diff --git a/internal/controller/kubecertagent/kubecertagent.go b/internal/controller/kubecertagent/kubecertagent.go index a67b7f2c..c97f7877 100644 --- a/internal/controller/kubecertagent/kubecertagent.go +++ b/internal/controller/kubecertagent/kubecertagent.go @@ -356,6 +356,7 @@ func (c *agentController) loadSigningKey(agentPod *corev1.Pod) error { if err := c.dynamicCertProvider.SetCertKeyContent(certPEM, keyPEM); err != nil { return fmt.Errorf("failed to set signing cert/key content from agent pod %s/%s: %w", agentPod.Namespace, agentPod.Name, err) } + c.log.Info("successfully loaded signing key from agent pod into cache") // Remember that we've successfully loaded the key from this pod so we can skip the exec+load if nothing has changed. c.execCache.Set(agentPod.UID, struct{}{}, 15*time.Minute) diff --git a/internal/controller/kubecertagent/kubecertagent_test.go b/internal/controller/kubecertagent/kubecertagent_test.go index fc286d1f..cbcad11a 100644 --- a/internal/controller/kubecertagent/kubecertagent_test.go +++ b/internal/controller/kubecertagent/kubecertagent_test.go @@ -920,6 +920,9 @@ func TestAgentController(t *testing.T) { wantDistinctErrors: []string{""}, wantAgentDeployment: healthyAgentDeployment, wantDeploymentActionVerbs: []string{"list", "watch"}, + wantDistinctLogs: []string{ + `kube-cert-agent-controller "level"=0 "msg"="successfully loaded signing key from agent pod into cache"`, + }, wantStrategy: &configv1alpha1.CredentialIssuerStrategy{ Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Status: configv1alpha1.SuccessStrategyStatus, @@ -951,6 +954,9 @@ func TestAgentController(t *testing.T) { wantDistinctErrors: []string{""}, wantAgentDeployment: healthyAgentDeployment, wantDeploymentActionVerbs: []string{"list", "watch"}, + wantDistinctLogs: []string{ + `kube-cert-agent-controller "level"=0 "msg"="successfully loaded signing key from agent pod into cache"`, + }, wantStrategy: &configv1alpha1.CredentialIssuerStrategy{ Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Status: configv1alpha1.SuccessStrategyStatus,