fix: missing status update in KMP controller

[duffney]

Description

What this PR does / why we need it:

In this PR the writeKMProviderStatus and helper functions were moved from the refresher back to the controller to ensure status messages get written to the KMP resource.

Which issue(s) this PR fixes (optional, using fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when the PR gets merged):

Fixes #

#1733

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Please also list any relevant details for your test configuration

• Test A
• Test B

Checklist:

• Does the affected code have corresponding tests?
• Do all new files have appropriate license header?

Post Merge Requirements

• MAINTAINERS: manually trigger the "Publish Package" workflow after merging any PR that indicates Helm Chart Change

[codecov]

Codecov Report

Attention: Patch coverage is 95.50000% with 9 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
pkg/keymanagementprovider/mocks/client.go	55.55%	7 Missing and 1 partial ⚠️
pkg/keymanagementprovider/mocks/types.go	85.71%	1 Missing ⚠️

Files with missing lines	Coverage Δ
...lusterresource/keymanagementprovider_controller.go	94.11% <100.00%> (+25.93%)	⬆️
...espaceresource/keymanagementprovider_controller.go	94.04% <100.00%> (+34.95%)	⬆️
pkg/keymanagementprovider/mocks/factory.go	100.00% <100.00%> (ø)
pkg/keymanagementprovider/refresh/factory.go	100.00% <100.00%> (+11.76%)	⬆️
pkg/keymanagementprovider/refresh/kubeRefresh.go	100.00% <100.00%> (+18.18%)	⬆️
pkg/keymanagementprovider/mocks/types.go	91.66% <85.71%> (-8.34%)	⬇️
pkg/keymanagementprovider/mocks/client.go	55.55% <55.55%> (-44.45%)	⬇️

... and 20 files with indirect coverage changes

[binbin-li]

nit: we can remove line 122 and pass true directly, same to emptyErrorString

[binbin-li]

we can define a struct instead of creating a map.

[duffney]

That would make things a bit easier. Great suggestion, I'll start working on converting the map to a struct.

[duffney]

@binbin-li I've got some questions on how we could use a struct instead of a map and support other refresher types without pulling in refresher specific values into the controller logic. Or even if that's a necessary concern. I'll bring it up at the next community meeting. :)

[susanshi]

discussed in community meeting, see example at

ratify/httpserver/types.go

Line 36 in 7519519

type VerificationResponse struct {

[binbin-li]

nit: I would rename it to refresherType since we have another providerType

[binbin-li]

Usually we need to check exist first and then do type assertion to avoid panic. But if we make config a struct instead of map, we could fetch it via config.Provider.

[junczhu]

QQ: Shall we use resource := req.Name here

[duffney]

Excellent catch, you have a keen eye @junczhu! Yes := should be used here.

[binbin-li]

actually we made some updates to the briefErr construction recently, could you help update it following the new pattern: https://github.com/ratify-project/ratify/blob/dev/pkg/controllers/clusterresource/policy_controller.go#L121

thanks!

[duffney]

Done. :) I think I implemented it correctly.

[binbin-li]

wonder if it's the latest commit, we can set briefErr by:
keyManagementProvider.Status.BriefError = err.GetConciseError(constants.MaxBriefErrLength)

[binbin-li]

nit: could add some comments to Exported struct and fields

[binbin-li]

wonder if it's the latest commit, we can set briefErr by:
keyManagementProvider.Status.BriefError = err.GetConciseError(constants.MaxBriefErrLength)

[binbin-li]

probably we also need to set KMP errors since keys/certs are not fetched yet.

		kmp.SetCertificateError(resource, kmpErr)
		kmp.SetKeyError(resource, kmpErr)

[binbin-li]

@duffney PR lgtm, could you update commits to be verified so that we can merge it?