func()

in reconcilers/reconciler.go [356:394]

• 33 lines of code
• 7 McCabe index (conditional complexity)

func (r *webhookTlsManagerReconciler) reconcileOnce(ctx context.Context) *error {
	logger := log.MustGetLogger(ctx)

	goal, cerr := r.webhookTlsManagerGoalResolver.Resolve(ctx)
	if cerr != nil {
		logger.Errorf(ctx, "Resolve webhook goal failed. error: %s", *cerr)
		return cerr
	}

	if !goal.IsWebhookTlsManagerEnabled {
		cerr = cleanupSecretAndWebhook(ctx, r.kubeClient)
		if cerr != nil {
			logger.Errorf(ctx, "cleanupSecretAndWebhook error: %s", *cerr)
			return cerr
		}
		logger.Info(ctx, "WebhookTlsManager is disabled. cleanup succeed.")
		return nil
	}

	// Rotate certificates.
	if goal.CertData != nil {
		metrics.RotateCertificateMetric.Set(1)
		cerr = createOrUpdateSecret(ctx, r.kubeClient, *goal.CertData)
		if cerr != nil {
			logger.Errorf(ctx, "createOrUpdateSecret failed. error: %s", *cerr)
			return cerr
		}
	} else {
		metrics.RotateCertificateMetric.Set(0)
	}

	cerr = createOrUpdateWebhook(ctx, r.kubeClient, goal.IsKubeSystemNamespaceBlocked)
	if cerr != nil {
		logger.Errorf(ctx, "createOrUpdateWebhook failed. error: %s", *cerr)
		return cerr
	}

	return nil
}