Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

configSecret.existingSecret disappeared from 6.0.2 to 6.0.3 making it impossible to use an existing config secret #2298

Closed
fibbs opened this issue Aug 28, 2024 · 1 comment
Closed

configSecret.existingSecret disappeared from 6.0.2 to 6.0.3 making it impossible to use an existing config secret #2298

fibbs opened this issue Aug 28, 2024 · 1 comment
Assignees
@ramondeklein
Labels
community triage

Comments

@fibbs
Copy link

fibbs commented Aug 28, 2024
edited
Loading

I am on the bumpy road to upgrade from 5.0.16 to 6.0.3. After having understood by reading some of the issues and discussions here how to use the existingSecret setting and how to migrate from .secrets.name to using .configSecret correctly, I found that in version 6.0.3 of the Helm Chart there is no possibility to use an existing secret anymore. A grep -R existing in the templates directory of the chart does output nothing at all.

Expected Behavior

with the values.yaml setting .configSecret.existingSecret=true one can provide an environment secret containing a key config.env which then contains export statements to set MINIO_ROOT_USER, MINIO_ROOT_PASSWORD and others such as prometheus related vars, compression settings etc.

Current Behavior

.configSecret.name is being tried to create anyways, even if already existing. Worse than that, the helm chart tries to OVERWRITE it and thus tries to delete the settings I might have set there for a reason.

Possible Solution

With commit 1792dfd this has been introduced, but with 3a8695b it was (accidently?) removed again. Revert or rework the ladder of the commits?

Steps to Reproduce (for bugs)

Try to set up a MinIO tenant with an existing env variable secret and set both .configSecret.name and .configSecret.existingSecret: True and find out that you run into an ugly error message that the resource can not be imported into the current release....

Regression

Is this issue a regression? I believe yes
If Yes, optionally please include minio-operator version caused the regression: 6.0.3

Your Environment

  • Version used (minio-operator): 6.0.3
  • Environment name and version (e.g. kubernetes v1.17.2): K8S (RKE2) v1.28.8
  • Server type and version: RHEL 8
  • Operating System and version (uname -a): irrelevant
  • Link to your deployment file: irrelevant
@ramondeklein ramondeklein self-assigned this Aug 28, 2024
@ramondeklein
Copy link
Contributor

It looks you're right and @ClemaX also mentioned this in https://github.com/minio/operator/pull/2265/files#r1734684401. We need to introduce .tenant.configSecret.existingSecret. When set, we shouldn't create the secret.

ramondeklein added a commit to ramondeklein/minio-operator that referenced this issue Aug 28, 2024
@ramondeklein
allow existing secret (minio#2298)
709004e
ramondeklein added a commit to ramondeklein/minio-operator that referenced this issue Aug 28, 2024
@ramondeklein
allow existing secret (minio#2298)
9f696fa
This was referenced Aug 28, 2024
Merged
Closed
pjuarezd pushed a commit that referenced this issue Aug 29, 2024
@ramondeklein
Allow existing secret (#2299)
44217fb 
allow existing secret (#2298)
@fibbs fibbs mentioned this issue Aug 29, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ramondeklein ramondeklein

Labels
community triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fibbs @ramondeklein