Bug 1769561 - Replacing (updating) operator creates duplicate secrets for the operator's ServiceAccount
Summary: Replacing (updating) operator creates duplicate secrets for the operator's Se...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: OLM
Version: 4.2.z
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 4.2.z
Assignee: Bowen Song
QA Contact: Salvatore Colangelo
URL:
Whiteboard:
Depends On: 1776521
Blocks: 1769562
TreeView+ depends on / blocked
 
Reported: 2019-11-06 21:04 UTC by Bowen Song
Modified: 2020-02-26 05:52 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1769030
Environment:
Last Closed: 2020-02-26 05:52:30 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Github operator-framework operator-lifecycle-manager pull 1159 'None' closed [release-4.2] Bug 1769561: Replacing operator creates duplicate secrets 2020-04-05 22:42:30 UTC
Github operator-framework operator-lifecycle-manager pull 1222 None closed [release-4.2] Bug 1769561: Replacing operator creates duplicate secrets 2020-04-05 22:42:30 UTC
Red Hat Product Errata RHBA-2020:0523 None None None 2020-02-26 05:52:37 UTC

Comment 3 Salvatore Colangelo 2020-02-19 10:10:09 UTC
Hi 

follow this step the same step in https://bugzilla.redhat.com/show_bug.cgi?id=1769030

Step 1:
# install version 0.0.1
git clone https://github.com/jewzaam/example-operator.git

Step2:
#change the apiVersion on file 08_operatorgroup.yaml

vi install/openshift-4.1/08_operatorgroup.yaml -->  from apiVersion: operators.coreos.com/v1alpha2 to --> to: apiVersion: operators.coreos.com/v1

Step3

cd example-operator
oc create -R -f install/openshift-4.1/


[scolange@scolange example-operator]$ oc create -R -f install/openshift-4.1/
namespace/example-operator created
catalogsource.operators.coreos.com/example-operator-registry created
operatorgroup.operators.coreos.com/example-operators created
subscription.operators.coreos.com/example-operator created



Step 4:
# wait for it to start the operator pod
oc -n example-operator get pods -l name=example-operator --no-headers


Step 3:
# check secrets for the SA

[scolange@scolange example-operator]$ oc -n example-operator get secrets | grep example-operator
example-operator-dockercfg-vntlt   kubernetes.io/dockercfg               1      41s
example-operator-token-k8h54       kubernetes.io/service-account-token   4      41s
example-operator-token-zxnrq       kubernetes.io/service-account-token   4      40s


# update to 0.0.2
oc -n example-operator get catalogsource example-operator-registry -o json | jq -r '.spec.image = "quay.io/nmalik/example-operator-registry:0.0.2"' | oc replace -f -

[scolange@scolange example-operator]$ oc -n example-operator get catalogsource example-operator-registry -o json | jq -r '.spec.image = "quay.io/nmalik/example-operator-registry:0.0.2"' | oc replace -f -
catalogsource.operators.coreos.com/example-operator-registry replaced

# wait for it upgrade the operator pod
oc -n example-operator get pods -l name=example-operator --no-headers

[scolange@scolange example-operator]$ oc -n example-operator get pods -l name=example-operator --no-headers
example-operator-588898648d-tj5mq   1/1   Running   0     32s



# check secrets for the SA
oc -n example-operator get secrets | grep example-operator
[scolange@scolange example-operator]$ oc -n example-operator get secrets | grep example-operator
example-operator-dockercfg-vntlt   kubernetes.io/dockercfg               1      3m37s
example-operator-token-k8h54       kubernetes.io/service-account-token   4      3m37s
example-operator-token-zxnrq       kubernetes.io/service-account-token   4      3m36s


The secret are not duplicated



[scolange@scolange example-operator]$ oc get clusterversion
NAME      VERSION                             AVAILABLE   PROGRESSING   SINCE   STATUS
version   4.2.0-0.nightly-2020-02-17-195403   True        False         28h     Cluster version is 4.2.0-0.nightly-2020-02-17-195403

Comment 5 errata-xmlrpc 2020-02-26 05:52:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:0523


Note You need to log in before you can comment on or make changes to this bug.