From 1da9999268a8d37beb60066a44ede5941e675dca Mon Sep 17 00:00:00 2001 From: Stuart Douglas Date: Thu, 19 Oct 2023 17:54:24 +1100 Subject: [PATCH] Ensure secret exists --- pkg/reconciler/taskrun/taskrun.go | 11 ++++++++++- pkg/reconciler/taskrun/taskrun_test.go | 20 ++++++++++++++------ 2 files changed, 24 insertions(+), 7 deletions(-) diff --git a/pkg/reconciler/taskrun/taskrun.go b/pkg/reconciler/taskrun/taskrun.go index 80d33749..286b6014 100644 --- a/pkg/reconciler/taskrun/taskrun.go +++ b/pkg/reconciler/taskrun/taskrun.go @@ -501,6 +501,15 @@ type PlatformConfig interface { func launchProvisioningTask(r *ReconcileTaskRun, ctx context.Context, log *logr.Logger, tr *v1.TaskRun, secretName string, sshSecret string, address string, user string) error { //kick off the provisioning task //note that we can't use owner refs here because this task runs in a different namespace + + //first verify the secret exists, so we don't hang if it is missing + secret := v12.Secret{} + err := r.client.Get(ctx, types.NamespacedName{Namespace: r.operatorNamespace, Name: sshSecret}, &secret) + if err != nil { + log.Error(fmt.Errorf("failed to find SSH secret %s", sshSecret), "failed to find SSH secret") + return r.createErrorSecret(ctx, tr, secretName, "failed to get SSH secret, system may not be configured correctly") + } + provision := v1.TaskRun{} provision.GenerateName = "provision-task" provision.Namespace = r.operatorNamespace @@ -531,7 +540,7 @@ func launchProvisioningTask(r *ReconcileTaskRun, ctx context.Context, log *logr. }, } - err := r.client.Create(ctx, &provision) + err = r.client.Create(ctx, &provision) return err } diff --git a/pkg/reconciler/taskrun/taskrun_test.go b/pkg/reconciler/taskrun/taskrun_test.go index abd66b48..87ff153f 100644 --- a/pkg/reconciler/taskrun/taskrun_test.go +++ b/pkg/reconciler/taskrun/taskrun_test.go @@ -29,7 +29,7 @@ const userNamespace = "default" var cloudImpl MockCloud = MockCloud{Addressses: map[cloud.InstanceIdentifier]string{}} -func setupClientAndReconciler(objs ...runtimeclient.Object) (runtimeclient.Client, *ReconcileTaskRun) { +func setupClientAndReconciler(objs []runtimeclient.Object) (runtimeclient.Client, *ReconcileTaskRun) { scheme := runtime.NewScheme() _ = pipelinev1.AddToScheme(scheme) _ = v1.AddToScheme(scheme) @@ -329,7 +329,7 @@ func runSuccessfulProvision(provision *pipelinev1.TaskRun, g *WithT, client runt func TestNoHostConfig(t *testing.T) { g := NewGomegaWithT(t) - client, reconciler := setupClientAndReconciler() + client, reconciler := setupClientAndReconciler([]runtimeclient.Object{}) createUserTaskRun(g, client, "test", "linux/arm64") _, err := reconciler.Reconcile(context.TODO(), reconcile.Request{NamespacedName: types.NamespacedName{Namespace: userNamespace, Name: "test"}}) g.Expect(err).ToNot(HaveOccurred()) @@ -414,7 +414,7 @@ func createUserTaskRun(g *WithT, client runtimeclient.Client, name string, platf g.Expect(client.Create(context.TODO(), tr)).ToNot(HaveOccurred()) } -func createHostConfig() *v1.ConfigMap { +func createHostConfig() []runtimeclient.Object { cm := v1.ConfigMap{} cm.Name = HostConfig cm.Namespace = systemNamespace @@ -432,10 +432,14 @@ func createHostConfig() *v1.ConfigMap { "host.host2.user": "ec2-user", "host.host2.platform": "linux/arm64", } - return &cm + sec := v1.Secret{} + sec.Name = "awskeys" + sec.Namespace = systemNamespace + sec.Labels = map[string]string{MultiPlatformSecretLabel: "true"} + return []runtimeclient.Object{&cm, &sec} } -func createDynamicHostConfig() *v1.ConfigMap { +func createDynamicHostConfig() []runtimeclient.Object { cm := v1.ConfigMap{} cm.Name = HostConfig cm.Namespace = systemNamespace @@ -451,7 +455,11 @@ func createDynamicHostConfig() *v1.ConfigMap { "dynamic.linux-arm64.ssh-secret": "awskeys", "dynamic.linux-arm64.max-instances": "2", } - return &cm + sec := v1.Secret{} + sec.Name = "awskeys" + sec.Namespace = systemNamespace + sec.Labels = map[string]string{MultiPlatformSecretLabel: "true"} + return []runtimeclient.Object{&cm, &sec} } type MockCloud struct {