Bug 2138753

Summary: [KMIP] csi-kms resources are created for MCG only deployments
Product: [Red Hat Storage] Red Hat OpenShift Data Foundation Reporter: Rachael <rgeorge>
Component: management-consoleAssignee: Debjyoti Pandit <dpandit>
Status: CLOSED CURRENTRELEASE QA Contact: Rachael <rgeorge>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 4.12CC: jefbrown, kramdoss, muagarwa, nthomas, ocs-bugs, odf-bz-bot, rar, skatiyar, sostapov
Target Milestone: ---   
Target Release: ODF 4.12.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: 4.12.0-114 Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-02-08 14:06:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Rachael 2022-10-31 06:11:41 UTC 
Description of problem (please be detailed as possible and provide log
snippets):

For standalone MCG deployments using KMIP, csi-kms resources such as the thales-kmip-csi secret and csi-kms-connection-details configmap are also created, which are not required, since there are no ceph RBD components deployed.

$ oc get storagecluster -o yaml
apiVersion: v1
items:
- apiVersion: ocs.openshift.io/v1
  kind: StorageCluster
  metadata:
    annotations:
      uninstall.ocs.openshift.io/cleanup-policy: delete
      uninstall.ocs.openshift.io/mode: graceful
    creationTimestamp: "2022-10-31T05:54:05Z"
    finalizers:
    - storagecluster.ocs.openshift.io
    generation: 2
    name: ocs-storagecluster
    namespace: openshift-storage
    ownerReferences:
    - apiVersion: odf.openshift.io/v1alpha1
      kind: StorageSystem
      name: ocs-storagecluster-storagesystem
      uid: e45f753d-f4e4-4cff-8a72-0d0aedc9b12d
    resourceVersion: "74949"
    uid: a38170fa-9d18-4c3f-8e7e-7121bc4b23d5
  spec:
    arbiter: {}
    encryption:
      kms:
        enable: true
[...]
    multiCloudGateway:
      dbStorageClassName: gp2-csi
      reconcileStrategy: standalone


$ oc get cm |grep kms-connection-details
csi-kms-connection-details       1      11m
ocs-kms-connection-details       5      11m

$ oc get secret |grep thales
thales-kmip-csi-ht7veq                            Opaque                                4      12m
thales-kmip-ocs-vxzjqr                            Opaque                                4      12m


Version of all relevant components (if applicable):
---------------------------------------------------
OCP: 4.12.0-0.nightly-2022-10-25-210451
ODF: odf-operator.v4.12.0    full_version=4.12.0-82


Does this issue impact your ability to continue to work with the product
(please explain in detail what is the user impact)?
No


Is there any workaround available to the best of your knowledge?
No


Rate from 1 - 5 the complexity of the scenario you performed that caused this
bug (1 - very simple, 5 - very complex)?
2


Can this issue reproducible?
Yes

Can this issue reproduce from the UI?
Yes

If this is a regression, please provide more details to justify this:
No


Steps to Reproduce:
--------------------
1. Deploy a standalone MCG ODF cluster using Thales KMIP
2. Check for csi-kms-connection-details configmap and thales-kmip-csi secret


Actual results:
---------------
The csi-kms resources are created, even though they are not required and cannot be used in the cluster

Expected results:
-----------------
csi-kms resources should not be created