🐛 enqueue secrets created by vcluster in addition to owned secrets #309
Conversation
Signed-off-by: Paolo Dettori <dettori@us.ibm.com>
|
This seems a bit broader than necessary. Can there be filtering that narrows down the set of Secrets that the KubeFlex controller will react to? |
…by the cp Signed-off-by: Paolo Dettori <dettori@us.ibm.com>
pdettori
changed the title
| @@ -163,16 +166,38 @@ func (r *ControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Request | |||
| func (r *ControlPlaneReconciler) SetupWithManager(mgr ctrl.Manager) error { | |||
| return ctrl.NewControllerManagedBy(mgr). | |||
| For(&tenancyv1alpha1.ControlPlane{}). | |||
| Owns(&corev1.Service{}). | |||
| Owns(&networkingv1.Ingress{}). | |||
| Owns(&appsv1.Deployment{}). | |||
| Owns(&appsv1.StatefulSet{}). | |||
There was a problem hiding this comment.
Same problem here too, if I understand https://github.com/kubestellar/kubeflex/blob/v0.7.2/pkg/reconcilers/vcluster/reconciler.go#L100 correctly. If the StatefulSet is missing, this controller will note that in the ControlPlane's status and happily be done, without getting notified when the StatefulSet is created later.
| Owns(&corev1.ConfigMap{}). | ||
| Owns(&corev1.ServiceAccount{}). | ||
| Owns(&corev1.Secret{}). | ||
| Watches(&corev1.Secret{}, enqueueSecretsOfInterest()). | ||
| Complete(r) |
There was a problem hiding this comment.
Also, I see that https://github.com/kubestellar/kubeflex/blob/v0.7.2/pkg/reconcilers/vcluster/reconciler.go#L121 is sensitive to the existence of a PostCreateHook. The usual Kubernetes style is to wait for a referenced object to exist when told to use it.
Summary
enqueue secrets created by vcluster in addition to owned secrets
Fixes #2717