From 55e225bdfb695d3fb0fb7fa0c0f04d5f46056c5e Mon Sep 17 00:00:00 2001 From: Brandon Dunne Date: Wed, 11 Sep 2024 18:18:13 -0400 Subject: [PATCH] We also need to watch certain secrets that we don't own for changes. In this case we need to set the resourceVersion of the secret containing the SSL certs on the pods that use them, but we don't "own" it, so changes to it weren't triggering a reconcile. We don't want to "own" this secret because it would get garbage collected if our CR disappeared (we don't want that to happen). So, we can watch all secrets and trigger a reconcile on any manageiqs that have it as the value of Spec.InternalCertificatesSecret CP4AIOPS-5110 --- .../controller/manageiq_controller.go | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/manageiq-operator/internal/controller/manageiq_controller.go b/manageiq-operator/internal/controller/manageiq_controller.go index 70ada47f..192f95b7 100644 --- a/manageiq-operator/internal/controller/manageiq_controller.go +++ b/manageiq-operator/internal/controller/manageiq_controller.go @@ -30,6 +30,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" + "sigs.k8s.io/controller-runtime/pkg/handler" "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/reconcile" @@ -246,6 +247,31 @@ func (r *ManageIQReconciler) SetupWithManager(mgr ctrl.Manager) error { Owns(&corev1.Secret{}). Owns(&corev1.Service{}). Owns(&networkingv1.NetworkPolicy{}). + Watches(&corev1.Secret{}, handler.TypedEnqueueRequestsFromMapFunc(func(ctx context.Context, obj client.Object) []reconcile.Request { + manageiqs := &miqv1alpha1.ManageIQList{} + client := mgr.GetClient() + + err := client.List(context.TODO(), manageiqs) + if err != nil { + return []reconcile.Request{} + } + + var reconcileRequests []reconcile.Request + + for _, miq := range manageiqs.Items { + if miq.Spec.InternalCertificatesSecret == obj.GetName() { + manageiqToReconcile := reconcile.Request{ + NamespacedName: types.NamespacedName{ + Name: miq.Name, + Namespace: miq.Namespace, + }, + } + + reconcileRequests = append(reconcileRequests, manageiqToReconcile) + } + } + return reconcileRequests + })). Complete(r) }