`failed setting controller reference` error when using a Secret generated by SealedSecret to create a RabbitMQ User

AlbertoArconada commented 11 months ago

Describe the bug

To avoid having base64 encoded credentials in my repos, I'm trying to use SealedSecrets to have encrypted credentials. When a sealedsecret is applied, in the background this operator creates a secret in the same K8s namespace with the same name that contains Base64 encoded. Just for context, when generated, this secret contains some ownerReferences values.

Then, when I try to apply the template of a user that refers to that generated secret, I receive this error:
failed setting controller reference: Object namespace/name-of-the-secret is already owned by another SealedSecret controller name-of-the-sealed-secret

To Reproduce

Steps to reproduce the behavior:

Create a Secret template
Generate the sealed secret using kubeseal command
Apply the generated sealed secret
Create a User template whose importCredentialsSecret->name field points to the secret created in step 1
Apply the User template

Include any YAML or manifest necessary to reproduce the problem.

Cluster template

apiVersion: rabbitmq.com/v1beta1
kind: RabbitmqCluster
metadata:
  name: my-rabbitmq-cluster
  namespace: my-rabbitmq-cluster-namespace
spec:
  replicas: 1

Secret template

apiVersion: v1
data:
  password: dGVzdHVzZXI=
  username: dGVzdHBhc3N3b3Jk
kind: Secret
metadata:
  name: test-user-credentials-secret
  namespace: my-rabbitmq-cluster-namespace
type: Opaque

User template

apiVersion: rabbitmq.com/v1beta1
kind: User
metadata:
  name: test-user
  namespace: my-rabbitmq-cluster-namespace
spec:
  tags:
    - management
  importCredentialsSecret:
    name: test-user-credentials-secret
  rabbitmqClusterReference:
    name: my-rabbitmq-cluster

Expected behavior

The User should be created without any problem using the Secret generated by SealedSecret Operator.

Screenshots

Version and environment information

Messaging Topology Operator: bitnami/rmq-messaging-topology-operator:1.12.0-scratch-r0
RabbitMQ: 3.12.4-management
RabbitMQ Cluster Operator: bitnami/rabbitmq-cluster-operator:2.3.0-scratch-r1
Kubernetes: v1.24.14
Cloud provider or hardware configuration: Google Cloud

Additional context

github-actions[bot] commented 9 months ago

This issue has been marked as stale due to 60 days of inactivity. Stale issues will be closed after a further 30 days of inactivity; please remove the stale label in order to prevent this occurring.

Zerpet commented 9 months ago

hey, thank you for reporting this issue. I believe there's value in providing compatibility with sealed secrets. I've marked this issue as never-stale. However, I don't have time to get to this issue any time soon. A contribution would be very welcome 🙂

MonicaMagoniCom commented 6 months ago

I'm experiencing the same issue..

rabbitmq / messaging-topology-operator