reduce unnecessary apiserver interaction

canonical · Apr 11, 2024 · 18e470f · 18e470f
1 parent 8d2dcf7
commit 18e470f
Showing 1 changed file with 36 additions and 69 deletions.
diff --git a/controllers/microk8sconfig_controller.go b/controllers/microk8sconfig_controller.go
@@ -627,115 +627,82 @@ func (r *MicroK8sConfigReconciler) storeBootstrapData(ctx context.Context, scope
 func (r *MicroK8sConfigReconciler) getJoinToken(ctx context.Context, scope *Scope) (string, error) {
 	// See if the token exists. If not create it.
 	secret := &corev1.Secret{}
-
-	var found bool
 	err := r.Client.Get(ctx, types.NamespacedName{
 		Namespace: scope.Cluster.Namespace,
 		Name:      fmt.Sprintf("%s-jointoken", scope.Cluster.Name),
 	}, secret)
 	switch {
 	case err == nil:
-		found = true
+		return string(secret.Data["value"]), nil
 	case apierrors.IsNotFound(err):
 	default:
 		return "", err
 	}
 
-	if !found {
-		const letters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
-		b := make([]byte, 32)
-		for i := range b {
-			b[i] = letters[mrand.Intn(len(letters))]
-		}
-		token := string(b)
-		tokenSecret := &corev1.Secret{
-			ObjectMeta: metav1.ObjectMeta{
-				Namespace: scope.Cluster.Namespace,
-				Name:      scope.Cluster.Name + "-jointoken",
-			},
-			Data: map[string][]byte{
-				"value": []byte(token),
-			},
-		}
-		err = r.Client.Create(ctx, tokenSecret)
-		if err != nil {
-			return "", err
-		}
+	const letters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+	b := make([]byte, 32)
+	for i := range b {
+		b[i] = letters[mrand.Intn(len(letters))]
 	}
-
-	readTokenSecret := &corev1.Secret{}
-	err = r.Client.Get(ctx,
-		types.NamespacedName{
+	token := string(b)
+	tokenSecret := &corev1.Secret{
+		ObjectMeta: metav1.ObjectMeta{
 			Namespace: scope.Cluster.Namespace,
 			Name:      scope.Cluster.Name + "-jointoken",
 		},
-		readTokenSecret,
-	)
-	if err != nil {
+		Data: map[string][]byte{
+			"value": []byte(token),
+		},
+	}
+	if err := r.Client.Create(ctx, tokenSecret); err != nil {
 		return "", err
 	}
 
-	return string(readTokenSecret.Data["value"]), nil
+	return token, nil
 }
 
 func (r *MicroK8sConfigReconciler) getCA(ctx context.Context, scope *Scope) (cert *string, key *string, err error) {
 	// See if the CA cert exists. If not create it.
-	caSecret := &corev1.Secret{}
+	secret := &corev1.Secret{}
 
-	var found bool
 	err = r.Client.Get(ctx, types.NamespacedName{
 		Namespace: scope.Cluster.Namespace,
 		Name:      fmt.Sprintf("%s-ca", scope.Cluster.Name),
-	}, caSecret)
+	}, secret)
 	switch {
 	case err == nil:
-		found = true
+		cert := string(secret.Data["crt"])
+		key := string(secret.Data["key"])
+		return &cert, &key, nil
 	case apierrors.IsNotFound(err):
 	default:
 		return nil, nil, err
 	}
 
-	if !found {
-		newcrt, newkey, err := r.generateCA()
-		if err != nil {
-			return nil, nil, err
-		}
-		caSecret := &corev1.Secret{
-			ObjectMeta: metav1.ObjectMeta{
-				Namespace: scope.Cluster.Namespace,
-				Name:      scope.Cluster.Name + "-ca",
-			},
-			Data: map[string][]byte{
-				// these are the expected names for the certificate and key
-				"tls.crt": []byte(*newcrt),
-				"tls.key": []byte(*newkey),
-
-				// these are here for backwards-compatibility with older versions of the providers
-				"crt": []byte(*newcrt),
-				"key": []byte(*newkey),
-			},
-		}
-		err = r.Client.Create(ctx, caSecret)
-		if err != nil {
-			return nil, nil, err
-		}
+	newcrt, newkey, err := r.generateCA()
+	if err != nil {
+		return nil, nil, err
 	}
-
-	readCASecret := &corev1.Secret{}
-	err = r.Client.Get(ctx,
-		types.NamespacedName{
+	caSecret := &corev1.Secret{
+		ObjectMeta: metav1.ObjectMeta{
 			Namespace: scope.Cluster.Namespace,
 			Name:      scope.Cluster.Name + "-ca",
 		},
-		readCASecret,
-	)
-	if err != nil {
+		Data: map[string][]byte{
+			// these are the expected names for the certificate and key
+			"tls.crt": []byte(*newcrt),
+			"tls.key": []byte(*newkey),
+
+			// these are here for backwards-compatibility with older versions of the providers
+			"crt": []byte(*newcrt),
+			"key": []byte(*newkey),
+		},
+	}
+	if err := r.Client.Create(ctx, caSecret); err != nil {
 		return nil, nil, err
 	}
 
-	certstr := string(readCASecret.Data["crt"])
-	keystr := string(readCASecret.Data["key"])
-	return &certstr, &keystr, nil
+	return newcrt, newkey, nil
 }
 
 func (r *MicroK8sConfigReconciler) generateCA() (cert *string, key *string, err error) {