Closed pooknull closed 1 month ago
Test name | Status |
---|---|
arbiter | passed |
balancer | passed |
custom-replset-name | passed |
custom-tls | passed |
cross-site-sharded | passed |
data-at-rest-encryption | passed |
data-sharded | passed |
demand-backup | passed |
demand-backup-eks-credentials | passed |
demand-backup-physical | passed |
demand-backup-physical-sharded | passed |
demand-backup-sharded | passed |
expose-sharded | passed |
ignore-labels-annotations | passed |
init-deploy | passed |
finalizer | passed |
ldap | passed |
ldap-tls | passed |
limits | passed |
liveness | passed |
mongod-major-upgrade | passed |
mongod-major-upgrade-sharded | passed |
monitoring-2-0 | passed |
multi-cluster-service | failure |
non-voting | passed |
one-pod | passed |
operator-self-healing-chaos | passed |
pitr | passed |
pitr-sharded | passed |
pitr-physical | passed |
pvc-resize | passed |
recover-no-primary | passed |
rs-shard-migration | passed |
scaling | passed |
scheduled-backup | passed |
security-context | passed |
self-healing-chaos | passed |
service-per-pod | passed |
serviceless-external-nodes | passed |
smart-update | passed |
split-horizon | passed |
storage | passed |
tls-issue-cert-manager | passed |
upgrade | passed |
upgrade-consistency | passed |
upgrade-consistency-sharded-tls | passed |
upgrade-sharded | passed |
users | passed |
version-service | passed |
We run 49 out of 49 |
commit: https://github.com/percona/percona-server-mongodb-operator/pull/1566/commits/1480088f6d0d17cd02fb81afb980680825599f41
image: perconalab/percona-server-mongodb-operator:PR-1566-1480088f
https://perconadev.atlassian.net/browse/K8SPSMDB-1101
DESCRIPTION
Problem: When custom
cluster1-ssl
andcluster1-ssl-internal
secrets are created by the user, they are overwritten by the operator if the cert-manager is installed. If only thecluster1-ssl
secret is created, the operator fails with the errorwaiting for TLS secret
.Cause: https://github.com/percona/percona-server-mongodb-operator/pull/1383 introduced a regression, specifically in the `(ReconcilePerconaServerMongoDB) sslAnnotation
method, which didn't take into account a possible scenario when the operator can work without the
cluster1-ssl-internalsecret.* _Also in mentioned PR, cert-manager started to overwrite
cluster1-ssland
cluster1-ssl-internal` secrets if both of them existed previously. The operator checked if secrets were created by the user only if an internal secret doesn't exist. Otherwise, it assumed that these secrets were created by cert-manager._Solution: Correctly check if
cluster1-ssl
andcluster1-ssl-internal
secrets were created by the user. Don't overwrite secrets created by the user. Fix the problem which appeared by using onlycluster1-ssl
secret. If user creates onlycluster1-ssl-internal
secret, operator will create it's copy as acluster1-ssl
secret.CHECKLIST
Jira
Needs Doc
) and QA (Needs QA
)?Tests
compare/*-oc.yml
)?Config/Logging/Testability