Surface IsNotFound error in GetPreRotationTime

[aabchoo]

Description:

GetPreRotationTime should surface apierrors.IsNotFound instead of swallowing the error. Callers of the function should be in charge of handling the error.

ai-gateway/internal/controller/rotators/aws_oidc_rotator.go

Lines 106 to 107 in 9efcd32

	if apierrors.IsNotFound(err) {
	return time.Time{}, nil

Context:

For OIDC backendSecurityPolicies, the controller is in charge of storing the temporary credentials to access the provider (AWS is only currently supported). The controller does this by storing the credentials (obtained from STS in AWS) in a Kubernetes secret. The secret will be created by the controller if it was previously deleted OR if a new BackendSecurityPolicy was created (or policy was updated to use OIDC).

[optional Relevant Links:]

Any extra documentation required to understand the issue.

This line will need to check if err is NotFound, and if so, rotate credentials.
https://github.com/envoyproxy/ai-gateway/blob/main/internal/controller/backend_security_policy.go#L97

[mathetake]

could you add a note about when that happens? trying to rotate a non-existent secret sounds weird to me, so providing more context will be helpful!

[aabchoo]

Updated! Let me know if I should add more context 😄

[mathetake]

looks good and agree it's a good first issue

[teaglebuilt]

It looks like this has been completed. Can this be closed?

[mathetake]

how this has been completed? not sure

[teaglebuilt]

@mathetake must have been an oversight. Can you assign this to me? I am already using this and would like to find a couple things to contribute to. Starting here.

[mathetake]

sure, feel free to raise a PR