Skip to content

Commit f3e6a13

Browse files
zdtswzdtsw
authored
chore: remove duplicated logic by function call (#1080)
* chore: remove duplicated logic by function call - change if-else-if to switch - fast return in recreateSecret case --------- Signed-off-by: Wen Zhou <[email protected]>
1 parent 65f9522 commit f3e6a13

File tree

1 file changed

+34
-44
lines changed

1 file changed

+34
-44
lines changed

pkg/cluster/cert.go

Lines changed: 34 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -32,27 +32,9 @@ func CreateSelfSignedCertificate(ctx context.Context, c client.Client, secretNam
3232
if err := ApplyMetaOptions(certSecret, metaOptions...); err != nil {
3333
return err
3434
}
35-
existingSecret := &corev1.Secret{}
36-
err = c.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, existingSecret)
37-
if err != nil {
38-
if k8serr.IsNotFound(err) {
39-
// Secret does not exist, create it
40-
if createErr := c.Create(ctx, certSecret); createErr != nil {
41-
return fmt.Errorf("failed creating certificate secret: %w", createErr)
42-
}
43-
} else {
44-
return fmt.Errorf("failed getting certificate secret: %w", err)
45-
}
46-
} else if existingSecret.Type != certSecret.Type {
47-
// Secret exists but with a different type, delete and recreate it
48-
if err := c.Delete(ctx, existingSecret); err != nil {
49-
return fmt.Errorf("failed deleting existing secret: %w", err)
50-
}
51-
if createErr := c.Create(ctx, certSecret); client.IgnoreAlreadyExists(createErr) != nil {
52-
return fmt.Errorf("failed creating certificate secret: %w", createErr)
53-
}
35+
if err = generateCertSecret(ctx, c, certSecret, secretName, namespace); err != nil {
36+
return fmt.Errorf("failed update self-signed certificate secret: %w", err)
5437
}
55-
5638
return nil
5739
}
5840

@@ -194,43 +176,51 @@ func copySecretToNamespace(ctx context.Context, c client.Client, secret *corev1.
194176
Data: secret.Data,
195177
Type: secret.Type,
196178
}
197-
198-
existingSecret := &corev1.Secret{}
199-
err := c.Get(ctx, client.ObjectKey{Name: newSecretName, Namespace: namespace}, existingSecret)
200-
if k8serr.IsNotFound(err) { // create if not found
201-
if err = c.Create(ctx, newSecret); err != nil {
202-
return fmt.Errorf("failed to create new secret: %w", err)
203-
}
204-
} else if err != nil {
205-
return fmt.Errorf("failed to get existing secret: %w", err)
179+
if err := generateCertSecret(ctx, c, newSecret, newSecretName, namespace); err != nil {
180+
return fmt.Errorf("failed to deploy default cert secret to namespace %s: %w", namespace, err)
206181
}
207-
208-
if existingSecret.Type != newSecret.Type { // recreate if found with mismatched type
209-
if recreateSecret(ctx, c, existingSecret, newSecret) != nil {
210-
return errors.New("failed to recreate secret with type corrected")
211-
}
212-
}
213-
214-
if isSecretOutdated(existingSecret.Data, newSecret.Data) {
215-
if err = c.Update(ctx, newSecret); err != nil { // update data if found with same type but outdated content
216-
return fmt.Errorf("failed to update secret: %w", err)
217-
}
218-
}
219-
220182
return nil
221183
}
222184

223185
// recreateSecret deletes the existing secret and creates a new one.
224186
func recreateSecret(ctx context.Context, c client.Client, existingSecret, newSecret *corev1.Secret) error {
225187
if err := c.Delete(ctx, existingSecret); err != nil {
226-
return fmt.Errorf("failed to delete existing secret: %w", err)
188+
return fmt.Errorf("failed to delete existing secret before recreating new one: %w", err)
227189
}
228190
if err := c.Create(ctx, newSecret); err != nil {
229-
return fmt.Errorf("failed to create new secret: %w", err)
191+
return fmt.Errorf("failed to create new secret after existing one has been deleted: %w", err)
230192
}
231193
return nil
232194
}
233195

196+
// generateCertSecret creates a secret if it does not exist; recreate this secret if type not match; update data if outdated.
197+
func generateCertSecret(ctx context.Context, c client.Client, certSecret *corev1.Secret, secretName, namespace string) error {
198+
existingSecret := &corev1.Secret{}
199+
err := c.Get(ctx, client.ObjectKey{Name: secretName, Namespace: namespace}, existingSecret)
200+
switch {
201+
case err == nil:
202+
// Secret exists but with a different type, delete and create it again
203+
if existingSecret.Type != certSecret.Type {
204+
return recreateSecret(ctx, c, existingSecret, certSecret)
205+
}
206+
// update data if found with same type but outdated content
207+
if isSecretOutdated(existingSecret.Data, certSecret.Data) {
208+
if err = c.Update(ctx, certSecret); err != nil {
209+
return fmt.Errorf("failed to update existing secret: %w", err)
210+
}
211+
}
212+
case k8serr.IsNotFound(err):
213+
// Secret does not exist, create it
214+
if err := c.Create(ctx, certSecret); err != nil {
215+
return fmt.Errorf("failed creating new certificate secret: %w", err)
216+
}
217+
default:
218+
return fmt.Errorf("failed getting certificate secret: %w", err)
219+
}
220+
221+
return nil
222+
}
223+
234224
// isSecretOutdated compares two secret data of type map[string][]byte and returns true if they are not equal.
235225
func isSecretOutdated(existingSecretData, newSecretData map[string][]byte) bool {
236226
if len(existingSecretData) != len(newSecretData) {

0 commit comments

Comments
 (0)