manager: server: deny dynamic changes off /cache/garbage-collector/* config

diff --git a/python/knot_resolver/manager/server.py b/python/knot_resolver/manager/server.py
index d99b411c55ae094b158ea9db2e49ecacba91c44e..509f8996ac93abd03e3a49db9e0a8c6ecf476255 100644 (file)
--- a/python/knot_resolver/manager/server.py
+++ b/python/knot_resolver/manager/server.py
@@ -118,6 +118,16 @@ class Server:
             )
         return Result.ok(None)
 
+    async def _deny_cache_garbage_collector_changes(
+        self, config_old: KresConfig, config_new: KresConfig, _force: bool = False
+    ) -> Result[None, str]:
+        if config_old.cache.garbage_collector != config_new.cache.garbage_collector:
+            return Result.err(
+                "/cache/garbage-collector/*: Changing configuration dynamically is not allowed."
+                " To change this configuration, you must edit the configuration file and restart the entire resolver."
+            )
+        return Result.ok(None)
+
     async def _reload_config(self, force: bool = False) -> None:
         if self._config_path is None:
             logger.warning("The manager was started with inlined configuration - can't reload")
@@ -184,6 +194,7 @@ class Server:
         self._setup_routes()
         await self.runner.setup()
         await self.config_store.register_verifier(self._deny_management_changes)
+        await self.config_store.register_verifier(self._deny_cache_garbage_collector_changes)
         await self.config_store.register_on_change_callback(self._reconfigure)
 
     async def wait_for_shutdown(self) -> None: