Uploaded image for project: 'OpenShift API for Data Protection'
  1. OpenShift API for Data Protection
  2. OADP-4833

oadp-1.4 DPA reconcile successfully on wrong VSL secret key name

XMLWordPrintable

    • Quality / Stability / Reliability
    • 3
    • False
    • Hide

      None

      Show
      None
    • False
    • oadp-operator-bundle-container-1.4.7-NN
    • ToDo
    • 0
    • Very Likely
    • 0
    • None
    • Unset
    • Unknown
    • No

      Description of problem:

      The DPA reconcile successfully on wrong VSL secret key name.

      Version-Release number of selected component (if applicable):

      1.3.0 - 137

      How reproducible:

      Always

      Steps to Reproduce:
      1. Create VSL secret with custom key name.

      oc create secret generic cloud-credentials-test --from-file=cloudtest=credentials -n openshift-adp

      2. Install DPA with different VSL secret key name.

      $ oc get dpa -o yaml
apiVersion: v1
items:
- apiVersion: oadp.openshift.io/v1alpha1
  kind: DataProtectionApplication
  metadata:
    creationTimestamp: "2023-11-07T06:38:13Z"
    generation: 1
    name: ts-dpa
    namespace: openshift-adp
    resourceVersion: "47373"
    uid: 6f3d7503-9ddd-46b4-9965-0e3a343eec1b
  spec:
    backupLocations:
    - velero:
        credential:
          key: cloudtest
          name: cloud-credentials-test
        default: true
        objectStorage:
          bucket: oadpbucket245071
          prefix: velero
        provider: gcp
    configuration:
      nodeAgent:
        enable: true
        uploaderType: kopia
      velero:
        defaultPlugins:
        - openshift
        - csi
        - gcp
    snapshotLocations:
    - velero:
        credential:
          key: cloud
          name: cloud-credentials-test
        provider: gcp
  status:
    conditions:
    - lastTransitionTime: "2023-11-07T06:38:13Z"
      message: Reconcile complete
      reason: Complete
      status: "True"
      type: Reconciled
kind: List

      Backup Fails:

      $ oc get backup mytest3 -o yaml
apiVersion: velero.io/v1
kind: Backup
metadata:
  annotations:
    velero.io/resource-timeout: 10m0s
    velero.io/source-cluster-k8s-gitversion: v1.26.9+636f2be
    velero.io/source-cluster-k8s-major-version: "1"
    velero.io/source-cluster-k8s-minor-version: "26"
  creationTimestamp: "2023-11-07T06:41:57Z"
  generation: 2
  labels:
    velero.io/storage-location: ts-dpa-1
  name: mytest3
  namespace: openshift-adp
  resourceVersion: "48835"
  uid: 39fd683c-94a3-486a-8e70-4c9e03d1dfcf
spec:
  csiSnapshotTimeout: 10m0s
  defaultVolumesToFsBackup: false
  includedNamespaces:
  - mysql
  itemOperationTimeout: 4h0m0s
  snapshotMoveData: false
  storageLocation: ts-dpa-1
  ttl: 720h0m0s
status:
  expiration: "2023-12-07T06:41:57Z"
  formatVersion: 1.1.0
  phase: FailedValidation
  validationErrors:
  - 'error adding credentials to volume snapshot location named ts-dpa-1: unable to
    get credentials: unable to get key for secret: "cloud-credentials-test" secret
    is missing data for key "cloud"'
  version: 1

      Actual results:

      Dpa reconciles successfully

      Expected results:

      DPA should not reconcile and validate the secret key.

      Additional info:

              rhn-support-ssingla Sachin Singla
              rhn-support-ssingla Sachin Singla
              Sachin Singla Sachin Singla
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: