Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

envFrom set by Service Binding Operator is overwritten by odo when there are automounting ConfigMaps or Secrets #6748

Closed
rm3l opened this issue Apr 18, 2023 · 3 comments
Closed

envFrom set by Service Binding Operator is overwritten by odo when there are automounting ConfigMaps or Secrets #6748

rm3l opened this issue Apr 18, 2023 · 3 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. priority/Low Nice to have issue. It's not immediately on the project roadmap to get it done.

Comments

@rm3l
Copy link
Member

rm3l commented Apr 18, 2023
edited
Loading

/kind bug

Originally posted by @rm3l in #6698 (review)

I quickly wanted to check how this would behave with Service Binding, which, I remembered might also alter the Pod spec to inject envFrom using a secret:

odo init --devfile nodejs --starter nodejs-starter --name automount-volumes-nodejs
odo add binding --service edb-cloud-native-postgresql.Cluster.postgresql.k8s.enterprisedb.io \
  --name automount-volumes-nodejs-edb-cloud-native-postgresql \
  --service-namespace shared-services \
  --bind-as-files=false

If I don't have any automounting configmap/secret, it works as expected:

$ kubectl get pod automount-volumes-nodejs-app-68d4c554b-kldjk -o yaml
[...]
    envFrom:                                                                                                                                                                                                        
    - secretRef:                                                                                                                                                                                                    
        name: automount-volumes-nodejs-edb-cloud-native-postgresql-fb57c24f

$ kubectl exec -it automount-volumes-nodejs-app-68d4c554b-kldjk -- /bin/sh -c 'env | grep CLUSTER | sort'
Alias tip: k exec -it automount-volumes-nodejs-app-68d4c554b-kldjk -- /bin/sh -c 'env | grep CLUSTER | sort'
CLUSTER_CA.CRT=-----BEGIN CERTIFICATE-----
CLUSTER_CA.KEY=-----BEGIN EC PRIVATE KEY-----
CLUSTER_CLUSTERIP=10.96.151.42
CLUSTER_DATABASE=app
CLUSTER_HOST=edb-cloud-native-postgresql-rw
CLUSTER_PASSWORD=3IxAlTt9AUeVNvPS1TVrptKCUxUMXWIkE37cQgq3orNfZcbKHX4JJOHV8pqD0xK6
CLUSTER_PGPASS=edb-cloud-native-postgresql-rw:5432:*:postgres:3IxAlTt9AUeVNvPS1TVrptKCUxUMXWIkE37cQgq3orNfZcbKHX4JJOHV8pqD0xK6
CLUSTER_PROVIDER=enterprisedb
CLUSTER_TLS.CRT=-----BEGIN CERTIFICATE-----
CLUSTER_TLS.KEY=-----BEGIN EC PRIVATE KEY-----
CLUSTER_TYPE=postgresql
CLUSTER_USERNAME=postgres

If I stop the previous Dev session and apply some automounting configmap/secret (I applied the resources you used in the tests of this PR), it looks like the environment variables expected from the ServiceBinding are no longer injected.

$ kubectl apply -f /path/to/odo/tests/examples/manifests/config-automount/
$ odo dev
$ kubectl get pod automount-volumes-nodejs-app-67f467566c-gjwxx -o yaml
[...]
    envFrom:                                                                                                                                                                                                        
    - secretRef:                                                                                                                                                                                                    
        name: automount-env-secret                                                                                                                                                                                  
    - configMapRef:                                                                                                                                                                                                 
        name: automount-env-configmap 

$ kubectl exec -it automount-volumes-nodejs-app-67f467566c-gjwxx -- /bin/sh -c 'env | grep CLUSTER | sort' 
$

Comment from @feloy (#6698 (comment))

I'm pretty sure the service binding operator is using an Update command to set the envfrom field. Because of using Update and not Apply, the values set by the operator are overwritten by odo.

$ kubectl get deployments.apps automount-volumes-nodejs-app -o yaml --show-managed-fields
[...]
  managedFields:
  - apiVersion: apps/v1
    fieldsType: FieldsV1
    fieldsV1:
      f:spec:
        f:template:
          f:spec:
            f:containers:
              k:{"name":"runtime"}:
                f:envFrom: {}
    manager: manager
    operation: Update
    time: "2023-04-17T09:53:51Z"
@github-actions github-actions bot added the needs-triage Indicates an issue or PR lacks a `triage/*` and requires one. label Apr 18, 2023
@rm3l rm3l added the kind/bug Categorizes issue or PR as related to a bug. label Apr 18, 2023
@rm3l rm3l changed the title envFrom set by Service Binding Operator is overwirtten by odo when there are automounting ConfigMaps or Secrets envFrom set by Service Binding Operator is overwritten by odo when there are automounting ConfigMaps or Secrets Apr 18, 2023
@github-actions
Copy link
Contributor

A friendly reminder that this issue had no activity for 90 days. Stale issues will be closed after an additional 30 days of inactivity.

@github-actions github-actions bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jul 18, 2023
@github-actions
Copy link
Contributor

This issue was closed because it has been inactive for 30 days since being marked as stale.

@github-actions github-actions bot added the lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. label Aug 18, 2023
@github-project-automation github-project-automation bot moved this to Done ✅ in odo Project Aug 18, 2023
@rm3l
Copy link
Member Author

rm3l commented Sep 7, 2023

/priority Low

@rm3l rm3l closed this as not planned Won't fix, can't repro, duplicate, stale Sep 7, 2023
@rm3l rm3l removed the needs-triage Indicates an issue or PR lacks a `triage/*` and requires one. label Sep 7, 2023
@openshift-ci openshift-ci bot added the priority/Low Nice to have issue. It's not immediately on the project roadmap to get it done. label Sep 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. lifecycle/rotten Denotes an issue or PR that has aged beyond stale and will be auto-closed. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. priority/Low Nice to have issue. It's not immediately on the project roadmap to get it done.
Projects
odo Project
Archived in project
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rm3l