[BUG] Secret gets never populated if KeyVault entry was created after the secret template

[yix]

[X] Controller, version: 1.2.0 (spvest/azure-keyvault-controller:1.2.0)
[ ] Env-Injector (webhook), version: x.x.x (docker image tag)
[ ] Other

Describe the bug
If secret template has been created before relevant Azure KeyVault entry it will not be populated even after KeyVault entry creation.

To Reproduce
Steps to reproduce the behavior:

1. Create secret template which references non-existent KeyVaul entry (see Manifest below).
2. Create KeyVault entry.
3. Relevant k8s secret will not be created.

Expected behavior
Secret created once KeyVault controller receives update about the KeyVault entry referenced in the template

Logs

Logs

I0317 17:39:22.738719       1 azureKeyVaultSecret.go:229] "updating with recent changes from azure key vault" azurekeyvaultsecret="app-namespace/some-token" secret="app-namespace/some-token"
E0317 17:39:23.116356       1 worker.go:92] Failed to process key app-namespace/some-token. Reason: failed to get existing secret some-token, error: secrets "some-token" not found
I0317 17:43:56.989218       1 azureKeyVaultSecret.go:229] "updating with recent changes from azure key vault" azurekeyvaultsecret="app-namespace/some-token" secret="app-namespace/some-token"
E0317 17:43:57.316122       1 worker.go:92] Failed to process key app-namespace/some-token. Reason: failed to get existing secret some-token, error: secrets "some-token" not found
E0317 17:43:57.316168       1 worker.go:106] failed to get existing secret some-token, error: secrets "some-token" not found
I0317 17:48:21.989052       1 azureKeyVaultSecret.go:229] "updating with recent changes from azure key vault" azurekeyvaultsecret="app-namespace/some-token" secret="app-namespace/some-token"
E0317 17:48:22.316220       1 worker.go:92] Failed to process key app-namespace/some-token. Reason: failed to get existing secret some-token, error: secrets "some-token" not found

Manifest

apiVersion: spv.no/v1
kind: AzureKeyVaultSecret
metadata:
  name: some-token
spec:
  output:
    secret:
      dataKey: some.token
      name: some-token
  vault:
    name: KeyVaultName
    object:
      name: app-namespace-some-token
      type: secret

Additional context
According to the logs controller assumes that secret has been already created and tries to find it to perform an update, but secret wasn't created. I believe controller should fall back to creating a secret if it was not found.

[181192]

Sorry @yix needed to revert the PR #164.

Line 241 is calling Update on the clientset, if the secret does not exists we need to do a Create. This logic already exists in the getOrCreateKubernetesSecret method in /controller/secret.go. If we restart the controller, the secret gets created as expected. So we need to figure out if we can include the same logic in the reconcile loop.

secret, err := c.kubeclientset.CoreV1().Secrets(akvs.Namespace).Update(context.TODO(), updatedSecret, metav1.UpdateOptions{})