diff --git a/klt-cert-manager/controllers/keptnwebhookcontroller/keptnwebhookcertificate_controller.go b/klt-cert-manager/controllers/keptnwebhookcontroller/keptnwebhookcertificate_controller.go index ade0d231f8..a002a35962 100644 --- a/klt-cert-manager/controllers/keptnwebhookcontroller/keptnwebhookcertificate_controller.go +++ b/klt-cert-manager/controllers/keptnwebhookcontroller/keptnwebhookcertificate_controller.go @@ -90,21 +90,38 @@ func (r *KeptnWebhookCertificateReconciler) Reconcile(ctx context.Context, reque r.Log.Info("reconciling webhook certificates", "namespace", request.Namespace, "name", request.Name) + r.Log.Info("Retrieving MutatingWebhooks") mutatingWebhookConfigurations, err := r.ResourceRetriever.GetMutatingWebhooks(ctx) if err != nil { r.Log.Error(err, "could not find mutating webhook configuration") } + r.Log.Info( + "Found MutatingWebhooks to inject certificates", + "numberOfItems", len(mutatingWebhookConfigurations.Items), + "byteSize", mutatingWebhookConfigurations.Size(), + ) + r.Log.Info("Retrieving ValidatingWebhooks") validatingWebhookConfigurations, err := r.ResourceRetriever.GetValidatingWebhooks(ctx) if err != nil { r.Log.Error(err, "could not find validating webhook configuration") } + r.Log.Info( + "Found ValidatingWebhooks to inject certificates", + "numberOfItems", len(validatingWebhookConfigurations.Items), + "byteSize", validatingWebhookConfigurations.Size(), + ) + r.Log.Info("Retrieving CRDs") crds, err := r.ResourceRetriever.GetCRDs(ctx) if err != nil { r.Log.Error(err, "could not find CRDs") } - + r.Log.Info( + "Found CRDs to inject certificates", + "numberOfItems", len(crds.Items), + "byteSize", crds.Size(), + ) certSecret := newCertificateSecret(r.Client) if err := r.setCertificates(ctx, certSecret); err != nil { @@ -240,6 +257,11 @@ func (r *KeptnWebhookCertificateReconciler) updateCRDConfiguration(ctx context.C return nil } + r.Log.Info( + "Found conversion webhook in CRD, updating client certificate", + "crd", crdName, + ) + // update crd crd.Spec.Conversion.Webhook.ClientConfig.CABundle = bundle if err := r.Client.Update(ctx, &crd); err != nil { diff --git a/klt-cert-manager/main.go b/klt-cert-manager/main.go index 814ca728e0..98e133b15b 100644 --- a/klt-cert-manager/main.go +++ b/klt-cert-manager/main.go @@ -2,9 +2,6 @@ package main import ( "flag" - "log" - "os" - "github.com/kelseyhightower/envconfig" "github.com/keptn/lifecycle-toolkit/klt-cert-manager/controllers/keptnwebhookcontroller" corev1 "k8s.io/api/core/v1" @@ -13,8 +10,11 @@ import ( utilruntime "k8s.io/apimachinery/pkg/util/runtime" clientgoscheme "k8s.io/client-go/kubernetes/scheme" _ "k8s.io/client-go/plugin/pkg/client/auth" + "log" + "os" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/cache" + ctrlclient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" @@ -89,6 +89,11 @@ func main() { // if you are doing or is intended to do any operation such as perform cleanups // after the manager stops then its usage might be unsafe. // LeaderElectionReleaseOnCancel: true, + Client: ctrlclient.Options{ + Cache: &ctrlclient.CacheOptions{ + DisableFor: []ctrlclient.Object{&apiv1.CustomResourceDefinition{}}, + }, + }, }) if err != nil { setupLog.Error(err, "unable to start manager")