From 9b127e6e0eb391e7aaa90ec736e2b19e162a7811 Mon Sep 17 00:00:00 2001 From: Martin Schuppert Date: Fri, 13 Sep 2024 15:23:06 +0200 Subject: [PATCH] Check DbRootPassword exist using VerifySecret() Verification of the password secret should also check for the expected key (DbRootPassword) to exist. This changes this by using the secret.VerifySecret() func. Signed-off-by: Martin Schuppert --- controllers/galera_controller.go | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/controllers/galera_controller.go b/controllers/galera_controller.go index 33dc4eac..c740ed93 100644 --- a/controllers/galera_controller.go +++ b/controllers/galera_controller.go @@ -539,18 +539,32 @@ func (r *GaleraReconciler) Reconcile(ctx context.Context, req ctrl.Request) (res clusterPropertiesEnv := make(map[string]env.Setter) // Check and hash inputs - secretName := instance.Spec.Secret // NOTE do not hash the db root password, as its change requires // more orchestration than a simple rolling restart - _, _, err = secret.GetSecret(ctx, helper, secretName, instance.Namespace) + _, res, err := secret.VerifySecret( + ctx, + types.NamespacedName{Namespace: instance.Namespace, Name: instance.Spec.Secret}, + []string{ + "DbRootPassword", + }, + helper.GetClient(), + time.Duration(5)*time.Second) if err != nil { + if k8s_errors.IsNotFound(err) { + instance.Status.Conditions.Set(condition.FalseCondition( + condition.InputReadyCondition, + condition.RequestedReason, + condition.SeverityInfo, + condition.InputReadyWaitingMessage)) + return res, fmt.Errorf("OpenStack secret %s not found", instance.Spec.Secret) + } instance.Status.Conditions.Set(condition.FalseCondition( condition.InputReadyCondition, condition.ErrorReason, condition.SeverityWarning, condition.InputReadyErrorMessage, err.Error())) - return ctrl.Result{}, fmt.Errorf("error calculating input hash: %w", err) + return ctrl.Result{}, err } instance.Status.Conditions.MarkTrue(condition.InputReadyCondition, condition.InputReadyMessage)