common

package
v0.0.0-...-22728e1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 27, 2026 License: Apache-2.0 Imports: 29 Imported by: 0

Documentation

Overview

Package common provides shared utilities and types used across controllers.

Index

Constants

View Source 
const (
	// DefaultRequeueTime is the default reconcile requeue time.
	DefaultRequeueTime = time.Second * 30

	// ExternalSecretsConfigObjectName is the default name of the externalsecretsconfigs.operator.openshift.io CR.
	ExternalSecretsConfigObjectName = "cluster"

	// ExternalSecretsManagerObjectName is the default name of the externalsecretsmanagers.operator.openshift.io CR.
	ExternalSecretsManagerObjectName = "cluster"

	// CertManagerInjectCAFromAnnotation is the annotation key added to external-secrets resource once
	// if certManager field is enabled in webhook config
	// after successful reconciliation by the controller.
	CertManagerInjectCAFromAnnotation = "cert-manager.io/inject-ca-from"

	// CertManagerInjectCAFromAnnotationValue is the annotation value added to external-secrets resource once
	// if certManager field is enabled in webhook config
	// after successful reconciliation by the controller.
	CertManagerInjectCAFromAnnotationValue = "external-secrets/external-secrets-webhook"

	// ExternalSecretsOperatorCommonName is the name commonly used for labelling resources.
	ExternalSecretsOperatorCommonName = "external-secrets-operator"
)

Variables

View Source 
var (
	ExternalSecretsOperatorVersion = os.Getenv("OPERATOR_IMAGE_VERSION")
)

Functions

func AddFinalizer 

func AddFinalizer(ctx context.Context, obj client.Object, opClient operatorclient.CtrlClient, finalizer string) error

AddFinalizer adds finalizer to the passed resource object.

func DecodeCertificateObjBytes 

func DecodeCertificateObjBytes(objBytes []byte) *certmanagerv1.Certificate

func DecodeClusterRoleBindingObjBytes 

func DecodeClusterRoleBindingObjBytes(objBytes []byte) *rbacv1.ClusterRoleBinding

func DecodeClusterRoleObjBytes 

func DecodeClusterRoleObjBytes(objBytes []byte) *rbacv1.ClusterRole

func DecodeDeploymentObjBytes 

func DecodeDeploymentObjBytes(objBytes []byte) *appsv1.Deployment

func DecodeNetworkPolicyObjBytes 

func DecodeNetworkPolicyObjBytes(objBytes []byte) *networkingv1.NetworkPolicy

func DecodeRoleBindingObjBytes 

func DecodeRoleBindingObjBytes(objBytes []byte) *rbacv1.RoleBinding

func DecodeRoleObjBytes 

func DecodeRoleObjBytes(objBytes []byte) *rbacv1.Role

func DecodeSecretObjBytes 

func DecodeSecretObjBytes(objBytes []byte) *corev1.Secret

func DecodeServiceAccountObjBytes 

func DecodeServiceAccountObjBytes(objBytes []byte) *corev1.ServiceAccount

func DecodeServiceObjBytes 

func DecodeServiceObjBytes(objBytes []byte) *corev1.Service

func DecodeValidatingWebhookConfigurationObjBytes 

func DecodeValidatingWebhookConfigurationObjBytes(objBytes []byte) *webhook.ValidatingWebhookConfiguration

func EvalMode 

func EvalMode(val operatorv1alpha1.Mode) bool

EvalMode is for evaluating the Mode values and return a boolean. This is very specific to the values read from CR which allows only `Enabled`, `Disabled` or `DisabledAndCleanup` as values. Returns true when has `Enabled` and false for every other value.

func HasObjectChanged 

func HasObjectChanged(desired, fetched client.Object) bool

func IsESMSpecEmpty 

func IsESMSpecEmpty(esm *operatorv1alpha1.ExternalSecretsManager) bool

IsESMSpecEmpty returns whether ExternalSecretsManager CR Spec is empty.

func IsInjectCertManagerAnnotationEnabled 

func IsInjectCertManagerAnnotationEnabled(esc *operatorv1alpha1.ExternalSecretsConfig) bool

IsInjectCertManagerAnnotationEnabled is for check if add cert-manager annotation is enabled.

func IsIrrecoverableError 

func IsIrrecoverableError(err error) bool

IsIrrecoverableError checks if the given error is a ReconcileError with IrrecoverableError reason. Returns false if err is nil or not a ReconcileError.

func ObjectMetadataModified 

func ObjectMetadataModified(desired, fetched client.Object) bool

func ParseBool 

func ParseBool(val string) bool

ParseBool is for parsing a string value as a boolean value. This is very specific to the values read from CR which allows only `true` or `false` as values.

func RemoveFinalizer 

func RemoveFinalizer(ctx context.Context, obj client.Object, opClient operatorclient.CtrlClient, finalizer string) error

RemoveFinalizer removes finalizers added from the passed resource object.

func UpdateResourceLabels 

func UpdateResourceLabels(obj client.Object, labels map[string]string)

func ValidateAffinity 

func ValidateAffinity(affinity *core.Affinity, opts corevalidation.PodValidationOptions, fldPath *field.Path) field.ErrorList

ValidateAffinity checks if given affinities are valid.

Types

type ErrorReason 

type ErrorReason string

ErrorReason represents the category of a reconciliation error, used to determine whether the reconciler should retry or not. 

const (
	// IrrecoverableError indicates an error that cannot be resolved by retrying.
	// Examples include invalid configuration, permission errors, or bad requests.
	// The reconciler should not requeue when encountering this error type.
	IrrecoverableError ErrorReason = "IrrecoverableError"

	// RetryRequiredError indicates a transient error that may be resolved by retrying.
	// Examples include temporary network issues or resource conflicts.
	// The reconciler should requeue when encountering this error type.
	RetryRequiredError ErrorReason = "RetryRequiredError"
)

type Now 

type Now struct {
	sync.Mutex
	// contains filtered or unexported fields
}

Now is a rip-off of golang's sync.Once functionality but extended to support reset.

func (*Now) Do 

func (n *Now) Do(f func())

Do is same as sync.Once.Do, which calls the passed func f only once until Now is reset. Do calls f() only once until Reset is called, similar to sync.Once.Do. Uses double-checked locking to ensure thread-safety.

func (*Now) Reset 

func (n *Now) Reset()

Reset is for allowing the Do method to call the func f again.

type ReconcileError 

type ReconcileError struct {
	// Reason categorizes the error as either irrecoverable or requiring retry.
	Reason ErrorReason `json:"reason,omitempty"`
	// Message provides a human-readable description of the error context.
	Message string `json:"message,omitempty"`
	// Err is the underlying error that caused this reconciliation error.
	Err error `json:"error,omitempty"`
}

ReconcileError represents an error that occurred during reconciliation. It includes the error reason, a descriptive message, and the underlying error.

func FromClientError 

func FromClientError(err error, message string, args ...any) *ReconcileError

FromClientError creates a ReconcileError from a Kubernetes API client error. It automatically determines the error reason based on the API error type:

  • IrrecoverableError: Unauthorized, Forbidden, Invalid, BadRequest, ServiceUnavailable
  • RetryRequiredError: All other errors (e.g., NotFound, Conflict, Timeout)

Returns nil if the provided error is nil. The message supports fmt.Sprintf-style formatting with the provided args.

func NewIrrecoverableError 

func NewIrrecoverableError(err error, message string, args ...any) *ReconcileError

NewIrrecoverableError creates a new ReconcileError with IrrecoverableError reason. Returns nil if the provided error is nil. The message supports fmt.Sprintf-style formatting with the provided args.

func NewRetryRequiredError 

func NewRetryRequiredError(err error, message string, args ...any) *ReconcileError

NewRetryRequiredError creates a new ReconcileError with RetryRequiredError reason. Returns nil if the provided error is nil. The message supports fmt.Sprintf-style formatting with the provided args.

func (*ReconcileError) Error 

func (e *ReconcileError) Error() string

Error implements the error interface, returning a formatted string containing both the message and the underlying error.

func (*ReconcileError) Unwrap 

func (e *ReconcileError) Unwrap() error

Unwrap returns the underlying error, implementing the standard library's error unwrapping interface. This enables errors.Is, errors.As, and errors.Unwrap to traverse the error chain.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.