JNKPercona
commented
1 month ago | Test name | Status |
|---|---|
| arbiter | passed |
| balancer | passed |
| custom-replset-name | passed |
| custom-tls | passed |
| cross-site-sharded | passed |
| data-at-rest-encryption | passed |
| data-sharded | passed |
| demand-backup | passed |
| demand-backup-eks-credentials | passed |
| demand-backup-physical | passed |
| demand-backup-physical-sharded | passed |
| demand-backup-sharded | passed |
| expose-sharded | passed |
| ignore-labels-annotations | passed |
| init-deploy | passed |
| finalizer | passed |
| ldap | passed |
| ldap-tls | passed |
| limits | passed |
| liveness | passed |
| mongod-major-upgrade | passed |
| mongod-major-upgrade-sharded | passed |
| monitoring-2-0 | passed |
| multi-cluster-service | failure |
| non-voting | passed |
| one-pod | passed |
| operator-self-healing-chaos | passed |
| pitr | passed |
| pitr-sharded | passed |
| pitr-physical | passed |
| pvc-resize | passed |
| recover-no-primary | passed |
| rs-shard-migration | passed |
| scaling | passed |
| scheduled-backup | passed |
| security-context | passed |
| self-healing-chaos | passed |
| service-per-pod | passed |
| serviceless-external-nodes | passed |
| smart-update | passed |
| split-horizon | passed |
| storage | passed |
| tls-issue-cert-manager | passed |
| upgrade | passed |
| upgrade-consistency | passed |
| upgrade-consistency-sharded-tls | passed |
| upgrade-sharded | passed |
| users | passed |
| version-service | passed |
| We run 49 out of 49 |
commit: https://github.com/percona/percona-server-mongodb-operator/pull/1566/commits/1480088f6d0d17cd02fb81afb980680825599f41
image: perconalab/percona-server-mongodb-operator:PR-1566-1480088f
https://perconadev.atlassian.net/browse/K8SPSMDB-1101
DESCRIPTION
Problem: When custom
cluster1-sslandcluster1-ssl-internalsecrets are created by the user, they are overwritten by the operator if the cert-manager is installed. If only thecluster1-sslsecret is created, the operator fails with the errorwaiting for TLS secret.Cause: https://github.com/percona/percona-server-mongodb-operator/pull/1383 introduced a regression, specifically in the `(ReconcilePerconaServerMongoDB) sslAnnotation
method, which didn't take into account a possible scenario when the operator can work without thecluster1-ssl-internalsecret.* _Also in mentioned PR, cert-manager started to overwritecluster1-sslandcluster1-ssl-internal` secrets if both of them existed previously. The operator checked if secrets were created by the user only if an internal secret doesn't exist. Otherwise, it assumed that these secrets were created by cert-manager._Solution: Correctly check if
cluster1-sslandcluster1-ssl-internalsecrets were created by the user. Don't overwrite secrets created by the user. Fix the problem which appeared by using onlycluster1-sslsecret. If user creates onlycluster1-ssl-internalsecret, operator will create it's copy as acluster1-sslsecret.CHECKLIST
Jira
Needs Doc) and QA (Needs QA)?Tests
compare/*-oc.yml)?Config/Logging/Testability