solr-operator
solr-operator copied to clipboard
apache
Investigate listening on GCSRepository Secrets
If a user is connecting to a GCS Backup Repository, then they have to provide a secret that contains the GCS credentials as a file. We should investigate whether we need to restart the Solr Pod if this GCS credential is updated.
The gcs-repository implementation might re-load the credentials everytime it is used. If that's the case, then the Secrets should be auto-updated by kubernetes within the Pod, so we won't have to restart the Pods.
If the gcs-repository does not reload the credentials ever, then we will need to restart the Solr Pods to propagate the new credentials values. This can be done by setting a hash of the secret value as an annotation for the Pod. We do it for other secrets, we might just need to make the current logic more generic to accept more secrets.
@gerlowskija , I think you know the gcs-repository code the best. Once you are back (don't want to interrupt your break), could you look into this and see whether the credentials are re-loaded throughout the solr lifecycle or just when the GCSRepository is used for the first time.