K8SPSMDB-1413 skip setting controller owner on secrets owned by Certificates created by cert-manager #2135
+2,112
−284
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ficates created by cert-manager
gkech
requested review from
egegunes,
hors,
nmarukovich and
pooknull
as code owners
pkg/psmdb/tls/certmanager.go
Outdated
Comment on lines
316
to
320
| // cert-manager sets the Certificate as the controller owner. | ||
| // In that case, the operator should not set a new controller reference. | ||
| if metav1.GetControllerOf(secret) != nil { | ||
| continue | ||
| } |
Member
There was a problem hiding this comment.
We can just check if the error below (when calling SetControllerReference) returns a controllerutil.AlreadyOwnedError{} type using errors.Is
Contributor
Author
There was a problem hiding this comment.
good point, we can switch to that.
) * fix backup/smart-upgrde deadlock Signed-off-by: Mayank Shah <[email protected]> * add comments Signed-off-by: Mayank Shah <[email protected]> * fix unit test Signed-off-by: Mayank Shah <[email protected]> * unit test Signed-off-by: Mayank Shah <[email protected]> * unit tests for conditions Signed-off-by: Mayank Shah <[email protected]> * linting Signed-off-by: Mayank Shah <[email protected]> * remove debug statements Signed-off-by: Mayank Shah <[email protected]> * linting Signed-off-by: Mayank Shah <[email protected]> * Update pkg/controller/perconaservermongodb/status_test.go Co-authored-by: Copilot <[email protected]> * Update pkg/apis/psmdb/v1/psmdb_types.go Co-authored-by: Copilot <[email protected]> * fix test semantics Signed-off-by: Mayank Shah <[email protected]> * wrap error Signed-off-by: Mayank Shah <[email protected]> --------- Signed-off-by: Mayank Shah <[email protected]> Co-authored-by: Copilot <[email protected]> Co-authored-by: Ege Güneş <[email protected]>
* K8SPSMDB-1448: sync user secrets with vault https://perconadev.atlassian.net/browse/K8SPSMDB-1448 * use `github.com/pkg/errors` * add `serviceAccountTokenPath` * Update pkg/apis/psmdb/v1/psmdb_defaults.go Co-authored-by: Copilot <[email protected]> * `go mod tidy` * add `tlsSecret` field * use `errors.Wrap` * fix validation message * add unit-tests * fix users-vault test * improve validation * small fixes * small go mod change * add test cases * improve test * implement cached vault * fix tests * refactor * remove debug prints * small improvements * small fix * `make manifests` * fix unit-tests * address comments * return on logged error * fix cached vault * secret client per cluster + provider handler for future secret storages * mac fix * logging improvements * implement critical errors * fix wrapped errors * small fix * fix if condition * fix unit-tests * apply copilot suggestions * make `endpointURL` required * fix test * fix validation error * improve logs * continue reconcile on failed connection to the vault * small test fix * fix test * block reconcile when user secret doesn't exist * final fix for `users-vault` test --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: Mayank Shah <[email protected]> Co-authored-by: Viacheslav Sarzhan <[email protected]>
* K8SPSMDB-1429: improve cluster status https://perconadev.atlassian.net/browse/K8SPSMDB-1429 * small fix --------- Co-authored-by: Mayank Shah <[email protected]> Co-authored-by: Viacheslav Sarzhan <[email protected]>
* Setting appProtocol for service objects * Setting appProtocol for service objects * update compare version * small improvement * fix unit-test * change `mongo` to `mongodb` * add appProtocol to mongos service and fix tests * fix unit-tests * fix unit-test * fix `TestReconcileReplsetServices` * switch back to `mongo` * fix init-deploy --------- Co-authored-by: Andrii Dema <[email protected]> Co-authored-by: Viacheslav Sarzhan <[email protected]>
gkech
requested review from
eleo007,
jvpasinatto and
valmiranogueira
as code owners
pull-request-size
bot
added
size/XXL
github-actions
bot
added
tests
dependencies
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
| fakeBackup "github.com/percona/percona-server-mongodb-operator/pkg/psmdb/backup/fake" | ||
| faketls "github.com/percona/percona-server-mongodb-operator/pkg/psmdb/tls/fake" | ||
| "github.com/percona/percona-server-mongodb-operator/pkg/version" | ||
| "github.com/stretchr/testify/assert" |
Contributor
There was a problem hiding this comment.
[goimports-reviser] reported by reviewdog 🐶
Suggested change
| "github.com/stretchr/testify/assert" |
Collaborator
commit: b9c4516 |
Contributor
|
why do we have so many unrelated changes? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
CHANGE DESCRIPTION
Problem:
When secrets are owned by certmanager through
OwnerReference, the operator is still trying to set the owner, resulting to an error. With this PR we are handling the error so thatAlreadyOwnedErrorerrors are not blocking the flow.Cause:
Short explanation of the root cause of the issue if applicable.
Solution:
Short explanation of the solution we are providing with this PR.
CHECKLIST
Jira
Needs Doc) and QA (Needs QA)?Tests
compare/*-oc.yml)?Config/Logging/Testability