fix: cert-manager.io/certificate health.lua for consistent issuing (Issue #16523) (#16520)

* Update cert-manager.opcertificate health.lua Signed-off-by: Chris Murray <chris@distrail.io> * adding test case for cert issuing Signed-off-by: Chris Murray <chris@distrail.io> * fixing typo Signed-off-by: Chris Murray <chris@distrail.io> --------- Signed-off-by: Chris Murray <chris@distrail.io>
2026-02-20 01:28:45 +01:00 · 2023-12-04 19:42:33 +00:00
parent 30b92b246d
commit 888687452f
3 changed files with 45 additions and 0 deletions
--- a/resource_customizations/cert-manager.io/Certificate/health.lua
+++ b/resource_customizations/cert-manager.io/Certificate/health.lua
@@ -1,12 +1,17 @@
 local hs = {}
 if obj.status ~= nil then
  if obj.status.conditions ~= nil then
+
+    -- Always Handle Issuing First to ensure consistent behaviour
    for i, condition in ipairs(obj.status.conditions) do
      if condition.type == "Issuing" and condition.status == "True" then
        hs.status = "Progressing"
        hs.message = condition.message
        return hs
      end
+    end
+
+    for i, condition in ipairs(obj.status.conditions) do
      if condition.type == "Ready" and condition.status == "False" then
        hs.status = "Degraded"
        hs.message = condition.message
--- a/resource_customizations/cert-manager.io/Certificate/health_test.yaml
+++ b/resource_customizations/cert-manager.io/Certificate/health_test.yaml
@@ -7,6 +7,10 @@ tests:
    status: Progressing
    message: Issuing certificate as Secret does not exist
  inputPath: testdata/progressing_issuing.yaml
+- healthStatus:
+    status: Progressing
+    message: Issuing certificate as Secret does not exist
+  inputPath: testdata/progressing_issuing_last.yaml
 - healthStatus:
    status: Degraded
    message: 'Resource validation failed: spec.acme.config: Required value: no ACME
--- a/resource_customizations/cert-manager.io/Certificate/testdata/progressing_issuing_last.yaml
+++ b/resource_customizations/cert-manager.io/Certificate/testdata/progressing_issuing_last.yaml
@@ -0,0 +1,36 @@
+apiVersion: cert-manager.io/v1alpha2
+kind: Certificate
+metadata:
+  creationTimestamp: '2018-11-07T00:06:12Z'
+  generation: 1
+  name: test-cert
+  namespace: argocd
+  resourceVersion: '64763033'
+  selfLink: /apis/cert-manager.io/v1alpha2/namespaces/argocd/certificates/test-cert
+  uid: e6cfba50-314d-11e9-be3f-42010a800011
+spec:
+  acme:
+    config:
+      - domains:
+          - cd.apps.argoproj.io
+        http01:
+          ingress: http01
+  commonName: cd.apps.argoproj.io
+  dnsNames:
+    - cd.apps.argoproj.io
+  issuerRef:
+    kind: Issuer
+    name: argo-cd-issuer
+  secretName: test-secret
+status:
+  conditions:
+    - lastTransitionTime: '2021-09-15T02:10:00Z'
+      message: Issuing certificate as Secret does not exist
+      reason: DoesNotExist
+      status: 'False'
+      type: Ready
+    - lastTransitionTime: '2021-09-15T02:10:00Z'
+      message: Issuing certificate as Secret does not exist
+      reason: DoesNotExist
+      status: 'True'
+      type: Issuing