Skip to content

Commit

Permalink
fix: Add error handling for Permission Denied response
Browse files Browse the repository at this point in the history 
Signed-off-by: David Hondl <[email protected]>
  • Loading branch information
@KasnocknDave @MisterMX
KasnocknDave authored and MisterMX committed Oct 1, 2024
1 parent 1568f5c commit 0acaa90
Show file tree
Hide file tree
Showing 3 changed files with 54 additions and 27 deletions.
9 changes: 9 additions & 0 deletions pkg/clients/repositories/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (

const (
errorRepositoryNotFound = "code = NotFound desc = repo"
errorPermissionDenied = "code = PermissionDenied desc = permission denied"
)

// RepositoryServiceClient wraps the functions to connect to argocd repositories
Expand Down Expand Up @@ -43,3 +44,11 @@ func IsErrorRepositoryNotFound(err error) bool {
}
return strings.Contains(err.Error(), errorRepositoryNotFound)
}

// IsErrorPermissionDenied helper function to test for errorPermissionDenied error.
func IsErrorPermissionDenied(err error) bool {
if err == nil {
return false
}
return strings.Contains(err.Error(), errorPermissionDenied)
}
64 changes: 40 additions & 24 deletions pkg/controller/repositories/controller.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -121,39 +121,23 @@ func (e *external) Observe(ctx context.Context, mg resource.Managed) (managed.Ex
}

observedRepository, err := e.client.Get(ctx, &repoQuery)
if err != nil {
return managed.ExternalObservation{}, resource.Ignore(repositories.IsErrorRepositoryNotFound, err)
}

passwordSecretResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.PasswordRef)
if err != nil {
return managed.ExternalObservation{}, err
}
sshPrivateKeyResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.SSHPrivateKeyRef)
if err != nil {
return managed.ExternalObservation{}, err
}
tlsClientCertDataResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.TLSClientCertDataRef)
if err != nil {
return managed.ExternalObservation{}, err
if err != nil && repositories.IsErrorPermissionDenied(err) || repositories.IsErrorRepositoryNotFound(err) {
return managed.ExternalObservation{
ResourceExists: false,
}, nil
}
tlsClientCertKeyResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.TLSClientCertKeyRef)

if err != nil {
return managed.ExternalObservation{}, err
}
githubAppPrivateKeyResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.GithubAppPrivateKeyRef)

resourceVersions, err := e.getSecretResource(ctx, cr)

if err != nil {
return managed.ExternalObservation{}, err
}

resourceVersions := secretResourceVersion{
Password: passwordSecretResourceVersion,
SSHPrivateKey: sshPrivateKeyResourceVersion,
TLSClientCertData: tlsClientCertDataResourceVersion,
TLSClientCertKey: tlsClientCertKeyResourceVersion,
GithubAppPrivateKey: githubAppPrivateKeyResourceVersion,
}

current := cr.Spec.ForProvider.DeepCopy()
lateInitializeRepository(&cr.Spec.ForProvider, observedRepository)

Expand Down Expand Up @@ -543,3 +527,35 @@ func (e *external) getPayload(ctx context.Context, ref *v1alpha1.SecretReference

return nil, nil
}

func (e *external) getSecretResource(ctx context.Context, cr *v1alpha1.Repository) (secretResourceVersion, error) {
passwordSecretResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.PasswordRef)
if err != nil {
return secretResourceVersion{}, err
}
sshPrivateKeyResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.SSHPrivateKeyRef)
if err != nil {
return secretResourceVersion{}, err
}
tlsClientCertDataResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.TLSClientCertDataRef)
if err != nil {
return secretResourceVersion{}, err
}
tlsClientCertKeyResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.TLSClientCertKeyRef)
if err != nil {
return secretResourceVersion{}, err
}
githubAppPrivateKeyResourceVersion, err := e.getSecretResourceVersion(ctx, cr.Spec.ForProvider.GithubAppPrivateKeyRef)
if err != nil {
return secretResourceVersion{}, err
}

return secretResourceVersion{
Password: passwordSecretResourceVersion,
SSHPrivateKey: sshPrivateKeyResourceVersion,
TLSClientCertData: tlsClientCertDataResourceVersion,
TLSClientCertKey: tlsClientCertKeyResourceVersion,
GithubAppPrivateKey: githubAppPrivateKeyResourceVersion,
}, nil

}
8 changes: 5 additions & 3 deletions pkg/controller/repositories/controller_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,8 +40,10 @@ import (
)

var (
errBoom = errors.New("boom")
errNotFound = errors.New("code = NotFound desc = repo")
errBoom = errors.New("boom")
// Unused until issue https://github.com/argoproj/argo-cd/issues/20005 in Argo CD project is resolved
// errNotFound = errors.New("code = NotFound desc = repo")
errPermissionDenied = errors.New("code = PermissionDenied desc = permission denied")
testRepositoryExternalName = "testRepo"
testRepo = "https://gitlab.com/example-group/example-project.git"
testUsername = "testUser"
Expand Down Expand Up @@ -206,7 +208,7 @@ func TestObserve(t *testing.T) {
&argocdRepository.RepoQuery{
Repo: testRepositoryExternalName,
},
).Return(nil, errNotFound)
).Return(nil, errPermissionDenied) // Switch to errNotFound when issue https://github.com/argoproj/argo-cd/issues/20005 in Argo CD is solved
}),
cr: Repository(
withExternalName(testRepositoryExternalName),
Expand Down

0 comments on commit 0acaa90

Please sign in to comment.