From dda3a8dca41bad7001b4267e3517470186fea1f8 Mon Sep 17 00:00:00 2001
From: Michal Maslanka <michal@redpanda.com>
Date: Fri, 3 Feb 2023 12:17:01 +0100
Subject: [PATCH] s/cloud_roles: handling all exceptions in refresh credentials

When refreshing credentials we need to handle all possible exceptions
not to stop the credentials refresh loop. Previously any exception would
result in a situation where credential refresh loop stops and finally
credentials expire resulting in client reporting `ExpiredToken` error.

Signed-off-by: Michal Maslanka <michal@redpanda.com>
(cherry picked from commit 555ea8ca4ac3139288b489175bd1c51c487f584e)
---
 src/v/cloud_roles/refresh_credentials.cc | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/v/cloud_roles/refresh_credentials.cc b/src/v/cloud_roles/refresh_credentials.cc
index 49821d176941..5f919157c4d9 100644
--- a/src/v/cloud_roles/refresh_credentials.cc
+++ b/src/v/cloud_roles/refresh_credentials.cc
@@ -22,6 +22,8 @@
 #include <seastar/core/gate.hh>
 #include <seastar/core/loop.hh>
 
+#include <exception>
+
 namespace cloud_roles {
 
 /// These environment variables can be used to override the default hostname and
@@ -58,12 +60,16 @@ ss::future<> refresh_credentials::do_start() {
     return ss::do_until(
       [this] { return _gate.is_closed() || _as.abort_requested(); },
       [this] {
-          return fetch_and_update_credentials().handle_exception_type(
-            [](const ss::sleep_aborted& ex) {
+          return fetch_and_update_credentials()
+            .handle_exception_type([](const ss::sleep_aborted& ex) {
                 vlog(
                   clrl_log.info,
                   "stopping refresh_credentials loop: {}",
                   ex.what());
+            })
+            .handle_exception([this](const std::exception_ptr& ex) {
+                vlog(clrl_log.error, "error refreshing credentials: {}", ex);
+                _impl->increment_retries();
             });
       });
 }