From 404e0712db30d0dd68b24fb1a34020f7ea2ba626 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Fri, 3 Feb 2017 17:24:24 -0500 Subject: [PATCH 1/2] check for error getting cert --- controllers/gce/loadbalancers/loadbalancers.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/controllers/gce/loadbalancers/loadbalancers.go b/controllers/gce/loadbalancers/loadbalancers.go index 948718f7f..726d6ff3b 100644 --- a/controllers/gce/loadbalancers/loadbalancers.go +++ b/controllers/gce/loadbalancers/loadbalancers.go @@ -367,7 +367,10 @@ func (l *L7) checkSSLCert() (err error) { if l.sslCert != nil { certName = l.sslCert.Name } - cert, _ := l.cloud.GetSslCertificate(certName) + cert, err := l.cloud.GetSslCertificate(certName) + if err != nil { + return err + } // PrivateKey is write only, so compare certs alone. We're assuming that // no one will change just the key. We can remember the key and compare, From fbdacb2a67c32cd8440fcf709ea8fac8445b6db2 Mon Sep 17 00:00:00 2001 From: Tony Li Date: Fri, 3 Feb 2017 18:23:07 -0500 Subject: [PATCH 2/2] comment on skipping the error check --- controllers/gce/loadbalancers/loadbalancers.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/controllers/gce/loadbalancers/loadbalancers.go b/controllers/gce/loadbalancers/loadbalancers.go index 726d6ff3b..75d9240ab 100644 --- a/controllers/gce/loadbalancers/loadbalancers.go +++ b/controllers/gce/loadbalancers/loadbalancers.go @@ -367,10 +367,10 @@ func (l *L7) checkSSLCert() (err error) { if l.sslCert != nil { certName = l.sslCert.Name } - cert, err := l.cloud.GetSslCertificate(certName) - if err != nil { - return err - } + + // Skip error checking because error-ing out will retry and loop, when we + // should create/update the cert if there is an error or does not exist. + cert, _ := l.cloud.GetSslCertificate(certName) // PrivateKey is write only, so compare certs alone. We're assuming that // no one will change just the key. We can remember the key and compare,