fixup! refactor: simplify OCI auth error handling

cappyzawa · cappyzawa · commit 3e8216931b89 · 2025-06-21T21:11:03.000+09:00
Signed-off-by: cappyzawa &lt;cappyzawa@gmail.com&gt;
diff --git a/internal/controller/ocirepository_controller.go b/internal/controller/ocirepository_controller.go
@@ -365,7 +365,7 @@ func (r *OCIRepositoryReconciler) reconcileSource(ctx context.Context, sp *patch
 		return sreconcile.ResultEmpty, e
 	}
 
-	if _, ok := keychain.(soci.Anonymous); obj.Spec.Provider != sourcev1.GenericOCIProvider && ok {
+	if _, ok := keychain.(soci.Anonymous); obj.Spec.Provider != "" && obj.Spec.Provider != sourcev1.GenericOCIProvider && ok {
 		var opts []auth.Option
 		if obj.Spec.ServiceAccountName != "" {
 			// Check object-level workload identity feature gate.
diff --git a/internal/helm/getter/client_opts.go b/internal/helm/getter/client_opts.go
@@ -134,7 +134,7 @@ func GetClientOpts(ctx context.Context, c client.Client, obj *sourcev1.HelmRepos
 				return nil, "", fmt.Errorf("failed to configure login options: %w", err)
 			}
 		}
-	} else if obj.Spec.Provider != sourcev1.GenericOCIProvider && obj.Spec.Type == sourcev1.HelmRepositoryTypeOCI && ociRepo {
+	} else if p := obj.Spec.Provider; p != "" && p != sourcev1.GenericOCIProvider && obj.Spec.Type == sourcev1.HelmRepositoryTypeOCI && ociRepo {
 		authenticator, authErr := soci.OIDCAuth(ctx, obj.Spec.URL, obj.Spec.Provider)
 		if authErr != nil {
 			return nil, "", fmt.Errorf("failed to get credential from '%s': %w", obj.Spec.Provider, authErr)

Original file line number	Diff line number	Diff line change
`@@ -365,7 +365,7 @@ func (r OCIRepositoryReconciler) reconcileSource(ctx context.Context, sp patch`
`365`	`365`	`return sreconcile.ResultEmpty, e`
`366`	`366`	`}`
`367`	`367`
`368`		`- if _, ok := keychain.(soci.Anonymous); obj.Spec.Provider != sourcev1.GenericOCIProvider && ok {`
	`368`	`+ if _, ok := keychain.(soci.Anonymous); obj.Spec.Provider != "" && obj.Spec.Provider != sourcev1.GenericOCIProvider && ok {`
`369`	`369`	`var opts []auth.Option`
`370`	`370`	`if obj.Spec.ServiceAccountName != "" {`
`371`	`371`	`// Check object-level workload identity feature gate.`
Original file line number	Diff line number	Diff line change
`@@ -134,7 +134,7 @@ func GetClientOpts(ctx context.Context, c client.Client, obj *sourcev1.HelmRepos`
`134`	`134`	`return nil, "", fmt.Errorf("failed to configure login options: %w", err)`
`135`	`135`	`}`
`136`	`136`	`}`
`137`		`- } else if obj.Spec.Provider != sourcev1.GenericOCIProvider && obj.Spec.Type == sourcev1.HelmRepositoryTypeOCI && ociRepo {`
	`137`	`+ } else if p := obj.Spec.Provider; p != "" && p != sourcev1.GenericOCIProvider && obj.Spec.Type == sourcev1.HelmRepositoryTypeOCI && ociRepo {`
`138`	`138`	`authenticator, authErr := soci.OIDCAuth(ctx, obj.Spec.URL, obj.Spec.Provider)`
`139`	`139`	`if authErr != nil {`
`140`	`140`	`return nil, "", fmt.Errorf("failed to get credential from '%s': %w", obj.Spec.Provider, authErr)`