fix: ignore NoSecretErr in generator state (#4422)

pkg/controllers/externalsecret/externalsecret_controller_secret.go

@@ -51,7 +51,11 @@ func (r *Reconciler) getProviderSecretData(ctx context.Context, externalSecret *
 	// and if one fails we need to rollback all generated values from this iteration.
 	genState := statemanager.New(ctx, r.Client, r.Scheme, externalSecret.Namespace, externalSecret)
 	defer func() {
-		if err != nil {
+		// NoSecretErr does not make sense for the generator state.
+		// A generator is expected to always generate a secret.
+		// If it doesn't, it should return an error.
+		// If the error is NoSecretErr, we should commit the generator state.
+		if err != nil && !errors.Is(err, esv1beta1.NoSecretErr) {
 			if rollBackErr := genState.Rollback(); rollBackErr != nil {
 				r.Log.Error(rollBackErr, "error rolling back generator state")
 			}

pkg/generator/statemanager/statemanager.go

@@ -77,6 +77,9 @@ func New(ctx context.Context, client client.Client, scheme *runtime.Scheme, name
 func (m *Manager) Rollback() error {
 	var errs []error
 	for _, item := range m.queue {
+		if item.Rollback == nil {
+			continue
+		}
 		if err := item.Rollback(); err != nil {
 			errs = append(errs, err)
 		}
@@ -88,6 +91,9 @@ func (m *Manager) Rollback() error {
 func (m *Manager) Commit() error {
 	var errs []error
 	for _, item := range m.queue {
+		if item.Commit == nil {
+			continue
+		}
 		if err := item.Commit(); err != nil {
 			errs = append(errs, err)
 		}