djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add log statement for when kube cert agent key has been loaded

Browse Source 
Because it makes things easier to debug on a real cluster
This commit is contained in:
Ryan Richard 2021-09-15 14:02:18 -07:00
parent efaca05999
commit bdcf468e52
2 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
internal/controller/kubecertagent/kubecertagent.go
View File

@ -356,6 +356,7 @@ func (c *agentController) loadSigningKey(agentPod *corev1.Pod) error {
if err := c.dynamicCertProvider.SetCertKeyContent(certPEM, keyPEM); err != nil { if err := c.dynamicCertProvider.SetCertKeyContent(certPEM, keyPEM); err != nil {
return fmt.Errorf("failed to set signing cert/key content from agent pod %s/%s: %w", agentPod.Namespace, agentPod.Name, err) return fmt.Errorf("failed to set signing cert/key content from agent pod %s/%s: %w", agentPod.Namespace, agentPod.Name, err)
} }
c.log.Info("successfully loaded signing key from agent pod into cache")
// Remember that we've successfully loaded the key from this pod so we can skip the exec+load if nothing has changed. // Remember that we've successfully loaded the key from this pod so we can skip the exec+load if nothing has changed.
c.execCache.Set(agentPod.UID, struct{}{}, 15*time.Minute) c.execCache.Set(agentPod.UID, struct{}{}, 15*time.Minute)

6
internal/controller/kubecertagent/kubecertagent_test.go
View File

@ -920,6 +920,9 @@ func TestAgentController(t *testing.T) {
wantDistinctErrors: []string{""}, wantDistinctErrors: []string{""},
wantAgentDeployment: healthyAgentDeployment, wantAgentDeployment: healthyAgentDeployment,
wantDeploymentActionVerbs: []string{"list", "watch"}, wantDeploymentActionVerbs: []string{"list", "watch"},
wantDistinctLogs: []string{
`kube-cert-agent-controller "level"=0 "msg"="successfully loaded signing key from agent pod into cache"`,
},
wantStrategy: &configv1alpha1.CredentialIssuerStrategy{ wantStrategy: &configv1alpha1.CredentialIssuerStrategy{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus, Status: configv1alpha1.SuccessStrategyStatus,
@ -951,6 +954,9 @@ func TestAgentController(t *testing.T) {
wantDistinctErrors: []string{""}, wantDistinctErrors: []string{""},
wantAgentDeployment: healthyAgentDeployment, wantAgentDeployment: healthyAgentDeployment,
wantDeploymentActionVerbs: []string{"list", "watch"}, wantDeploymentActionVerbs: []string{"list", "watch"},
wantDistinctLogs: []string{
`kube-cert-agent-controller "level"=0 "msg"="successfully loaded signing key from agent pod into cache"`,
},
wantStrategy: &configv1alpha1.CredentialIssuerStrategy{ wantStrategy: &configv1alpha1.CredentialIssuerStrategy{
Type: configv1alpha1.KubeClusterSigningCertificateStrategyType, Type: configv1alpha1.KubeClusterSigningCertificateStrategyType,
Status: configv1alpha1.SuccessStrategyStatus, Status: configv1alpha1.SuccessStrategyStatus,