Error on missing tenant secrets (#34)

Signed-off-by: Saswata Mukherjee <[email protected]>

Author: saswatamcode

pkg/syncer/obsctlsyncer.go

@@ -126,6 +126,7 @@ func AutoDetectTenantSecrets(
 
 	// Filter secrets for configured tenants.
 	configuredTenants := strings.Split(managedTenants, ",")
+	missingSecretTenants := strings.Split(managedTenants, ",")
 	for i := range secret.Items {
 		lbls := secret.Items[i].Labels
 
@@ -136,6 +137,9 @@ func AutoDetectTenantSecrets(
 		// If tenant is not configured, skip.
 		if !slices.Contains(configuredTenants, lbls["tenant"]) {
 			continue
+		} else {
+			s, _ := slices.BinarySearch(missingSecretTenants, lbls["tenant"])
+			missingSecretTenants = slices.Delete(missingSecretTenants, s, s+1)
 		}
 
 		if secret.Items[i].Data == nil {
@@ -171,6 +175,10 @@ func AutoDetectTenantSecrets(
 		tenantSecret[lbls["tenant"]] = tOIDC
 	}
 
+	if len(missingSecretTenants) != 0 {
+		return tenantSecret, errors.Newf("missing secrets for tenants: %v", missingSecretTenants)
+	}
+
 	return tenantSecret, nil
 }
 
@@ -201,7 +209,9 @@ func (o *ObsctlRulesSyncer) InitOrReloadObsctlConfig() error {
 	tenantSecrets, err := o.autoDetectSecretsFn(o.ctx, o.k8s, o.namespace, o.audience, o.issuerURL, o.managedTenants)
 	if err != nil {
 		level.Error(o.logger).Log("msg", "auto detecting tenant secrets", "error", err)
-		return errors.Wrap(err, "auto detecting tenant secrets")
+		if len(tenantSecrets) == 0 {
+			return errors.Wrap(err, "no tenant secrets auto-detected")
+		}
 	}
 
 	// Add all managed tenants under the API.