chore(certificate): handle missing cases statuses

flanksource · Jan 16, 2025 · 199a4e3 · 199a4e3
1 parent 682929c
commit 199a4e3
Showing 1 changed file with 27 additions and 0 deletions.
diff --git a/pkg/health/health_cert_manager.go b/pkg/health/health_cert_manager.go
@@ -201,6 +201,33 @@ func GetCertificateHealth(obj *unstructured.Unstructured) (*HealthStatus, error)
 			}
 
 			return hs, nil
+
+		default:
+			missingCases := map[string]string{
+				DoesNotExist:                    "Certificate secret does not exist",
+				MissingData:                     "Certificate secret has missing data",
+				InvalidKeyPair:                  "Public key of certificate does not match private key",
+				InvalidCertificate:              "Signed certificate could not be parsed or decoded",
+				InvalidCertificateRequest:       "CSR could not be parsed or decoded",
+				SecretMismatch:                  "Secret's private key does not match spec",
+				IncorrectIssuer:                 "Certificate has been issued by incorrect Issuer",
+				IncorrectCertificate:            "Certificate's secretName already has an annotation with another Certificate",
+				Expired:                         "Certificate has expired",
+				SecretTemplateMismatch:          "SecretTemplate is not reflected on the target Secret",
+				SecretManagedMetadataMismatch:   "Secret is missing labels that should have been added by cert-manager",
+				AdditionalOutputFormatsMismatch: "Certificate's AdditionalOutputFormats are not reflected on the target Secret",
+				ManagedFieldsParseError:         "cert-manager was unable to decode the managed fields on a resource",
+				SecretOwnerRefMismatch:          "Secret has an incorrect owner reference",
+			}
+
+			if msg, exists := missingCases[string(c.Type)]; exists {
+				return &HealthStatus{
+					Health:  HealthUnhealthy,
+					Status:  HealthStatusCode(c.Type),
+					Message: msg,
+					Ready:   true,
+				}, nil
+			}
 		}
 	}