Skip to content

Re-arrange deletion of storage encryption key #479

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Mar 17, 2023
Merged

Re-arrange deletion of storage encryption key #479

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
dc7da52
Only remove finalizer and move up the order
eberlep Mar 15, 2023
8b8eb0e
Continue with reconciliation even when removal fails
eberlep Mar 15, 2023
d533879
Clarify logging
eberlep Mar 15, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 8 additions & 11 deletions controllers/postgres_controller.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,13 @@ func (r *PostgresReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
log.Info("corresponding NetworkPolicy deleted")
}

if err := r.removeStorageEncryptionSecretFinalizer(ctx, instance); err != nil {
log.Error(err, "error while remnoving finalizer from storage encryption secret")
} else {

log.Info("finalizer from storage encryption secret removed")
}

deletable, err := r.IsOperatorDeletable(ctx, namespace)
if err != nil {
r.recorder.Eventf(instance, "Warning", "Error", "failed to check if the operator is idle: %v", err)
Expand All @@ -174,11 +181,6 @@ func (r *PostgresReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
}
log.Info("corresponding passwords secret deleted")

if err := r.deleteStorageEncryptionSecret(ctx, instance); err != nil {
return ctrl.Result{}, fmt.Errorf("error while deleting storage encryption secret: %w", err)
}
log.Info("storage encryption secret removed")

instance.RemoveFinalizer(pg.PostgresFinalizerName)
if err := r.CtrlClient.Update(ctx, instance); err != nil {
r.recorder.Eventf(instance, "Warning", "Self-Reconcilation", "failed to remove finalizer: %v", err)
Expand Down Expand Up @@ -1342,7 +1344,7 @@ func (r *PostgresReconciler) generateRandomString() (string, error) {
return string(b), nil
}

func (r *PostgresReconciler) deleteStorageEncryptionSecret(ctx context.Context, instance *pg.Postgres) error {
func (r *PostgresReconciler) removeStorageEncryptionSecretFinalizer(ctx context.Context, instance *pg.Postgres) error {

// Fetch secret
n := storageEncryptionKeyName
Expand All @@ -1361,11 +1363,6 @@ func (r *PostgresReconciler) deleteStorageEncryptionSecret(ctx context.Context,
return fmt.Errorf("error while removing finalizer from storage secret in service cluster: %w", err)
}

// Delete secret
if err := r.SvcClient.Delete(ctx, s); err != nil {
return fmt.Errorf("error while deleting storage secret in service cluster: %w", err)
}

return nil
}

Expand Down