Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix CC not restarted when API secret changes #9616

Merged
merged 7 commits into from
Feb 2, 2024
Merged

Fix CC not restarted when API secret changes #9616

merged 7 commits into from
Feb 2, 2024

Commits on Jan 30, 2024

  1. Fix CC not restarted when API secret changes 

    The user may need to create new CC API credentials because they may have been compromised.
This can be done by simply deleting the secret containing CC API credentials, which is then recreated by the CO.
The problem is that CC is not restarted, which leads to the following Rebalance error:

```sh
2024-01-29 17:44:08 ERROR KafkaRebalanceAssemblyOperator:483 - Reconciliation strimzi#64(kafkarebalance-watch) KafkaRebalance(test/my-rebalance): Status updated to [NotReady] due to error: Unexpected status code 401 for request to my-cluster-cruise-control.test.svc:9090/kafkacruisecontrol/rebalance?json=true&dryrun=true&verbose=true&skip_hard_goal_check=false&rebalance_disk=false
```

To fix this issue, I'm adding the API secret hash as CC annotation, so that any change will trigger a CC pod restart.

Signed-off-by: Federico Valeri <fedevaleri@gmail.com>
    @fvaleri
    fvaleri committed Jan 30, 2024
    Configuration menu
    Copy the full SHA
    a299de8 View commit details
    Browse the repository at this point in the history

  2. Hash passwords instead of using Secret hashCode 

    Signed-off-by: Federico Valeri <fedevaleri@gmail.com>
    @fvaleri
    fvaleri committed Jan 30, 2024
    Configuration menu
    Copy the full SHA
    3bc11ba View commit details
    Browse the repository at this point in the history

Commits on Jan 31, 2024

  1. Address review comments 

    Signed-off-by: Federico Valeri <fedevaleri@gmail.com>
    @fvaleri
    fvaleri committed Jan 31, 2024
    Configuration menu
    Copy the full SHA
    48c6f05 View commit details
    Browse the repository at this point in the history

  2. Update comment 

    Signed-off-by: Federico Valeri <fedevaleri@gmail.com>
    @fvaleri
    fvaleri committed Jan 31, 2024
    Configuration menu
    Copy the full SHA
    22bd567 View commit details
    Browse the repository at this point in the history

  3. Remove unnecessary changes 

    Signed-off-by: Federico Valeri <fedevaleri@gmail.com>
    @fvaleri
    fvaleri committed Jan 31, 2024
    Configuration menu
    Copy the full SHA
    be67803 View commit details
    Browse the repository at this point in the history

  4. Address new comments from review 

    Signed-off-by: Federico Valeri <fedevaleri@gmail.com>
    @fvaleri
    fvaleri committed Jan 31, 2024
    Configuration menu
    Copy the full SHA
    97b0991 View commit details
    Browse the repository at this point in the history

Commits on Feb 1, 2024

  1. Use full secret content 

    Signed-off-by: Federico Valeri <fedevaleri@gmail.com>
    @fvaleri
    fvaleri committed Feb 1, 2024
    Configuration menu
    Copy the full SHA
    aeb6dbc View commit details
    Browse the repository at this point in the history