-
Bug
-
Resolution: Done
-
Major
-
OADP 1.2.3
-
3
-
False
-
-
False
-
ToDo
-
-
-
0
-
0.000
-
Very Likely
-
0
-
None
-
Unset
-
Unknown
-
No
Description of problem:
When we patch the cloud-credentials secret with empty data for the key "cloud", DPA does not reconcile and reconciles successfully.
Version-Release number of selected component (if applicable):
OADP 1.2.3
Note: The issue is not visible in OADP 1.3.0
Also, to mention , the issue looks to be reported previously in https://issues.redhat.com/browse/OADP-171 but the ticket is CLOSED as Obsolete. Not sure if it was fixed in 1.2.x anytime before.
How reproducible:
Always
Steps to Reproduce:
1. Create cloud-credentials-gcp with the correct credentials.
2. Create DPA
- apiVersion: oadp.openshift.io/v1alpha1 kind: DataProtectionApplication metadata: creationTimestamp: "2024-01-10T09:02:39Z" generation: 1 name: ts-dpa namespace: openshift-adp resourceVersion: "54723" uid: a6ee76d2-e649-47d7-80a9-6e9a23c0a6d7 spec: backupLocations: - velero: credential: key: cloud name: cloud-credentials-gcp default: true objectStorage: bucket: oadpbucketoadp-67160-mcsrz prefix: velero provider: gcp configuration: restic: enable: true velero: defaultPlugins: - openshift - csi - gcp snapshotLocations: - velero: credential: key: cloud name: cloud-credentials-gcp provider: gcp status: conditions: - lastTransitionTime: "2024-01-10T09:02:39Z" message: Reconcile complete reason: Complete status: "True" type: Reconciled
3. After it reconciles, patch the secret to empty the data for key "cloud"
- oc patch secret cloud-credentials-gcp -n openshift-adp --patch '{"data":{"cloud":""}}'*
Actual results:
DPA remains reconciled successfully
Expected results:
DPA should fail reconcilation.
Additional info:
Secret after patching:
$ oc get secret cloud-credentials-gcp -o yaml
apiVersion: v1 data: cloud: "" wrong_key: "" kind: Secret metadata: creationTimestamp: "2024-01-10T09:02:05Z" labels: openshift-adp.dataprotectionapplication: ts-dpa openshift.io/oadp: "True" name: cloud-credentials-gcp namespace: openshift-adp resourceVersion: "55638" uid: 64e4c28c-c0e3-43b0-bb4b-66cb2163711e type: Opaque
DPA after patch :
// Some comments here public String getFoo() { return foo; }
$ oc get dpa -o yaml
apiVersion: v1 items: - apiVersion: oadp.openshift.io/v1alpha1 kind: DataProtectionApplication metadata: creationTimestamp: "2024-01-10T09:02:39Z" generation: 1 name: ts-dpa namespace: openshift-adp resourceVersion: "106561" uid: a6ee76d2-e649-47d7-80a9-6e9a23c0a6d7 spec: backupLocations: - velero: credential: key: cloud name: cloud-credentials-gcp default: true objectStorage: bucket: oadpbucketoadp-67160-mcsrz prefix: velero provider: gcp configuration: restic: enable: true velero: defaultPlugins: - openshift - csi - gcp snapshotLocations: - velero: credential: key: cloud name: cloud-credentials-gcp provider: gcp status: conditions: - lastTransitionTime: "2024-01-10T11:23:16Z" message: Reconcile complete reason: Complete status: "True" type: Reconciled kind: List metadata: resourceVersion: ""
- links to
(1 links to)