diff --git a/pkg/gardenlet/controller/shoot/care/health_test.go b/pkg/gardenlet/controller/shoot/care/health_test.go index 8983d7672b6..4570401e8ae 100644 --- a/pkg/gardenlet/controller/shoot/care/health_test.go +++ b/pkg/gardenlet/controller/shoot/care/health_test.go @@ -355,7 +355,7 @@ var _ = Describe("health check", func() { }, Entry("all healthy", []corev1.Node{ - newNode(nodeName, true, labels.Set{"worker.gardener.cloud/pool": workerPoolName1, "worker.gardener.cloud/kubernetes-version": "1.24.0"}, nil, kubernetesVersion.Original()), + newNode(nodeName, true, labels.Set{"worker.gardener.cloud/pool": workerPoolName1, "worker.gardener.cloud/kubernetes-version": "1.24.0"}, map[string]string{"checksum/cloud-config-data": cloudConfigSecretChecksum1}, kubernetesVersion.Original()), }, []gardencorev1beta1.Worker{ { @@ -461,7 +461,7 @@ var _ = Describe("health check", func() { PointTo(beConditionWithStatusAndMsg(gardencorev1beta1.ConditionFalse, "KubeletVersionMismatch", fmt.Sprintf("The kubelet version for node %q (v1.23.2) does not match the desired Kubernetes version (v%s)", nodeName, kubernetesVersion.Original())))), Entry("same Kubernetes patch version", []corev1.Node{ - newNode(nodeName, true, labels.Set{"worker.gardener.cloud/pool": workerPoolName1, "worker.gardener.cloud/kubernetes-version": "1.24.0"}, nil, "v1.23.3"), + newNode(nodeName, true, labels.Set{"worker.gardener.cloud/pool": workerPoolName1, "worker.gardener.cloud/kubernetes-version": "1.24.0"}, map[string]string{"checksum/cloud-config-data": cloudConfigSecretChecksum1}, "v1.23.3"), }, []gardencorev1beta1.Worker{ { @@ -490,7 +490,7 @@ var _ = Describe("health check", func() { PointTo(beConditionWithStatusAndMsg(gardencorev1beta1.ConditionFalse, "KubeletVersionMismatch", fmt.Sprintf("The kubelet version for node %q (v1.22.2) does not match the desired Kubernetes version (v1.22.3)", nodeName)))), Entry("different Kubernetes minor version (all healthy)", []corev1.Node{ - newNode(nodeName, true, labels.Set{"worker.gardener.cloud/pool": workerPoolName1, "worker.gardener.cloud/kubernetes-version": "1.24.0"}, nil, "v1.22.2"), + newNode(nodeName, true, labels.Set{"worker.gardener.cloud/pool": workerPoolName1, "worker.gardener.cloud/kubernetes-version": "1.24.0"}, map[string]string{"checksum/cloud-config-data": cloudConfigSecretChecksum1}, "v1.22.2"), }, []gardencorev1beta1.Worker{ { @@ -526,7 +526,7 @@ var _ = Describe("health check", func() { }, }, cloudConfigSecretMeta, - BeNil()), + PointTo(beConditionWithStatusAndMsg(gardencorev1beta1.ConditionFalse, "CloudConfigOutdated", fmt.Sprintf("the last successfully applied cloud config on node %q hasn't been reported yet", nodeName)))), Entry("outdated cloud-config secret checksum for a worker pool", []corev1.Node{ newNode(nodeName, true, labels.Set{"worker.gardener.cloud/pool": workerPoolName1, "worker.gardener.cloud/kubernetes-version": "1.24.0"}, map[string]string{executor.AnnotationKeyChecksum: "outdated"}, "v1.22.2"), diff --git a/pkg/operation/botanist/worker.go b/pkg/operation/botanist/worker.go index b1572d21e96..7d937fcf890 100644 --- a/pkg/operation/botanist/worker.go +++ b/pkg/operation/botanist/worker.go @@ -150,8 +150,12 @@ func CloudConfigUpdatedForAllWorkerPools( continue } - if nodeChecksum, ok := node.Annotations[executor.AnnotationKeyChecksum]; ok && nodeChecksum != secretChecksum { - result = multierror.Append(result, fmt.Errorf("the last successfully applied cloud config on node %q is outdated (current: %s, desired: %s)", node.Name, nodeChecksum, secretChecksum)) + if nodeChecksum, ok := node.Annotations[executor.AnnotationKeyChecksum]; nodeChecksum != secretChecksum { + if !ok { + result = multierror.Append(result, fmt.Errorf("the last successfully applied cloud config on node %q hasn't been reported yet", node.Name)) + } else { + result = multierror.Append(result, fmt.Errorf("the last successfully applied cloud config on node %q is outdated (current: %s, desired: %s)", node.Name, nodeChecksum, secretChecksum)) + } } } } diff --git a/pkg/operation/botanist/worker_test.go b/pkg/operation/botanist/worker_test.go index 5a29dc74af4..def21cf6a5f 100644 --- a/pkg/operation/botanist/worker_test.go +++ b/pkg/operation/botanist/worker_test.go @@ -283,6 +283,17 @@ var _ = Describe("Worker", func() { nil, MatchError(ContainSubstring("missing cloud config secret metadata")), ), + Entry("checksum annotation missing", + []gardencorev1beta1.Worker{{Name: "pool1"}}, + map[string][]corev1.Node{"pool1": {{ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{"worker.gardener.cloud/kubernetes-version": "1.24.0"}, + }}}}, + map[string]metav1.ObjectMeta{"pool1": { + Name: "cloud-config--c63c0", + Annotations: map[string]string{"checksum/data-script": "foo"}, + }}, + MatchError(ContainSubstring("hasn't been reported yet")), + ), Entry("checksum annotation outdated", []gardencorev1beta1.Worker{{Name: "pool1"}}, map[string][]corev1.Node{"pool1": {{ObjectMeta: metav1.ObjectMeta{