From 3d13848878b70b667d51e8f2d8d2e520bfe841ce Mon Sep 17 00:00:00 2001
From: Jeremiah Stuever <jstuever@redhat.com>
Date: Tue, 14 Nov 2023 11:45:59 -0800
Subject: [PATCH] Explicitly set the vsphere secret credential data on sync.

The behavior previously changed to patching the credential secrets as
opposed to updating them. As a result, sometimes when a credential is
changed it can continue to have pieces of the old credential.

This change overrides the entire credential data to be explicitly set to
the new credential. This will remove all old credential data when
syncing the new credential.
---
 pkg/vsphere/actuator/actuator.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pkg/vsphere/actuator/actuator.go b/pkg/vsphere/actuator/actuator.go
index 036ff506e..4805ce977 100644
--- a/pkg/vsphere/actuator/actuator.go
+++ b/pkg/vsphere/actuator/actuator.go
@@ -294,9 +294,9 @@ func (a *VSphereActuator) syncTargetSecret(ctx context.Context, cr *minterv1.Cre
 			secret.Annotations = map[string]string{}
 		}
 		secret.Annotations[minterv1.AnnotationCredentialsRequest] = fmt.Sprintf("%s/%s", cr.Namespace, cr.Name)
-		if secret.Data == nil {
-			secret.Data = map[string][]byte{}
-		}
+
+		secret.Data = map[string][]byte{}
+
 		for key, value := range secretData {
 			secret.Data[key] = value
 		}