Helm based operator is continually deleting and recreating secrets in my namespace #1291
Description
Bug Report
What did you do?
A clear and concise description of the steps you took (or insert a code snippet).
I used the operator-sdk to create an operator from a helm chart
operator-sdk new ibm-mqadvanced-server-dev-oper --type=helm --helm-chart=https://raw.githubusercontent.com/IBM/charts/master/repo/stable/ibm-mqadvanced-server-dev-3.0.1.tgz
I am testing it using
operator-sdk up local --watches-file ./watchesLocal.yaml --zap-devel
My watchesLocal.yaml
---
- version: v1alpha1
group: charts.helm.k8s.io
kind: IbmMqadvancedServerDev
chart: ./helm-charts/ibm-mqadvanced-server-dev
My CR looks like this:
apiVersion: charts.helm.k8s.io/v1alpha1
kind: IbmMqadvancedServerDev
metadata:
name: joe-mq
spec:
# Default values copied from <project_dir>/helm-charts/ibm-mqadvanced-server-dev/values.yaml
# © Copyright IBM Corporation 2017, 2019
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# license must be set to "accept" to accept the terms of the IBM license
license: "accept"
image:
# repository is the container repository to use, which must contain IBM MQ Advanced for Developers
repository: ibmcom/mq
# tag is the tag to use for the container repository
tag: 9.1.2.0
# pullSecret is the secret to use when pulling the image from a private registry
pullSecret:
# pullPolicy is either IfNotPresent or Always (https://kubernetes.io/docs/concepts/containers/images/)
pullPolicy: IfNotPresent
# Specify architecture (amd64, ppc64le, s390x) and weight to be used for scheduling as follows :
# 0 - Do not use
# 1 - Least preferred
# 2 - No preference
# 3 - Most preferred
arch:
amd64: "2 - No preference"
ppc64le: "2 - No preference"
s390x: "2 - No preference"
# persistence section specifies persistence settings which apply to the whole chart
persistence:
# enabled is whether to use Persistent Volumes or not
enabled: true
# useDynamicProvisioning is whether or not to use Storage Classes to dynamically create Persistent Volumes
useDynamicProvisioning: true
# dataPVC section specifies settings for the main Persistent Volume Claim, which is used for data in /var/mqm
dataPVC:
# name sets part of the name for this Persistent Volume Claim
name: "data"
## storageClassName is the name of the Storage Class to use, or an empty string for no Storage Class
storageClassName: ""
## size is the minimum size of the Persistent Volume
size: 2Gi
service:
type: ClusterIP
resources:
limits:
cpu: 500m
memory: 512Mi
requests:
cpu: 500m
memory: 512Mi
security:
# serviceAccountName is the name of the service account to use
serviceAccountName: "default"
# context section specifies additional security context settings for the pod
context:
fsGroup:
supplementalGroups: []
# initVolumeAsRoot specifies whether or not storage provider requires root permissions to initialize
initVolumeAsRoot: false
# queueManager section specifies settings for the MQ Queue Manager
queueManager:
# name allows you to specify the name to use for the queue manager. Defaults to the Helm release name.
name:
# dev section specifies settings for the MQ developer defaults available in the MQ Advanced for Developers image.
dev:
# adminPassword sets the password of the admin user
adminPassword:
# appPassword sets the password of the app user
appPassword:
# log section specifies settings for MQ error logs
log:
format: basic
# metrics section specifies settings for generating queue manager metrics
metrics:
enabled: true
# livenessProbe section specifies setting for the MQ liveness probe, which checks for a running Queue Manager
livenessProbe:
# initialDelaySeconds should be raised if your system cannot start the Queue Manager in 60 seconds
initialDelaySeconds: 60
periodSeconds: 10
timeoutSeconds: 5
failureThreshold: 1
# readinessProbe section specifies setting for the MQ readiness probe, which checks when the MQ listener is running
readinessProbe:
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 1
# nameOverride can be set to partially override the name of the resources created by this chart
nameOverride: ""
What did you expect to see?
A clear and concise description of what you expected to happen (or insert a code snippet).
What did you see instead? Under which circumstances?
A clear and concise description of what you expected to happen (or insert a code snippet).
The helm chart embedded gets deployed ok but the operator is continually deleting and creating a secret with a version being incremented even with nothing changing:
secret/joe-mq-3wm1x1w9f0g2bu57sfxe5x5hd-ibm-mq Opaque 1 17m
secret/joe-mq-3wm1x1w9f0g2bu57sfxe5x5hd.v83 Opaque 1 13m
secret/joe-mq-3wm1x1w9f0g2bu57sfxe5x5hd.v84 Opaque 1 13m
``
**Environment**
* operator-sdk version:
operator-sdk version: v0.6.0+git
Insert operator-sdk release or Git SHA here.
* Kubernetes version information:
Insert output of `kubectl version` here
* Kubernetes cluster kind:
* Are you writing your operator in ansible, helm, or go?
helm
**Possible Solution**
<!--- Only if you have suggestions on a fix for the bug -->
**Additional context**
Add any other context about the problem here.