pulp-operator icon indicating copy to clipboard operation
pulp-operator copied to clipboard

Published 20 hours ago verified publisher icon pulp

Make secret fields not immutable anymore

Open StopMotionCuber opened this issue 1 year ago • 10 comments

This lifts the restriction of fields being immutable in many places without a good reason for that behavior.

The DeploymentType is still mutable, as I didn't figure out completely what that was about and assume that changing that between pulp and galaxy has deeper implications, rendering the instance useless (in that case newly creating an instance is indeed the way to go). As suggested by @git-hyagi here, I've added a transition hook which should return a failure instead of silently rolling back the value on clusters where supported. If that assumption is false and changing between pulp and galaxy is possible without bad implications, I could remove the whole rollback machinery.

I've tested the changes on a local k3s cluster with following scenarios:

  • Tried updating the S3 Secret to a second one with different content. The settings.py afterwards had the values of the second S3 secret included and the deployments were restarted.
  • Tried updating the admin_password_secret with a new one (where no secret existed). A new secret with new credentials was created and I was able to login with these credentials, while not being able to login with the former credentials. Former credentials were not deleted, but I guess that's fine.

I didn't test all of the secrets, as I do not have any automation for that, but I think all of them are in the same code path, updating the pulp-server:settings.py, which should all trigger proper reconciliation and restart of the services.

Closes #1343

StopMotionCuber avatar Sep 18 '24 14:09 StopMotionCuber

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: StopMotionCuber Once this PR has been reviewed and has the lgtm label, please assign dkliban for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment Approvers can cancel approval by writing /approve cancel in a comment

openshift-ci[bot] avatar Sep 18 '24 14:09 openshift-ci[bot]

Hi @StopMotionCuber. Thanks for your PR.

I'm waiting for a pulp member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

openshift-ci[bot] avatar Sep 18 '24 14:09 openshift-ci[bot]

Just as a side-note: here a non-squashed version of the PR.

I'm not sure about the CI failures, whether these are just flaky or whether there is an actual error. Logs are not that great for the failures

StopMotionCuber avatar Sep 18 '24 15:09 StopMotionCuber

This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!

stale[bot] avatar Dec 28 '24 11:12 stale[bot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

openshift-merge-robot avatar Dec 28 '24 11:12 openshift-merge-robot

This pull request is no longer marked for closure.

stale[bot] avatar Dec 28 '24 11:12 stale[bot]

This issue is no longer marked for closure.

stale[bot] avatar Dec 28 '24 11:12 stale[bot]

This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!

stale[bot] avatar Mar 30 '25 18:03 stale[bot]

This is still relevant

StopMotionCuber avatar Mar 31 '25 07:03 StopMotionCuber

This issue is no longer marked for closure.

stale[bot] avatar Mar 31 '25 07:03 stale[bot]

This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!

stale[bot] avatar Jun 29 '25 09:06 stale[bot]

This is still relevant

StopMotionCuber avatar Jun 30 '25 06:06 StopMotionCuber

This issue is no longer marked for closure.

stale[bot] avatar Jun 30 '25 06:06 stale[bot]

This pull request has been marked 'stale' due to lack of recent activity. If there is no further activity, the PR will be closed in another 30 days. Thank you for your contribution!

stale[bot] avatar Sep 28 '25 08:09 stale[bot]

This pull request has been closed due to inactivity. If you feel this is in error, please reopen the pull request or file a new PR with the relevant details.

stale[bot] avatar Oct 28 '25 21:10 stale[bot]