Uploaded image for project: 'OpenShift API for Data Protection'
  1. OpenShift API for Data Protection
  2. OADP-171 Operator does not reconcile when credentials secret is updated
  3. OADP-915

[IBM QE-P] Verify Bug OADP-171 - Operator does not reconcile when credentials secret is updated

XMLWordPrintable

    • Icon: Sub-task Sub-task
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • None
    • None
    • 4
    • False
    • Hide

      None

      Show
      None
    • False
    • ToDo
    • 0
    • 0.000
    • Very Likely
    • 0
    • None
    • Unset
    • Unknown

      Currently, since the user is responsible for creating the `cloud-credentials` secret for backup storage credentials, there is no OADP specific labels or owner references on the secret. Because of this, the operator does not reconcile on updates to that secret.

      This means a user can create a cloud-credentials secret with bad credentials, the operator will reconcile and create BSLs + registry deployment with bad credentials... then when the user fixes the secret with good credentials, the operator won't immediately reconcile to catch the new creds.

      There are a few ways I could see to fix this... one is for the operator to intelligently label/add owner refs to credential secrets in it's namespace. The downside to this is it's hacky and would require a constant naming scheme or something

      Another way to fix this is to fix our watches in the operator to reconcile on all secret updates in the current namespace. The only downside is this could lead to extra reconciles than needed but that's an okay tradeoff.

              rh-ee-rkedia Rishika Kedia
              mperetz@redhat.com Maya Peretz
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: