SAP / sap-btp-service-operator

SAP BTP service operator enables developers to connect Kubernetes clusters to SAP BTP accounts and to consume SAP BTP services within the clusters by using Kubernetes native tools.
Apache License 2.0
125 stars 52 forks source link

Credential rotation policy not working as expected in my setup #438

Closed mbakr1 closed 5 months ago

mbakr1 commented 5 months ago

I am trying to have Credential rotation policy setup in my integration with my BTP instance but for some reason I am not seeing any effect with changes I added following the guide. Here is an example for my service-binding.yaml apiVersion: services.cloud.sap.com/v1 kind: ServiceBinding metadata: name: obs-dev-service-binding namespace: sap-btp-operator spec: serviceInstanceName: ocas-dev-test6 secretName: sap-btp-service-operator-sb credentialsRotationPolicy: enabled: true rotatedBindingTTL: 1h rotationFrequency: 1h ID: 51639a3c-bf92-4260-8fbf-8ffda0b94fdc

I065450 commented 5 months ago

Hi @mbakr1

You don't see any rotation? Did you wait for a full reconciliation? please check the Last Credentials Rotation Time on the binding.

Regards, Naama

mbakr1 commented 5 months ago

yea I saw no rotation. yea I waited and the last creds created was 52 days ago and its expired certificate

I065450 commented 5 months ago

please share the full YAML for the binding with us so that we can conduct further investigation.

I065450 commented 5 months ago

The operator access binding has an invalid certificate, causing the connection to BTP to fail.