-
Sub-task
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
None
-
4
-
False
-
-
False
-
ToDo
-
0
-
0.000
-
Very Likely
-
0
-
None
-
Unset
-
Unknown
Currently, since the user is responsible for creating the `cloud-credentials` secret for backup storage credentials, there is no OADP specific labels or owner references on the secret. Because of this, the operator does not reconcile on updates to that secret.
This means a user can create a cloud-credentials secret with bad credentials, the operator will reconcile and create BSLs + registry deployment with bad credentials... then when the user fixes the secret with good credentials, the operator won't immediately reconcile to catch the new creds.
There are a few ways I could see to fix this... one is for the operator to intelligently label/add owner refs to credential secrets in it's namespace. The downside to this is it's hacky and would require a constant naming scheme or something
Another way to fix this is to fix our watches in the operator to reconcile on all secret updates in the current namespace. The only downside is this could lead to extra reconciles than needed but that's an okay tradeoff.