fix: add retry logic to updateRecoveryWindow for concurrent status updates

[gabrielmouallem]

Problem

When backup completion and retention policy enforcement run concurrently, both call updateRecoveryWindow to update the ObjectStore status. This causes transient errors due to Kubernetes optimistic concurrency control:

{"level":"error","msg":"Error while updating the recovery window in the ObjectStore status stanza. Skipping.","error":"Operation cannot be fulfilled on objectstores.barmancloud.cnpg.io: the object has been modified; please apply your changes to the latest version and try again"}

{"level":"error","msg":"Retention policy enforcement failed","error":"Operation cannot be fulfilled on objectstores.barmancloud.cnpg.io: the object has been modified; please apply your changes to the latest version and try again"}

Solution

Wrap the status update in retry.RetryOnConflict, matching the pattern already used in setLastFailedBackupTime in the same file. The retry logic fetches a fresh copy of the ObjectStore before each update attempt, ensuring the resourceVersion is current.

As noted in #758, @dosu confirmed this approach:

Your proposed retry logic for updateRecoveryWindow is spot on and matches the established pattern in the codebase. The setLastFailedBackupTime function already uses retry.RetryOnConflict with a fresh Get to handle status update conflicts, and this approach is accepted and recent in the project (see PR #467).

Changes

• Added retry.RetryOnConflict wrapper to updateRecoveryWindow
• Fetch fresh ObjectStore copy inside retry loop using client.ObjectKeyFromObject
• Updated function comment to document the retry behavior

Testing

This change follows the exact same pattern as setLastFailedBackupTime (lines 66-89 in the same file), which was added in #467.

Fixes #758

[gabrielmouallem]

Hi maintainers,

Feel free to adjust this PR as needed and merge when ready. I may not have bandwidth to address review feedback promptly, so if there are minor changes required, please feel free to push directly to the branch or take over the PR entirely.

The fix follows the existing pattern in setLastFailedBackupTime, so it should be straightforward, but happy to have you refine it as you see fit.

Thanks for maintaining this project!

[dosubot]

Your approach is correct and fully consistent with project standards. Wrapping updateRecoveryWindow in retry.RetryOnConflict, fetching a fresh ObjectStore before each update, directly mirrors the established and accepted pattern used in setLastFailedBackupTime (introduced in PR #467). This retry logic is the recommended way to handle Kubernetes optimistic concurrency control errors during concurrent status updates, and it will resolve the transient resourceVersion errors you’ve observed when backup and retention enforcement overlap. This solution is confirmed as best practice in both the codebase and recent discussions (issue #758, PR #467).

To reply, just mention @dosu.

---

^{How did I do? Good | Irrelevant | Incorrect | Verbose | Hallucination | Report 🐛 | Other}