From 82fa2805671c466af6161ef41848db9fdffdd985 Mon Sep 17 00:00:00 2001
From: rlieberman-splunk <rlieberman@splunk.com>
Date: Thu, 30 Jan 2025 13:58:02 -0600
Subject: [PATCH] Ignore secret checks in the indexercluster when the pod is
 not yet created

---
 pkg/splunk/enterprise/indexercluster.go      | 14 ++++++++++++--
 pkg/splunk/enterprise/indexercluster_test.go | 14 ++++++++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/pkg/splunk/enterprise/indexercluster.go b/pkg/splunk/enterprise/indexercluster.go
index 39ba7cca3..b69b9e8aa 100644
--- a/pkg/splunk/enterprise/indexercluster.go
+++ b/pkg/splunk/enterprise/indexercluster.go
@@ -653,17 +653,27 @@ func ApplyIdxcSecret(ctx context.Context, mgr *indexerClusterPodManager, replica
 		// Get Indexer's name
 		indexerPodName := GetSplunkStatefulsetPodName(SplunkIndexer, mgr.cr.GetName(), i)
 
+		// Check if pod exists before updating secrets
+		pod := &corev1.Pod{}
+		namespacedName := types.NamespacedName{Namespace: mgr.cr.GetNamespace(), Name: indexerPodName}
+		scopedLog.Info("Check if pod is created before updating its secrets")
+		err := mgr.c.Get(ctx, namespacedName, pod)
+		if err != nil {
+			mgr.log.Info("Peer doesn't exists", "peerName", indexerPodName)
+			continue
+		}
+
 		// Retrieve secret from pod
 		podSecret, err := splutil.GetSecretFromPod(ctx, mgr.c, indexerPodName, mgr.cr.GetNamespace())
 		if err != nil {
-			return fmt.Errorf(fmt.Sprintf(splcommon.PodSecretNotFoundError, indexerPodName))
+			return fmt.Errorf(splcommon.PodSecretNotFoundError, indexerPodName)
 		}
 
 		// Retrieve idxc_secret token
 		if indIdxcSecretByte, ok := podSecret.Data[splcommon.IdxcSecret]; ok {
 			indIdxcSecret = string(indIdxcSecretByte)
 		} else {
-			return fmt.Errorf(fmt.Sprintf(splcommon.SecretTokenNotRetrievable, splcommon.IdxcSecret))
+			return fmt.Errorf(splcommon.SecretTokenNotRetrievable, splcommon.IdxcSecret)
 		}
 
 		// If idxc secret is different from namespace scoped secret change it
diff --git a/pkg/splunk/enterprise/indexercluster_test.go b/pkg/splunk/enterprise/indexercluster_test.go
index 80d1269b3..fb7e37667 100644
--- a/pkg/splunk/enterprise/indexercluster_test.go
+++ b/pkg/splunk/enterprise/indexercluster_test.go
@@ -1262,6 +1262,20 @@ func TestApplyIdxcSecret(t *testing.T) {
 	if err.Error() != fmt.Sprintf(splcommon.PodSecretNotFoundError, podName) {
 		t.Errorf("Couldn't recognize missing secret from Pod, error: %s", err.Error())
 	}
+
+	// Test the secret update is skipped when the pod is not existing
+	err = splutil.UpdateResource(ctx, c, secrets)
+	if err != nil {
+		t.Errorf("Couldn't update resource %v, err: %v", secrets, err)
+	}
+	err = splutil.DeleteResource(ctx, c, pod)
+	if err != nil {
+		t.Errorf("Couldn't update resource %v, err: %v", pod, err)
+	}
+	err = ApplyIdxcSecret(ctx, mgr, 1, mockPodExecClient)
+	if err != nil {
+		t.Errorf("Couldn't recognize missing idxc secret %s", err.Error())
+	}
 }
 
 func TestInvalidIndexerClusterSpec(t *testing.T) {