Fix 154: adding a finalizer to the tunnel's associated secret

[cyclingwithelephants]

fixes https://github.com/adyanth/cloudflare-operator/issues/154

I just wanted to confirm that r.GetTunnel().GetNamespace() for the ClusterTunnel resource is expected to return the cloudflare-operator's namespace? I've tested this working, just wanted to make sure this was built on expected behaviour and wasn't a fluke

[cyclingwithelephants]

Looks like coverage reports are not available from forks

[adyanth]

To answer your question, yes the namespace for the cluster tunnel is the operator namespace.

[cyclingwithelephants]

Haven't tested yet, but please let me know if you're otherwise happy with the changes

[cyclingwithelephants]

this is functionally working, but I've noticed that the controller is producing errors on deletion. This wasn't happening when using the concrete implementation for the secret. What's strange is that this Reconciler error (the last error in the logs) loops maybe 15 times and it looks like it's happening after the tunnel is actually deleted from etcd. Any idea what's going on here?

2025-05-08T23:35:54+01:00	INFO	starting deletion cycle	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "2a666e68-bfb5-43e7-bdb2-d4bcc8da318d"}
2025-05-08T23:35:54+01:00	INFO	Scaling down cloudflared	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "2a666e68-bfb5-43e7-bdb2-d4bcc8da318d"}
2025-05-08T23:35:54+01:00	DEBUG	events	Starting Tunnel Deletion	{"type": "Normal", "object": {"kind":"Tunnel","namespace":"default","name":"adamrummer-com","uid":"c20c36ca-7fa3-408f-9e60-b679c7085b02","apiVersion":"networking.cfargotunnel.com/v1alpha2","resourceVersion":"2001"}, "reason": "Deleting"}
2025-05-08T23:35:54+01:00	DEBUG	events	Scaling down cloudflared	{"type": "Normal", "object": {"kind":"Tunnel","namespace":"default","name":"adamrummer-com","uid":"c20c36ca-7fa3-408f-9e60-b679c7085b02","apiVersion":"networking.cfargotunnel.com/v1alpha2","resourceVersion":"2001"}, "reason": "Scaling"}
2025-05-08T23:35:54+01:00	INFO	Scaling down successful	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "2a666e68-bfb5-43e7-bdb2-d4bcc8da318d"}
2025-05-08T23:35:54+01:00	DEBUG	events	Scaling down cloudflared successful	{"type": "Normal", "object": {"kind":"Tunnel","namespace":"default","name":"adamrummer-com","uid":"c20c36ca-7fa3-408f-9e60-b679c7085b02","apiVersion":"networking.cfargotunnel.com/v1alpha2","resourceVersion":"2001"}, "reason": "Scaled"}
2025-05-08T23:35:54+01:00	INFO	starting deletion cycle	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "e7e01bed-c04d-48d9-bde0-53744e6ce628"}
2025-05-08T23:35:54+01:00	INFO	In validation	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "e7e01bed-c04d-48d9-bde0-53744e6ce628"}
2025-05-08T23:35:54+01:00	DEBUG	events	Starting Tunnel Deletion	{"type": "Normal", "object": {"kind":"Tunnel","namespace":"default","name":"adamrummer-com","uid":"c20c36ca-7fa3-408f-9e60-b679c7085b02","apiVersion":"networking.cfargotunnel.com/v1alpha2","resourceVersion":"2001"}, "reason": "Deleting"}
2025-05-08T23:35:54+01:00	INFO	no TXT records returned for fqdn	{"controller": "tunnelbinding", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "TunnelBinding", "TunnelBinding": {"name":"ingress-nginx","namespace":"default"}, "namespace": "default", "name": "ingress-nginx", "reconcileID": "72ca0583-cfc1-4a8c-aec0-c39310e4d300", "fqdn": "*.adamrummer.com"}
2025-05-08T23:35:55+01:00	INFO	no records returned for fqdn	{"controller": "tunnelbinding", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "TunnelBinding", "TunnelBinding": {"name":"ingress-nginx","namespace":"default"}, "namespace": "default", "name": "ingress-nginx", "reconcileID": "72ca0583-cfc1-4a8c-aec0-c39310e4d300", "fqdn": "*.adamrummer.com"}
2025-05-08T23:35:55+01:00	ERROR	Error fetching DNS record	{"controller": "tunnelbinding", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "TunnelBinding", "TunnelBinding": {"name":"ingress-nginx","namespace":"default"}, "namespace": "default", "name": "ingress-nginx", "reconcileID": "72ca0583-cfc1-4a8c-aec0-c39310e4d300", "Hostname": "*.adamrummer.com", "error": "no records returned"}
github.com/adyanth/cloudflare-operator/internal/controller.(*TunnelBindingReconciler).deleteDNSLogic
	/Users/adam/code/github.com/adyanth/cloudflare-operator/internal/controller/tunnelbinding_controller.go:370
github.com/adyanth/cloudflare-operator/internal/controller.(*TunnelBindingReconciler).deletionLogic
	/Users/adam/code/github.com/adyanth/cloudflare-operator/internal/controller/tunnelbinding_controller.go:230
github.com/adyanth/cloudflare-operator/internal/controller.(*TunnelBindingReconciler).Reconcile
	/Users/adam/code/github.com/adyanth/cloudflare-operator/internal/controller/tunnelbinding_controller.go:174
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Reconcile
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:119
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:334
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:294
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:255
2025-05-08T23:35:55+01:00	DEBUG	events	Error fetching DNS record	{"type": "Warning", "object": {"kind":"TunnelBinding","namespace":"default","name":"ingress-nginx","uid":"512c1f11-02dc-427c-a94e-20d2384bc8ad","apiVersion":"networking.cfargotunnel.com/v1alpha1","resourceVersion":"2002"}, "reason": "FailedDeletingDns"}
2025-05-08T23:35:55+01:00	DEBUG	events	Finalizer removed	{"type": "Normal", "object": {"kind":"TunnelBinding","namespace":"default","name":"ingress-nginx","uid":"512c1f11-02dc-427c-a94e-20d2384bc8ad","apiVersion":"networking.cfargotunnel.com/v1alpha1","resourceVersion":"2002"}, "reason": "FinalizerUnset"}
2025-05-08T23:35:55+01:00	INFO	TunnelBinding deleted, nothing to do	{"controller": "tunnelbinding", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "TunnelBinding", "TunnelBinding": {"name":"ingress-nginx","namespace":"default"}, "namespace": "default", "name": "ingress-nginx", "reconcileID": "ffaf97d1-676c-4680-8371-8fe4fc58d0bd"}
2025-05-08T23:35:56+01:00	INFO	Tunnel deleted	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "e7e01bed-c04d-48d9-bde0-53744e6ce628", "tunnelID": "8447f5e8-161d-407e-a721-5eda624d3600"}
2025-05-08T23:35:56+01:00	DEBUG	events	Tunnel deletion successful	{"type": "Normal", "object": {"kind":"Tunnel","namespace":"default","name":"adamrummer-com","uid":"c20c36ca-7fa3-408f-9e60-b679c7085b02","apiVersion":"networking.cfargotunnel.com/v1alpha2","resourceVersion":"2001"}, "reason": "Deleted"}
2025-05-08T23:35:56+01:00	DEBUG	events	Tunnel Finalizer removed	{"type": "Normal", "object": {"kind":"Tunnel","namespace":"default","name":"adamrummer-com","uid":"c20c36ca-7fa3-408f-9e60-b679c7085b02","apiVersion":"networking.cfargotunnel.com/v1alpha2","resourceVersion":"2001"}, "reason": "FinalizerUnset"}
2025-05-08T23:35:56+01:00	ERROR	Reconciler error	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "e7e01bed-c04d-48d9-bde0-53744e6ce628", "error": "Operation cannot be fulfilled on tunnels.networking.cfargotunnel.com \"adamrummer-com\": StorageError: invalid object, Code: 4, Key: /registry/networking.cfargotunnel.com/tunnels/default/adamrummer-com, ResourceVersion: 0, AdditionalErrorMsg: Precondition failed: UID in precondition: c20c36ca-7fa3-408f-9e60-b679c7085b02, UID in object meta: "}
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:347
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:294
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:255
2025-05-08T23:35:56+01:00	INFO	removing finalizer	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "3ab2e802-ae85-479d-ace1-43a7a949458d", "finalizer": "cfargotunnel.com/finalizer", "object": "default/cloudflare-secrets"}
2025-05-08T23:35:56+01:00	ERROR	Reconciler error	{"controller": "tunnel", "controllerGroup": "networking.cfargotunnel.com", "controllerKind": "Tunnel", "Tunnel": {"name":"adamrummer-com","namespace":"default"}, "namespace": "default", "name": "adamrummer-com", "reconcileID": "7e29d1a4-44ed-4ed7-9c05-6def336a799f", "error": "Secret \"cloudflare-secrets\" not found"}
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:347
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:294
sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.2
	/Users/adam/.cache/go/pkg/mod/sigs.k8s.io/[email protected]/pkg/internal/controller/controller.go:255