From a1cf995e5006067642ff64be1b595132fc236321 Mon Sep 17 00:00:00 2001 From: Ilias Rinis Date: Tue, 10 Dec 2024 11:59:56 +0100 Subject: [PATCH] fixup! common: add helper func to determine whether OIDC is enabled on KAS pods --- pkg/controllers/common/external_oidc.go | 4 ++++ pkg/controllers/common/external_oidc_test.go | 6 ++++++ 2 files changed, 10 insertions(+) diff --git a/pkg/controllers/common/external_oidc.go b/pkg/controllers/common/external_oidc.go index 39978abcd..0e1f3755b 100644 --- a/pkg/controllers/common/external_oidc.go +++ b/pkg/controllers/common/external_oidc.go @@ -37,6 +37,10 @@ func ExternalOIDCConfigAvailable(authLister configv1listers.AuthenticationLister observedRevisions.Insert(nodeStatus.CurrentRevision) } + if observedRevisions.Len() == 0 { + return false, nil + } + for _, revision := range observedRevisions.UnsortedList() { // ensure every observed revision includes an auth-config revisioned configmap _, err := cmLister.ConfigMaps("openshift-kube-apiserver").Get(fmt.Sprintf("auth-config-%d", revision)) diff --git a/pkg/controllers/common/external_oidc_test.go b/pkg/controllers/common/external_oidc_test.go index cd9635aa0..bd1aa7c10 100644 --- a/pkg/controllers/common/external_oidc_test.go +++ b/pkg/controllers/common/external_oidc_test.go @@ -28,6 +28,12 @@ func TestExternalOIDCConfigAvailable(t *testing.T) { expectAvailable bool expectError bool }{ + { + name: "no node statuses observed", + authType: configv1.AuthenticationTypeOIDC, + expectAvailable: false, + expectError: false, + }, { name: "oidc disabled, no rollout", configMaps: []*corev1.ConfigMap{cm("config-10", "config.yaml", kasConfigJSONWithoutOIDC)},