Revert "handle "already exists" when certrotation creates secret"

akalenyu · akalenyu · commit b6fe9f061f9a · 2025-02-02T19:27:36.000+02:00
This reverts commit 9acaa19. Signed-off-by: Alex Kalenyuk <akalenyu@redhat.com>
diff --git a/pkg/operator/controller/certrotation.go b/pkg/operator/controller/certrotation.go
@@ -197,28 +197,15 @@ func (cm *certManager) ensureCertConfig(secret *corev1.Secret, certConfig cdicer
 	return secret, nil
 }
 
-func (cm *certManager) createOrGetSecret(namespace, name string) (*corev1.Secret, error) {
+func (cm *certManager) createSecret(namespace, name string) (*corev1.Secret, error) {
 	secret := &corev1.Secret{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: name,
 		},
 		Type: corev1.SecretTypeTLS,
 	}
 
-	secret, err := cm.k8sClient.CoreV1().Secrets(namespace).Create(context.TODO(), secret, metav1.CreateOptions{})
-	if err != nil {
-		if !errors.IsAlreadyExists(err) {
-			return nil, err
-		}
-
-		// skip the cache
-		secret, err = cm.k8sClient.CoreV1().Secrets(namespace).Get(context.TODO(), name, metav1.GetOptions{})
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	return secret, nil
+	return cm.k8sClient.CoreV1().Secrets(namespace).Create(context.TODO(), secret, metav1.CreateOptions{})
 }
 
 func (cm *certManager) ensureSigner(cd cdicerts.CertificateDefinition) (*crypto.CA, error) {
@@ -233,7 +220,7 @@ func (cm *certManager) ensureSigner(cd cdicerts.CertificateDefinition) (*crypto.
 			return nil, err
 		}
 
-		secret, err = cm.createOrGetSecret(cd.SignerSecret.Namespace, cd.SignerSecret.Name)
+		secret, err = cm.createSecret(cd.SignerSecret.Namespace, cd.SignerSecret.Name)
 		if err != nil {
 			return nil, err
 		}
@@ -296,7 +283,7 @@ func (cm *certManager) ensureTarget(cd cdicerts.CertificateDefinition, ca *crypt
 			return err
 		}
 
-		secret, err = cm.createOrGetSecret(cd.TargetSecret.Namespace, cd.TargetSecret.Name)
+		secret, err = cm.createSecret(cd.TargetSecret.Namespace, cd.TargetSecret.Name)
 		if err != nil {
 			return err
 		}
