From 9d85d60e65c14dde2953cac2e20ca9175e5c3f8c Mon Sep 17 00:00:00 2001
From: Yuki Iwai <yuki.iwai.tz@gmail.com>
Date: Tue, 15 Aug 2023 23:02:38 +0900
Subject: [PATCH] Output logs every 15 seconds if the certs don't yet exist in
 the container

Signed-off-by: Yuki Iwai <yuki.iwai.tz@gmail.com>
---
 pkg/certgenerator/v1beta1/generator.go      | 37 +++++++++++++++------
 pkg/certgenerator/v1beta1/generator_test.go |  4 ++-
 2 files changed, 29 insertions(+), 12 deletions(-)

diff --git a/pkg/certgenerator/v1beta1/generator.go b/pkg/certgenerator/v1beta1/generator.go
index c688ef55594..d506f9a72ba 100644
--- a/pkg/certgenerator/v1beta1/generator.go
+++ b/pkg/certgenerator/v1beta1/generator.go
@@ -77,7 +77,7 @@ func (c *CertGenerator) Start(ctx context.Context) error {
 		Jitter:   1,
 		Steps:    10,
 		Cap:      time.Minute * 5,
-	}, ensureCertMounted); err != nil {
+	}, ensureCertMounted(time.Now())); err != nil {
 		return err
 	}
 	// Sending an empty data to a certsReady means it starts to register controllers to the manager.
@@ -86,17 +86,32 @@ func (c *CertGenerator) Start(ctx context.Context) error {
 }
 
 // ensureCertMounted ensures that the generated certs are mounted inside the container.
-func ensureCertMounted(context.Context) (bool, error) {
-	certFile := filepath.Join(consts.CertDir, serverCertName)
-	if _, err := os.Stat(certFile); err != nil {
-		return false, nil
-	}
-	keyFile := filepath.Join(consts.CertDir, serverKeyName)
-	if _, err := os.Stat(keyFile); err != nil {
-		return false, nil
+func ensureCertMounted(start time.Time) func(context.Context) (bool, error) {
+	return func(ctx context.Context) (bool, error) {
+		now := time.Now()
+		outputLog := false
+		if now.Sub(start) >= 15*time.Second {
+			start = now
+			outputLog = true
+		}
+
+		certFile := filepath.Join(consts.CertDir, serverCertName)
+		if _, err := os.Stat(certFile); err != nil {
+			if outputLog {
+				klog.Infof("Public key file %q doesn't exist in the container yet", certFile)
+			}
+			return false, nil
+		}
+		keyFile := filepath.Join(consts.CertDir, serverKeyName)
+		if _, err := os.Stat(keyFile); err != nil {
+			if outputLog {
+				klog.Infof("Private key file %q doesn't exist in the container yet", keyFile)
+			}
+			return false, nil
+		}
+		klog.Info("Succeeded to be mounted certs inside the container.")
+		return true, nil
 	}
-	klog.Info("Succeeded to be mounted certs inside the container.")
-	return true, nil
 }
 
 func (c *CertGenerator) NeedLeaderElection() bool {
diff --git a/pkg/certgenerator/v1beta1/generator_test.go b/pkg/certgenerator/v1beta1/generator_test.go
index 39c886adb87..5141720177d 100644
--- a/pkg/certgenerator/v1beta1/generator_test.go
+++ b/pkg/certgenerator/v1beta1/generator_test.go
@@ -22,6 +22,7 @@ import (
 	"path/filepath"
 	"strings"
 	"testing"
+	"time"
 
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
@@ -263,7 +264,8 @@ func TestEnsureCertMounted(t *testing.T) {
 					t.Fatalf("Failed to create tls.crt: %v", err)
 				}
 			}
-			got, _ := ensureCertMounted(context.Background())
+			ensureFunc := ensureCertMounted(time.Now())
+			got, _ := ensureFunc(context.Background())
 			if tc.wantExist != got {
 				t.Errorf("Unexpected value from ensureCertMounted: \n(want: %v, got: %v)\n", tc.wantExist, got)
 			}