Add better handling for secrets #56

anbaig · 2024-06-28T19:51:26Z

Issue #, if available:

Description of changes:

Before you would get validation exceptions if the secrets were empty in the activation resource, it was slightly confusing to see so I replaced it with a message that informs the user the requeuing is happening because the secret contains no data
The certificate resource could fail to delete if the secret it was referring to was deleted first. The manager would try to reconcile the certificate and find the secret is gone and it would get stuck in a terminal loop. Fixed this by allowing a requeue if the secret no longer exists. Eventually the delete will go through instead of hanging.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

ack-prow · 2024-06-28T19:51:30Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: anbaig

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

ndbhat · 2024-06-28T20:29:40Z

templates/hooks/certificate_authority_activation/sdk_create_post_build_request.go.tpl

looks good! We should have tests for the empty secrets case

ndbhat · 2024-06-28T20:39:22Z

pkg/resource/certificate_authority_activation/sdk.go

Maybe need to requeue if the Secret cannot be written, after writeCertificateChainToSecret()

good call, will add that.

Add better handling for secrets

f9b0eea

ack-prow bot requested review from a-hilaly and ndbhat June 28, 2024 19:51

ack-prow bot added the approved label Jun 28, 2024

ndbhat reviewed Jun 28, 2024

View reviewed changes

Provide feedback