path.Join(resourcetypes.GetTLSMountPoints().AdminAPI.NodeCertMountDir, "tls.crt")))
+	}
+	if r.pandaCluster.AdminAPIInternal().GetTLS().RequireClientAuth {
+		rpkFlags = append(rpkFlags,
+			fmt.Sprintf("--tls-cert %q", path.Join(resourcetypes.GetTLSMountPoints().AdminAPI.ClientCAMountDir, "tls.crt")),
+			fmt.Sprintf("--tls-key %q", path.Join(resourcetypes.GetTLSMountPoints().AdminAPI.ClientCAMountDir, "tls.key")))
+	}
+
 	// We set statefulset replicas via status.currentReplicas in order to control it from the handleScaling function
 	replicas := r.pandaCluster.GetCurrentReplicas()
 
@@ -526,6 +540,13 @@ func (r *StatefulSetResource) obj(
 									ContainerPort: int32(r.pandaCluster.Spec.Configuration.RPCServer.Port),
 								},
 							}, r.getPorts()...),
+							ReadinessProbe: &corev1.Probe{
+								ProbeHandler: corev1.ProbeHandler{
+									Exec: &corev1.ExecAction{
+										Command: []string{"bash", "-xc", fmt.Sprintf("rpk cluster health %s| grep 'Healthy:.*true'", strings.Join(rpkFlags, " "))},
+									},
+								},
+							},
 							SecurityContext: &corev1.SecurityContext{
 								RunAsUser:  pointer.Int64(userID),
 								RunAsGroup: pointer.Int64(groupID),