Explicitly set the vsphere secret credential data on sync.

The behavior previously changed to patching the credential secrets as opposed to updating them. As a result, sometimes when a credential is changed it can continue to have pieces of the old credential. This change overrides the entire credential data to be explicitly set to the new credential. This will remove all old credential data when syncing the new credential.
openshift · Nov 14, 2023 · 3d13848 · 3d13848
1 parent 5a6da9c
commit 3d13848
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/pkg/vsphere/actuator/actuator.go b/pkg/vsphere/actuator/actuator.go
@@ -294,9 +294,9 @@ func (a *VSphereActuator) syncTargetSecret(ctx context.Context, cr *minterv1.Cre
 			secret.Annotations = map[string]string{}
 		}
 		secret.Annotations[minterv1.AnnotationCredentialsRequest] = fmt.Sprintf("%s/%s", cr.Namespace, cr.Name)
-		if secret.Data == nil {
-			secret.Data = map[string][]byte{}
-		}
+
+		secret.Data = map[string][]byte{}
+
 		for key, value := range secretData {
 			secret.Data[key] = value
 		}