From 6469171283f492be6413f62b8062316e7eb77fe8 Mon Sep 17 00:00:00 2001
From: Natalia Marukovich <natalia.marukovich@percona.com>
Date: Sun, 18 Aug 2024 19:15:16 +0200
Subject: [PATCH] fix PR comemnts

---
 pkg/controller/ps/tls.go | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/pkg/controller/ps/tls.go b/pkg/controller/ps/tls.go
index 37db9fba9..0b05adf5c 100644
--- a/pkg/controller/ps/tls.go
+++ b/pkg/controller/ps/tls.go
@@ -25,17 +25,21 @@ import (
 func (r *PerconaServerMySQLReconciler) ensureTLSSecret(ctx context.Context, cr *apiv1alpha1.PerconaServerMySQL) error {
 	log := logf.FromContext(ctx)
 
-	secret := &corev1.Secret{}
-	err := r.Client.Get(ctx, types.NamespacedName{
-		Namespace: cr.Namespace,
-		Name:      cr.Spec.SSLSecretName,
-	}, secret)
+	secretObj := corev1.Secret{}
+	errSecret := r.Client.Get(context.TODO(),
+		types.NamespacedName{
+			Namespace: cr.Namespace,
+			Name:      cr.Spec.SSLSecretName,
+		},
+		&secretObj,
+	)
 
-	if cr.Spec.SSLSecretName != "" && err == nil {
+	// don't create secret ssl-internal if secret ssl is not created by operator
+	if errSecret == nil && !metav1.IsControlledBy(&secretObj, cr) {
 		return nil
 	}
 
-	err = r.ensureSSLByCertManager(ctx, cr)
+	err := r.ensureSSLByCertManager(ctx, cr)
 	if err != nil {
 		if cr.Spec.TLS != nil && cr.Spec.TLS.IssuerConf != nil {
 			log.Error(err, fmt.Sprintf("Failed to ensure certificate by cert-manager. Check `.spec.tls.issuerConf` in PerconaServerMySQL %s/%s", cr.Namespace, cr.Name))