Add reason text to ReadyToRequest function

Signed-off-by: James Munnelly <[email protected]>

Author: munnerz

driver/nodeserver.go

@@ -89,13 +89,19 @@ func (ns *nodeServer) NodePublishVolume(ctx context.Context, req *csi.NodePublis
 	// already. This allows implementors to defer actually requesting certificates
 	// until later in the pod lifecycle (e.g. after CNI has run & an IP address has been
 	// allocated, if a user wants to embed pod IPs into their requests).
-	isReadyToRequest := ns.manager.IsVolumeReadyToRequest(req.GetVolumeId())
+	isReadyToRequest, reason := ns.manager.IsVolumeReadyToRequest(req.GetVolumeId())
+	if !isReadyToRequest {
+		log.Info("Unable to request a certificate right now, will be retried", "reason", reason)
+	}
 	if isReadyToRequest || !ns.continueOnNotReady {
+		log.Info("Waiting for certificate to be issued...")
 		if err := wait.PollUntil(time.Second, func() (done bool, err error) {
 			return ns.manager.IsVolumeReady(req.GetVolumeId()), nil
 		}, ctx.Done()); err != nil {
 			return nil, err
 		}
+	} else {
+		log.Info("Skipping waiting for certificate to be issued")
 	}
 
 	log.Info("Volume ready for mounting")

manager/interfaces.go

@@ -95,8 +95,8 @@ type ClientForMetadataFunc func(meta metadata.Metadata) (cmclient.Interface, err
 // This can be used to 'defer' fetching until later pod initialization events have
 // happened (e.g. CNI has allocated an IP if you want to embed a pod IP into the certificate
 // request resources).
-type ReadyToRequestFunc func(meta metadata.Metadata) bool
+type ReadyToRequestFunc func(meta metadata.Metadata) (bool, string)
 
-func AlwaysReadyToRequest(_ metadata.Metadata) bool {
-	return true
+func AlwaysReadyToRequest(_ metadata.Metadata) (bool, string) {
+	return true, ""
 }

manager/manager.go

@@ -258,8 +258,8 @@ func (m *Manager) issue(volumeID string) error {
 	}
 	log.V(2).Info("Read metadata", "metadata", meta)
 
-	if !m.readyToRequest(meta) {
-		return fmt.Errorf("driver is not ready to request a certificate for this volume")
+	if ready, reason := m.readyToRequest(meta); !ready {
+		return fmt.Errorf("driver is not ready to request a certificate for this volume: %v", reason)
 	}
 
 	key, err := m.generatePrivateKey(meta)
@@ -536,11 +536,11 @@ func (m *Manager) UnmanageVolume(volumeID string) {
 	}
 }
 
-func (m *Manager) IsVolumeReadyToRequest(volumeID string) bool {
+func (m *Manager) IsVolumeReadyToRequest(volumeID string) (bool, string) {
 	meta, err := m.metadataReader.ReadMetadata(volumeID)
 	if err != nil {
 		m.log.Error(err, "failed to read metadata", "volume_id", volumeID)
-		return false
+		return false, ""
 	}
 
 	return m.readyToRequest(meta)

test/integration/ready_to_request_test.go

@@ -39,7 +39,7 @@ import (
 	testutil "github.com/cert-manager/csi-lib/test/util"
 )
 
-func TestCompletesIfNotReadyToRequest(t *testing.T) {
+func Test_CompletesIfNotReadyToRequest_ContinueOnNotReadyEnabled(t *testing.T) {
 	store := storage.NewMemoryFS()
 	clock := fakeclock.NewFakeClock(time.Now())
 
@@ -48,13 +48,13 @@ func TestCompletesIfNotReadyToRequest(t *testing.T) {
 		Store:              store,
 		Clock:              clock,
 		ContinueOnNotReady: true,
-		ReadyToRequest: func(meta metadata.Metadata) bool {
+		ReadyToRequest: func(meta metadata.Metadata) (bool, string) {
 			if calls < 1 {
 				calls++
-				return false
+				return false, "calls < 1"
 			}
 			// only indicate we are ready after issuance has been attempted 1 time
-			return calls == 1
+			return calls == 1, "calls == 1"
 		},
 		GeneratePrivateKey: func(meta metadata.Metadata) (crypto.PrivateKey, error) {
 			return nil, nil
@@ -133,8 +133,8 @@ func TestFailsIfNotReadyToRequest_ContinueOnNotReadyDisabled(t *testing.T) {
 		Store:              store,
 		Clock:              clock,
 		ContinueOnNotReady: false,
-		ReadyToRequest: func(meta metadata.Metadata) bool {
-			return false
+		ReadyToRequest: func(meta metadata.Metadata) (bool, string) {
+			return false, "never ready"
 		},
 		GeneratePrivateKey: func(meta metadata.Metadata) (crypto.PrivateKey, error) {
 			return nil, nil