K8SPG-698: create serviceaccount before statefulset

[pooknull]

https://perconadev.atlassian.net/browse/K8SPG-698

DESCRIPTION

Problem:
The cluster1-repo-host StatefulSet is created before its corresponding ServiceAccount cluster1-pgbackrest exists. This can cause failures in certain environments.

Solution:
Create ServiceAccount before the StatefulSet.

CHECKLIST

Jira

• Is the Jira ticket created and referenced properly?
• Does the Jira ticket have the proper statuses for documentation (Needs Doc) and QA (Needs QA)?
• Does the Jira ticket link to the proper milestone (Fix Version field)?

Tests

• Is an E2E test/test case added for the new feature/change?
• Are unit tests added where appropriate?

Config/Logging/Testability

• Are all needed new/changed options added to default YAML files?
• Are all needed new/changed options added to the Helm Chart?
• Did we add proper logging messages for operator actions?
• Did we ensure compatibility with the previous version or cluster upgrade process?
• Does the change support oldest and newest supported PG version?
• Does the change support oldest and newest supported Kubernetes version?

[hors]

can we removed comments

[pooknull]

f1f4ce3

[gkech]

Since checkObject(...) returns an error and when used we do this

	if err := sc.checkObject(ctx, obj); err != nil {
		panic(err) // should panic because reconciler can ignore the error
	}

I think this check can return an error and let the caller panic it. WDYT?

[pooknull]

f1f4ce3

[gkech]

Do we need these? Seems that they are not used in the test.

[pooknull]

The Crunchy code uses a patch request to create the ServiceAccount instead of a create request:

percona-postgresql-operator/internal/controller/postgrescluster/apply.go

Lines 23 to 48 in 5dcd0e0

	func (r *Reconciler) apply(ctx context.Context, object client.Object) error {
	// Generate an apply-patch by comparing the object to its zero value.
	zero := reflect.New(reflect.TypeOf(object).Elem()).Interface()
	data, err := client.MergeFrom(zero.(client.Object)).Data(object)
	apply := client.RawPatch(client.Apply.Type(), data)
	// Keep a copy of the object before any API calls.
	intent := object.DeepCopyObject()
	patch := kubeapi.NewJSONPatch()
	// Send the apply-patch with force=true.
	if err == nil {
	err = r.patch(ctx, object, apply, client.ForceOwnership)
	}
	// Some fields cannot be server-side applied correctly. When their outcome
	// does not match the intent, send a json-patch to get really specific.
	switch actual := object.(type) {
	case *corev1.Service:
	applyServiceSpec(patch, actual.Spec, intent.(*corev1.Service).Spec, "spec")
	}
	// Send the json-patch when necessary.
	if err == nil && !patch.IsEmpty() {
	err = r.patch(ctx, object, patch)
	}

I will remove the update part

[pooknull]

da937df

[gkech]

seems ok, let's check the golangci and the envtests why they are failing and then we can approve.

[JNKPercona]

Test name	Status
backup-enable-disable	passed
custom-extensions	passed
custom-tls	passed
demand-backup	passed
finalizers	passed
init-deploy	passed
monitoring	passed
monitoring-pmm3	passed
one-pod	passed
operator-self-healing	passed
pitr	passed
scaling	passed
scheduled-backup	passed
self-healing	passed
sidecars	passed
start-from-backup	passed
tablespaces	passed
telemetry-transfer	passed
upgrade-consistency	passed
upgrade-minor	passed
users	passed
We run 21 out of 21

commit: f24206a
image: perconalab/percona-postgresql-operator:PR-1125-f24206a27