Merge pull request #536 from vmware-tanzu/secret-deletion-not-found-flake
Do not error when trying to delete the TLS secret and you get a not found
This commit is contained in:
commit
dc510792c4
@ -781,6 +781,12 @@ func (c *impersonatorConfigController) ensureTLSSecretIsRemoved(ctx context.Cont
|
||||
"secret", c.tlsSecretName,
|
||||
"namespace", c.namespace)
|
||||
err = c.k8sClient.CoreV1().Secrets(c.namespace).Delete(ctx, c.tlsSecretName, metav1.DeleteOptions{})
|
||||
notFound := k8serrors.IsNotFound(err)
|
||||
if notFound {
|
||||
// its okay if we tried to delete and we got a not found error. This probably means
|
||||
// another instance of the concierge got here first so there's nothing to delete.
|
||||
return nil
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -2203,6 +2203,25 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
||||
})
|
||||
})
|
||||
|
||||
when("deleting the tls secret when informer and api are out of sync", func() {
|
||||
it.Before(func() {
|
||||
addNodeWithRoleToTracker("control-plane", kubeAPIClient)
|
||||
addSecretToTrackers(newEmptySecret(tlsSecretName), kubeInformerClient)
|
||||
addImpersonatorConfigMapToTracker(configMapResourceName, "{mode: disabled}", kubeInformerClient)
|
||||
})
|
||||
|
||||
it("does not pass the not found error through", func() {
|
||||
startInformersAndController()
|
||||
r.NoError(runControllerSync())
|
||||
requireTLSServerWasNeverStarted()
|
||||
r.Len(kubeAPIClient.Actions(), 2)
|
||||
requireNodesListed(kubeAPIClient.Actions()[0])
|
||||
requireTLSSecretWasDeleted(kubeAPIClient.Actions()[1])
|
||||
requireCredentialIssuer(newManuallyDisabledStrategy())
|
||||
requireSigningCertProviderIsEmpty()
|
||||
})
|
||||
})
|
||||
|
||||
when("the PEM formatted data in the TLS Secret is not a valid cert", func() {
|
||||
it.Before(func() {
|
||||
addSecretToTrackers(signingCASecret, kubeInformerClient)
|
||||
|
Loading…
Reference in New Issue
Block a user