feat: change status handling (#124)

* feat: change status handling

* test: add tests

* chore: remove tests

* feat: add correct if

* feat: add correct if

* feat: add correct if

---------

Co-authored-by: Oliver Bähler <[email protected]>

Author: nicluethi

Makefile

@@ -267,8 +267,8 @@ e2e-install-distro:
 	@$(MAKE) wait-for-helmreleases
 
 .PHONY: e2e-load-image
-e2e-load-image: ko-build-all
-	kind load docker-image --name $(CLUSTER_NAME) $(FULL_IMG):$(VERSION)
+e2e-load-image: kind ko-build-all
+	$(KIND) load docker-image --name $(CLUSTER_NAME) $(FULL_IMG):$(VERSION)
 
 wait-for-helmreleases:
 	@ echo "Waiting for all HelmReleases to have observedGeneration >= 0..."

cmd/main.go

@@ -34,13 +34,14 @@ func init() {
 func main() {
 	var metricsAddr string
 
-	var enableLeaderElection, enablePprof bool
+	var enableLeaderElection, enablePprof, enableStatus bool
 
 	var probeAddr string
 
 	flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
 	flag.StringVar(&probeAddr, "health-probe-bind-address", ":10080", "The address the probe endpoint binds to.")
 	flag.BoolVar(&enablePprof, "enable-pprof", false, "Enables Pprof endpoint for profiling (not recommend in production)")
+	flag.BoolVar(&enableStatus, "enable-provider-status", true, "Add all available providers to the status of the SopsSecret resource")
 	flag.BoolVar(&enableLeaderElection, "leader-elect", false,
 		"Enable leader election for controller manager. "+
 			"Enabling this will ensure there is only one active controller manager.")
@@ -78,7 +79,10 @@ func main() {
 		Log:     ctrl.Log.WithName("Controllers").WithName("Secrets"),
 		Metrics: metricsRecorder,
 		Scheme:  mgr.GetScheme(),
-	}).SetupWithManager(mgr); err != nil {
+	}).SetupWithManager(mgr, controllers.SopsSecretReconcilerConfig{
+		EnableStatus:   enableStatus,
+		ControllerName: "sopssecret",
+	}); err != nil {
 		setupLog.Error(err, "unable to create controller", "controller", "SopsSecret")
 		os.Exit(1)
 	}

internal/controllers/sopssecret_controller.go

@@ -32,18 +32,29 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/reconcile"
 )
 
+type SopsSecretReconcilerConfig struct {
+	EnableStatus   bool
+	ControllerName string
+}
+
 // SopsSecretReconciler reconciles a SopsSecret object.
 type SopsSecretReconciler struct {
 	client.Client
 	Metrics  *metrics.Recorder
 	Log      logr.Logger
 	Recorder record.EventRecorder
 	Scheme   *runtime.Scheme
+	Config   SopsSecretReconcilerConfig
 }
 
 // SetupWithManager sets up the controller with the Manager.
-func (r *SopsSecretReconciler) SetupWithManager(mgr ctrl.Manager) error {
+func (r *SopsSecretReconciler) SetupWithManager(mgr ctrl.Manager, cfg SopsSecretReconcilerConfig) error {
+	r.Config = cfg
+
+	r.Log.V(7).Info("controller config", "config", r.Config)
+
 	return ctrl.NewControllerManagedBy(mgr).
+		Named(cfg.ControllerName).
 		For(&sopsv1alpha1.SopsSecret{}).
 		Watches(&corev1.Secret{},
 			handler.EnqueueRequestForOwner(mgr.GetScheme(), mgr.GetRESTMapper(), &sopsv1alpha1.SopsSecret{})).
@@ -409,11 +420,17 @@ func (r *SopsSecretReconciler) decryptionProvider(
 		return nil, nil, err
 	}
 
+	if !r.Config.EnableStatus && len(secret.Status.Providers) > 0 {
+		secret.Status.Providers = []*api.Origin{}
+	}
+
 	// Gather Secrets from Provider
 	for _, provider := range matchingProviders {
-		secret.Status.Providers = append(secret.Status.Providers,
-			api.NewOrigin(&provider),
-		)
+		if r.Config.EnableStatus {
+			secret.Status.Providers = append(secret.Status.Providers,
+				api.NewOrigin(&provider),
+			)
+		}
 
 		for _, sec := range provider.Status.Providers {
 			if sec.Status == metav1.ConditionTrue {