+ case issuerSpec.URL == "":
+ return fmt.Errorf("spec.url cannot be empty")
+ case issuerSpec.KeyRef.Name == "":
+ return fmt.Errorf("spec.keyRef.name cannot be empty")
+ case issuerSpec.KeyRef.Key == "":
+ return fmt.Errorf("spec.keyRef.key cannot be empty")
+ default:
+ log.Info("CMPv2Issuer validated. ")
+ return nil
+ }
+}
+
+func updateCMPv2IssuerStatusToVerified(statusUpdater *CMPv2IssuerStatusUpdater, ctx context.Context, log logr.Logger) error {
+ log.Info("CMPv2 provisioner created -> updating status to of CMPv2Issuer resource to: Verified")
+ return statusUpdater.Update(ctx, cmpv2api.ConditionTrue, Verified, "CMPv2Issuer verified and ready to sign certificates")
+}
+
+
+// Error handling
+
+func handleErrorUpdatingCMPv2IssuerStatus(log logr.Logger, err error) {
+ log.Error(err, "Failed to update CMPv2Issuer status")
+}
+
+
+func handleErrorLoadingCMPv2Issuer(log logr.Logger, err error) {
+ log.Error(err, "Failed to retrieve CMPv2Issuer resource")
+}
+
+
+func handleErrorProvisionerInitialization(ctx context.Context, log logr.Logger, err error, statusUpdater *CMPv2IssuerStatusUpdater) {
+ log.Error(err, "Failed to initialize provisioner")
+ statusUpdater.UpdateNoError(ctx, cmpv2api.ConditionFalse, Error, "Failed initialize provisioner")
+}
+
+func handleErrorCMPv2IssuerValidation(ctx context.Context, log logr.Logger, err error, statusUpdater *CMPv2IssuerStatusUpdater) {
+ log.Error(err, "Failed to validate CMPv2Issuer resource")
+ statusUpdater.UpdateNoError(ctx, cmpv2api.ConditionFalse, ValidationFailed, "Failed to validate resource: %v", err)
+}
+
+func handleErrorSecretNotFound(ctx context.Context, log logr.Logger, issuer *cmpv2api.CMPv2Issuer, statusUpdater *CMPv2IssuerStatusUpdater, secretNamespaceName types.NamespacedName, secret core.Secret) error {
+ err := fmt.Errorf("secret %s does not contain key %s", secret.Name, issuer.Spec.KeyRef.Key)
+ log.Error(err, "Failed to retrieve CMPv2Issuer provisioner secret", "namespace", secretNamespaceName.Namespace, "name", secretNamespaceName.Name)
+ statusUpdater.UpdateNoError(ctx, cmpv2api.ConditionFalse, NotFound, "Failed to retrieve provisioner secret: %v", err)
+ return err
+}
+
+func handleErrorInvalidSecret(ctx context.Context, log logr.Logger, err error, statusUpdater *CMPv2IssuerStatusUpdater, secretNamespaceName types.NamespacedName) {
+ log.Error(err, "Failed to retrieve CMPv2Issuer provisioner secret", "namespace", secretNamespaceName.Namespace, "name", secretNamespaceName.Name)
+ if apierrors.IsNotFound(err) {
+ statusUpdater.UpdateNoError(ctx, cmpv2api.ConditionFalse, NotFound, "Failed to retrieve provisioner secret: %v", err)
+ } else {
+ statusUpdater.UpdateNoError(ctx, cmpv2api.ConditionFalse, Error, "Failed to retrieve provisioner secret: %v", err)