Description
User is able to share environment variables in a ConfigMap or Secret and pass it to Operator via WildFlyServerSpec#envFrom field. Problem is, that Operator is not aware of changes in Secret/ConfigMap (only reference change is recognized - add or remove ConfigMap/Secret reference). This could lead to inconsistency of environment between pods in a single project (moreover this could lead also to inconsistency between projects in case that ConfigMap/Secret is shared by them).
The reaction on ConfigMap/Secret content should be doable, see https://blog.questionable.services/article/kubernetes-deployments-configmap-change/
reproduce
- create a config map with ("foo1", "bar1") entry
- create an operator (size = 1) with a reference to the config map
- update the config map - add ("foo2", "bar2") entry
- resize the operator
actual
$ oc get pods
NAME READY STATUS RESTARTS AGE
eap-cd-0 1/1 Running 0 112s
eap-cd-1 1/1 Running 0 94s
wildfly-operator-55b544c4bb-wts8l 1/1 Running 0 2m1s
$ oc rsh pod/eap-cd-0
sh-4.4$ env | grep foo
foo1=bar1
$ oc rsh pod/eap-cd-1
sh-4.4$ env | grep foo
foo1=bar1
foo2=bar2
expected
$ oc get pods
NAME READY STATUS RESTARTS AGE
eap-cd-0 1/1 Running 0 112s
eap-cd-1 1/1 Running 0 94s
wildfly-operator-55b544c4bb-wts8l 1/1 Running 0 2m1s
$ oc rsh pod/eap-cd-0
sh-4.4$ env | grep foo
foo1=bar1
foo2=bar2
$ oc rsh pod/eap-cd-1
sh-4.4$ env | grep foo
foo1=bar1
foo2=bar2
Environment:
operator version: 467407a
openshift version:
OpenShift version: 4.1.11 Kubernetes Master Version: v1.13.4+df9cebc
Out of curiosity, is there is way to rollout the pods manually as oc rollout was designed for DeploymentConfigs and cannot be used here?
Attachments
Issue Links
- is related to
-
JBEAP-17719 Editing Config map or Secret object could lead to project inconsistencies
- Closed