From af098959b7e86b779ffb167614b6457334d83996 Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Thu, 5 Sep 2024 18:26:55 +0200 Subject: [PATCH] Update tls cert secret validation due VerifyCertSecrets() change Depends-On: https://github.com/openstack-k8s-operators/lib-common/pull/559 Jira: OSPRH-9991 Signed-off-by: Martin Schuppert --- api/go.mod | 3 +-- api/go.sum | 5 ++--- controllers/placementapi_controller.go | 28 ++++++++++++++++++-------- go.mod | 2 +- go.sum | 4 ++-- 5 files changed, 26 insertions(+), 16 deletions(-) diff --git a/api/go.mod b/api/go.mod index 952e095..db1e2fe 100644 --- a/api/go.mod +++ b/api/go.mod @@ -3,7 +3,7 @@ module github.com/openstack-k8s-operators/placement-operator/api go 1.20 require ( - github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240805121733-1c08e6b7e260 + github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6 k8s.io/api v0.28.13 k8s.io/apimachinery v0.28.13 sigs.k8s.io/controller-runtime v0.16.6 @@ -35,7 +35,6 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/onsi/ginkgo/v2 v2.20.1 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/prometheus/client_golang v1.18.0 // indirect github.com/prometheus/client_model v0.5.0 // indirect diff --git a/api/go.sum b/api/go.sum index 553d053..18dc9fc 100644 --- a/api/go.sum +++ b/api/go.sum @@ -64,10 +64,9 @@ github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjY github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/onsi/ginkgo/v2 v2.20.1 h1:YlVIbqct+ZmnEph770q9Q7NVAz4wwIiVNahee6JyUzo= -github.com/onsi/ginkgo/v2 v2.20.1/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI= github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= -github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240805121733-1c08e6b7e260 h1:kPGmAc65HRBbezF3u1t01Q1XcSLTzSPoxeoRSMIFZsE= -github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240805121733-1c08e6b7e260/go.mod h1:hCT/Ba8kRkRB23d07YEsCzELsYcJGpD/Uw4NDh+LD6w= +github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6 h1:VSbVNzUa41hybq/lZi0L8bNv/yzYyNylc8yKSEO+ZCA= +github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6/go.mod h1:6zxa5xg9uvpObVKFSJa/SA+vDDlgh0Q1aswxDB2XbxU= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= diff --git a/controllers/placementapi_controller.go b/controllers/placementapi_controller.go index 23f2cf4..a110c50 100644 --- a/controllers/placementapi_controller.go +++ b/controllers/placementapi_controller.go @@ -365,7 +365,7 @@ func (r *PlacementAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request // // Validate the CA cert secret if provided if instance.Spec.TLS.CaBundleSecretName != "" { - hash, ctrlResult, err := tls.ValidateCACertSecret( + hash, err := tls.ValidateCACertSecret( ctx, h.GetClient(), types.NamespacedName{ @@ -374,15 +374,21 @@ func (r *PlacementAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request }, ) if err != nil { + if k8s_errors.IsNotFound(err) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.TLSInputReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + fmt.Sprintf(condition.TLSInputReadyWaitingMessage, instance.Spec.TLS.CaBundleSecretName))) + return ctrl.Result{}, nil + } instance.Status.Conditions.Set(condition.FalseCondition( condition.TLSInputReadyCondition, condition.ErrorReason, condition.SeverityWarning, condition.TLSInputErrorMessage, err.Error())) - return ctrlResult, err - } else if (ctrlResult != ctrl.Result{}) { - return ctrlResult, nil + return ctrl.Result{}, err } if hash != "" { @@ -391,17 +397,23 @@ func (r *PlacementAPIReconciler) Reconcile(ctx context.Context, req ctrl.Request } // Validate API service certs secrets - certsHash, ctrlResult, err := instance.Spec.TLS.API.ValidateCertSecrets(ctx, h, instance.Namespace) + certsHash, err := instance.Spec.TLS.API.ValidateCertSecrets(ctx, h, instance.Namespace) if err != nil { + if k8s_errors.IsNotFound(err) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.TLSInputReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + fmt.Sprintf(condition.TLSInputReadyWaitingMessage, err.Error()))) + return ctrl.Result{}, nil + } instance.Status.Conditions.Set(condition.FalseCondition( condition.TLSInputReadyCondition, condition.ErrorReason, condition.SeverityWarning, condition.TLSInputErrorMessage, err.Error())) - return ctrlResult, err - } else if (ctrlResult != ctrl.Result{}) { - return ctrlResult, nil + return ctrl.Result{}, err } configMapVars[tls.TLSHashName] = env.SetValue(certsHash) diff --git a/go.mod b/go.mod index 879bce9..9d9a752 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/onsi/ginkgo/v2 v2.20.1 github.com/onsi/gomega v1.34.1 github.com/openstack-k8s-operators/keystone-operator/api v0.4.1-0.20240805143951-f89653cbca3a - github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240805121733-1c08e6b7e260 + github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6 github.com/openstack-k8s-operators/lib-common/modules/test v0.4.1-0.20240805121733-1c08e6b7e260 github.com/openstack-k8s-operators/mariadb-operator/api v0.4.1-0.20240806054339-a37564487c80 github.com/openstack-k8s-operators/placement-operator/api v0.3.1-0.20240216174613-3d349f26e681 diff --git a/go.sum b/go.sum index 2ac06ef..d6b149a 100644 --- a/go.sum +++ b/go.sum @@ -76,8 +76,8 @@ github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7 h1:rncLxJBpFGqBztyxC github.com/openshift/api v0.0.0-20230414143018-3367bc7e6ac7/go.mod h1:ctXNyWanKEjGj8sss1KjjHQ3ENKFm33FFnS5BKaIPh4= github.com/openstack-k8s-operators/keystone-operator/api v0.4.1-0.20240805143951-f89653cbca3a h1:EQQJH5QvvKFWV57m3To58UMvvvGFLDfxJ9TZWolgYIA= github.com/openstack-k8s-operators/keystone-operator/api v0.4.1-0.20240805143951-f89653cbca3a/go.mod h1:nAeWBizvWIMtbHEAzmIupqADriOF92V8MOox6doWupA= -github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240805121733-1c08e6b7e260 h1:kPGmAc65HRBbezF3u1t01Q1XcSLTzSPoxeoRSMIFZsE= -github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240805121733-1c08e6b7e260/go.mod h1:hCT/Ba8kRkRB23d07YEsCzELsYcJGpD/Uw4NDh+LD6w= +github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6 h1:VSbVNzUa41hybq/lZi0L8bNv/yzYyNylc8yKSEO+ZCA= +github.com/openstack-k8s-operators/lib-common/modules/common v0.4.1-0.20240905123813-174296c09ec6/go.mod h1:6zxa5xg9uvpObVKFSJa/SA+vDDlgh0Q1aswxDB2XbxU= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.4.1-0.20240805121733-1c08e6b7e260 h1:K+2TH5If/WR+ls92EYH6IcbWcLY15wlR1adGq/prA30= github.com/openstack-k8s-operators/lib-common/modules/openstack v0.4.1-0.20240805121733-1c08e6b7e260/go.mod h1:Z9QhWZexP9fYcZrBRI5rrcRwTh6LSsd5XB7NWzdphaE= github.com/openstack-k8s-operators/lib-common/modules/test v0.4.1-0.20240805121733-1c08e6b7e260 h1:DEuHAU+AXRuR767tmfGuz9A476IWICUs8fydffNhC3k=