Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

HetznerCluster does not react on changes in relevant secrets #1508

Open
janiskemper opened this issue Nov 8, 2024 · 1 comment
Open

HetznerCluster does not react on changes in relevant secrets #1508

janiskemper opened this issue Nov 8, 2024 · 1 comment

Comments

@janiskemper
Copy link
Contributor

/kind bug

What steps did you take and what happened:
The "HetznerCluster" object should listen to the changes in the secret that stores the Hetzner credentials. For example, because they have to be synced in the updated form to the workload clusters. This doesn't happen right now because the controller doesn't react on the relevant events.

In

hetznerSecret, err := secretManager.AcquireSecret(
we "acquire" the secret but set "controlledByOwner" to false. This means that the hetznercluster-controller doesn't actually own the secret, so that the events are not shown, even though we set the event listener here:

What did you expect to happen:
We should react on the events in the hetzner secret. Either by setting the hetznercluster controller as "controller" of the secret, or by changing the way we listen to events.

It would be obviously easier to set the hetznercluster as controller of the secret, that's just one value. I'm not aware if that has any drawbacks compared to the current state.

@guettli
Copy link
Collaborator

guettli commented Nov 11, 2024

@janiskemper

if a controller owns a secret and you delete the controller, Kubernetes garbage collection (GC) will typically remove the secret.

Somehow I think an owneRef does not match. The user is responsible for that secret.

We can use an option for .Own():

From the Owns docstring:

// The default behavior reconciles only the first controller-type OwnerReference of the given type.
// Use Owns(object, builder.MatchEveryOwner) to reconcile all owners.

I suggest to use MatchEveryOwner

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants