scope secret getter in keymaanger controller

fabianvf · Mar 18, 2022 · 3c2b1dc · 3c2b1dc
1 parent 98590d1
commit 3c2b1dc
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 3 deletions.
diff --git a/pkg/controller/certificates/keymanager/keymanager_controller.go b/pkg/controller/certificates/keymanager/keymanager_controller.go
@@ -34,6 +34,7 @@ import (
 	corev1client "k8s.io/client-go/kubernetes/typed/core/v1"
 	corelisters "k8s.io/client-go/listers/core/v1"
 	"k8s.io/client-go/tools/cache"
+	"k8s.io/client-go/tools/clusters"
 	"k8s.io/client-go/tools/record"
 	"k8s.io/client-go/util/workqueue"
 
@@ -239,7 +240,8 @@ func (c *controller) ProcessItem(ctx context.Context, key string) error {
 
 func (c *controller) createNextPrivateKeyRotationPolicyNever(ctx context.Context, crt *cmapi.Certificate) error {
 	log := logf.FromContext(ctx)
-	s, err := c.secretLister.Secrets(crt.Namespace).Get(crt.Spec.SecretName)
+	secKey := clusters.ToClusterAwareKey(crt.GetClusterName(), crt.Spec.SecretName)
+	s, err := c.secretLister.Secrets(crt.Namespace).Get(secKey)
 	if apierrors.IsNotFound(err) {
 		log.V(logf.DebugLevel).Info("Creating new nextPrivateKeySecretName Secret because no existing Secret found and rotation policy is Never")
 		return c.createAndSetNextPrivateKey(ctx, crt)

diff --git a/pkg/controller/certificates/revisionmanager/revisionmanager_controller.go b/pkg/controller/certificates/revisionmanager/revisionmanager_controller.go
@@ -57,6 +57,7 @@ type controller struct {
 type revision struct {
 	rev int
 	types.NamespacedName
+	clusterName string
 }
 
 func NewController(log logr.Logger, client cmclient.Interface, cmFactory cminformers.SharedInformerFactory) (*controller, workqueue.RateLimitingInterface, []cache.InformerSynced) {
@@ -143,7 +144,7 @@ func (c *controller) ProcessItem(ctx context.Context, key string) error {
 	for _, req := range toDelete {
 		logf.WithRelatedResourceName(log, req.Name, req.Namespace, cmapi.CertificateRequestKind).
 			WithValues("revision", req.rev).Info("garbage collecting old certificate request revsion")
-		cl := certmanagerv1.NewWithCluster(c.client.CertmanagerV1().RESTClient(), ctx.Value("clusterName").(string))
+		cl := certmanagerv1.NewWithCluster(c.client.CertmanagerV1().RESTClient(), req.clusterName)
 		err = cl.CertificateRequests(req.Namespace).Delete(ctx, req.Name, metav1.DeleteOptions{})
 		if apierrors.IsNotFound(err) {
 			continue
@@ -183,7 +184,7 @@ func certificateRequestsToDelete(log logr.Logger, limit int, requests []*cmapi.C
 			continue
 		}
 
-		revisions = append(revisions, revision{rn, types.NamespacedName{Namespace: req.Namespace, Name: req.Name}})
+		revisions = append(revisions, revision{rn, types.NamespacedName{Namespace: req.Namespace, Name: req.Name}, req.ClusterName})
 	}
 
 	sort.SliceStable(revisions, func(i, j int) bool {

diff --git a/pkg/controller/certificates/revisionmanager/revisionmanager_controller_test.go b/pkg/controller/certificates/revisionmanager/revisionmanager_controller_test.go
@@ -213,6 +213,7 @@ func TestProcessItem(t *testing.T) {
 			},
 		},
 	}
+	// TODDO(kcp): fix this
 	for name, test := range tests {
 		t.Run(name, func(t *testing.T) {
 			// Create and initialise a new unit test builder
@@ -350,20 +351,23 @@ func TestCertificateRequestsToDelete(t *testing.T) {
 						Namespace: gen.DefaultTestNamespace,
 						Name:      "cr-6",
 					},
+					"to fix",
 				},
 				{
 					3,
 					types.NamespacedName{
 						Namespace: gen.DefaultTestNamespace,
 						Name:      "cr-3",
 					},
+					"to fix",
 				},
 				{
 					123,
 					types.NamespacedName{
 						Namespace: gen.DefaultTestNamespace,
 						Name:      "cr-1",
 					},
+					"to fix",
 				},
 			},
 		},
@@ -402,6 +406,7 @@ func TestCertificateRequestsToDelete(t *testing.T) {
 						Namespace: gen.DefaultTestNamespace,
 						Name:      "cr-6",
 					},
+					"to fix this",
 				},
 			},
 		},