[leader] retry guardian reconcile on failure, not just epoch change

0xsiddharthks · 0xsiddharthks · commit ab1cc5580d78 · 2026-05-27T22:06:22.000-07:00
Clearing last_guardian_reconcile_epoch when the reconcile task errors
keeps the original behavior of retrying a failed handoff on the next
checkpoint (e.g. transient guardian downtime), while a successful
reconcile still holds the gate until the hashi epoch advances.
diff --git a/crates/hashi/src/leader/mod.rs b/crates/hashi/src/leader/mod.rs
@@ -251,6 +251,12 @@ impl LeaderService {
                 }
                 Some(result) = OptionFuture::from(self.guardian_committee_reconcile_task.as_mut()) => {
                     self.guardian_committee_reconcile_task = None;
+                    // On failure, clear the epoch gate so the next tick retries
+                    // (e.g. transient guardian downtime); success holds the gate
+                    // until the hashi epoch advances again.
+                    if !matches!(&result, Ok(Ok(()))) {
+                        self.last_guardian_reconcile_epoch = None;
+                    }
                     Self::log_task_result("guardian_committee_reconcile", result);
                 }
 

Original file line number	Diff line number	Diff line change
`@@ -251,6 +251,12 @@ impl LeaderService {`
`251`	`251`	`}`
`252`	`252`	`Some(result) = OptionFuture::from(self.guardian_committee_reconcile_task.as_mut()) => {`
`253`	`253`	`self.guardian_committee_reconcile_task = None;`
	`254`	`+ // On failure, clear the epoch gate so the next tick retries`
	`255`	`+ // (e.g. transient guardian downtime); success holds the gate`
	`256`	`+ // until the hashi epoch advances again.`
	`257`	`+ if !matches!(&result, Ok(Ok(()))) {`
	`258`	`+ self.last_guardian_reconcile_epoch = None;`
	`259`	`+ }`
`254`	`260`	`Self::log_task_result("guardian_committee_reconcile", result);`
`255`	`261`	`}`
`256`	`262`