Skip to content

Commit ebc9e38

Browse files
dmendizadmendiza
committed
Simplify verifyTLSInput function
Removed the Result object from the helper fuction return value and refactored to return the error (or nil) to let the calling reconcile function figure out what to do with the error. This restores the original logic that was modified by the initial refactor. Previous to this patch the reconcile functions would continue to execute when the TLS secret was not found.
1 parent 9b6ca98 commit ebc9e38

File tree

1 file changed

+22
-18
lines changed

1 file changed

+22
-18
lines changed

internal/controller/keystoneapi_controller.go

Lines changed: 22 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -817,11 +817,13 @@ func (r *KeystoneAPIReconciler) reconcileExternalKeystoneAPI(
817817
instance.Status.ReadyCount = 0
818818

819819
// Verify TLS input (CA cert secret if provided)
820-
ctrlResult, err = r.verifyTLSInput(ctx, instance, helper, configMapVars)
820+
err = r.verifyTLSInput(ctx, instance, helper, configMapVars)
821821
if err != nil {
822-
return ctrlResult, err
823-
} else if (ctrlResult != ctrl.Result{}) {
824-
return ctrlResult, nil
822+
if k8s_errors.IsNotFound(err) {
823+
// Don't return NotFound error to the caller
824+
return ctrl.Result{}, nil
825+
}
826+
return ctrl.Result{}, err
825827
}
826828
instance.Status.Conditions.MarkTrue(condition.TLSInputReadyCondition, condition.InputReadyMessage)
827829

@@ -907,7 +909,7 @@ func (r *KeystoneAPIReconciler) verifyTLSInput(
907909
instance *keystonev1.KeystoneAPI,
908910
helper *helper.Helper,
909911
configMapVars map[string]env.Setter,
910-
) (ctrl.Result, error) {
912+
) error {
911913
// Validate the CA cert secret if provided
912914
if instance.Spec.TLS.CaBundleSecretName != "" {
913915
hash, err := tls.ValidateCACertSecret(
@@ -928,15 +930,15 @@ func (r *KeystoneAPIReconciler) verifyTLSInput(
928930
condition.SeverityWarning,
929931
condition.TLSInputReadyWaitingMessage,
930932
instance.Spec.TLS.CaBundleSecretName))
931-
return ctrl.Result{}, nil
933+
} else {
934+
instance.Status.Conditions.Set(condition.FalseCondition(
935+
condition.TLSInputReadyCondition,
936+
condition.ErrorReason,
937+
condition.SeverityWarning,
938+
condition.TLSInputErrorMessage,
939+
err.Error()))
932940
}
933-
instance.Status.Conditions.Set(condition.FalseCondition(
934-
condition.TLSInputReadyCondition,
935-
condition.ErrorReason,
936-
condition.SeverityWarning,
937-
condition.TLSInputErrorMessage,
938-
err.Error()))
939-
return ctrl.Result{}, err
941+
return err
940942
}
941943

942944
if hash != "" {
@@ -946,7 +948,7 @@ func (r *KeystoneAPIReconciler) verifyTLSInput(
946948
}
947949
}
948950

949-
return ctrl.Result{}, nil
951+
return nil
950952
}
951953
func (r *KeystoneAPIReconciler) reconcileUpdate(ctx context.Context) (ctrl.Result, error) {
952954
Log := r.GetLogger(ctx)
@@ -1153,11 +1155,13 @@ func (r *KeystoneAPIReconciler) reconcileNormal(
11531155
// TLS input validation
11541156
//
11551157
// Verify TLS input (CA cert secret if provided)
1156-
ctrlResult, err = r.verifyTLSInput(ctx, instance, helper, configMapVars)
1158+
err = r.verifyTLSInput(ctx, instance, helper, configMapVars)
11571159
if err != nil {
1158-
return ctrlResult, err
1159-
} else if (ctrlResult != ctrl.Result{}) {
1160-
return ctrlResult, nil
1160+
if k8s_errors.IsNotFound(err) {
1161+
// Don't return NotFound error to the caller
1162+
return ctrl.Result{}, nil
1163+
}
1164+
return ctrl.Result{}, err
11611165
}
11621166

11631167
// Validate API service certs secrets

0 commit comments

Comments
 (0)