From fac2ec1c4cd1948438988e88d272a99eeadd7466 Mon Sep 17 00:00:00 2001
From: mprahl <mprahl@users.noreply.github.com>
Date: Fri, 15 Sep 2023 11:22:44 -0400
Subject: [PATCH] Adjust the error to check for the ConstraintTemplate CRD
 missing

After updating to controller-runtime 0.15, it seems that a different
error is returned when a CRD is missing, so it caused an API server hit
every time the policy template sync controller reconciled. This uses the
new error.

Relates:
https://github.com/stolostron/backlog/issues/27375

Signed-off-by: mprahl <mprahl@users.noreply.github.com>
---
 controllers/templatesync/template_sync.go | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/controllers/templatesync/template_sync.go b/controllers/templatesync/template_sync.go
index 48986aea..1fca738b 100644
--- a/controllers/templatesync/template_sync.go
+++ b/controllers/templatesync/template_sync.go
@@ -21,7 +21,6 @@ import (
 	extensionsv1beta1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1beta1"
 	"k8s.io/apimachinery/pkg/api/equality"
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/api/meta"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/labels"
@@ -49,7 +48,10 @@ const (
 	ControllerName string = "policy-template-sync"
 )
 
-var log = ctrl.Log.WithName(ControllerName)
+var (
+	log                     = ctrl.Log.WithName(ControllerName)
+	errGroupDiscoveryFailed *discovery.ErrGroupDiscoveryFailed
+)
 
 //+kubebuilder:rbac:groups=policy.open-cluster-management.io,resources=*,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=templates.gatekeeper.sh,resources=constrainttemplates,verbs=get;list;watch;create;update;patch;delete
@@ -995,7 +997,7 @@ func (r *PolicyReconciler) cleanUpExcessTemplates(
 					namespaced: false,
 				})
 			}
-		} else if meta.IsNoMatchError(err) {
+		} else if errors.As(err, &errGroupDiscoveryFailed) {
 			// If there's no v1 ConstraintTemplate, try the v1beta1 version
 			gkConstraintTemplateListv1beta1 := gktemplatesv1beta1.ConstraintTemplateList{}
 			err := r.List(ctx, &gkConstraintTemplateListv1beta1, &client.ListOptions{})
@@ -1026,7 +1028,7 @@ func (r *PolicyReconciler) cleanUpExcessTemplates(
 					})
 				}
 				// Log and ignore other errors to allow cleanup to continue since Gatekeeper may not be installed
-			} else if meta.IsNoMatchError(err) {
+			} else if errors.As(err, &errGroupDiscoveryFailed) {
 				reqLogger.Info("The ConstraintTemplate CRD is not installed")
 				r.setCreatedGkConstraint(false)
 			} else {
@@ -1059,7 +1061,7 @@ func (r *PolicyReconciler) cleanUpExcessTemplates(
 				})
 			}
 		}
-	} else if meta.IsNoMatchError(err) {
+	} else if errors.As(err, &errGroupDiscoveryFailed) {
 		crdsv1beta1 := extensionsv1beta1.CustomResourceDefinitionList{}
 		err := r.List(ctx, &crdsv1beta1, &crdQuery)
 		if err != nil {
@@ -1427,7 +1429,7 @@ func (r *PolicyReconciler) hasPolicyTemplateLabel(
 	err := r.Get(ctx, crdName, &crd)
 	if err == nil {
 		return crd.GetLabels()[utils.PolicyTypeLabel] == "template", nil
-	} else if meta.IsNoMatchError(err) {
+	} else if errors.As(err, &errGroupDiscoveryFailed) {
 		betaCrd := extensionsv1beta1.CustomResourceDefinition{}
 
 		err = r.Get(ctx, crdName, &betaCrd)