Description of problem: Currently Kubeconfig controller from Cluster CAPI operator doesn't reconcile the secret with kubeconfig file after its creation. Additionally, if the token secret is modified, the controller doesn't regenerate the kubeconfig. Version-Release number of selected component (if applicable): 4.11 How reproducible: Always Steps to Reproduce: 1. Deploy a cluster with enabled CAPI. 2. Make sure that "cluster-capi-operator-secret" has been created in "openshift-cluster-api" namespace. 3. Manually update or delete the secret. Actual results: The operator won't update or recreate the secret. Expected results: The secret is restored to the correct version by the operator. Additional info:
Verify failed. Delete the secret, the secret can be restored. Manually update secret cluster-capi-operator-secret, the secret coulndn't be restored. 1. Deploy a cluster with enabled CAPI. 2. Make sure that "cluster-capi-operator-secret" has been created in "openshift-cluster-api" namespace. 3. Manually update the secret, check if the secret can be restored $ oc patch secret/cluster-capi-operator-secret --type=merge -p '{"data": {"key":"dmFsdWU="}}' secret/cluster-capi-operator-secret patched About 1 hour later, check secret cluster-capi-operator-secret still have the new added key. $ oc get secret cluster-capi-operator-secret -o yaml key: dmFsdWU= After modifying the secret, the cluster-capi-operator log: I0523 06:05:39.783578 1 kubeconfig.go:85] controller/secret/KubeconfigController "msg"="Reconciling kubeconfig secret" "name"="cluster-capi-operator-secret" "namespace"="openshift-cluster-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:10:34.859111 1 cluster.go:76] controller/infrastructure/ClusterController "msg"="Reconciling infrastucture cluster" "name"="cluster" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="Infrastructure" "platformType"="AWS" I0523 06:10:34.859111 1 clusteroperator_controller.go:49] controller/clusteroperator/ClusterOperatorController "msg"="reconciling Cluster API components for technical preview cluster" "name"="cluster-api" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="ClusterOperator" I0523 06:10:34.859250 1 clusteroperator_controller.go:109] controller/clusteroperator "msg"="reconciling Core CAPI components" "name"="cluster-api" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="ClusterOperator" I0523 06:10:34.860282 1 clusteroperator_controller.go:131] controller/clusteroperator "msg"="reconciling Infrastructure CAPI components" "name"="cluster-api" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="ClusterOperator" I0523 06:10:34.876220 1 cluster.go:99] controller/infrastructure/ClusterController "msg"="Reconciling core cluster" "name"="cluster" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="Infrastructure" I0523 06:10:39.877552 1 secret_sync_controller.go:42] controller/secret/SecretSyncController "msg"="reconciling worker user data secret" "name"="worker-user-data" "namespace"="openshift-machine-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:10:39.877643 1 secret_sync_controller.go:72] controller/secret/SecretSyncController "msg"="source and target secrets are equal, no sync needed" "name"="worker-user-data" "namespace"="openshift-machine-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:10:39.877683 1 secret_sync_controller.go:158] controller/secret "msg"="user Data Secret Controller is available" "name"="worker-user-data" "namespace"="openshift-machine-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:11:10.183084 1 clusteroperator_controller.go:49] controller/clusteroperator/ClusterOperatorController "msg"="reconciling Cluster API components for technical preview cluster" "name"="cluster-api" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="ClusterOperator" I0523 06:11:10.183161 1 clusteroperator_controller.go:109] controller/clusteroperator "msg"="reconciling Core CAPI components" "name"="cluster-api" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="ClusterOperator" I0523 06:11:10.184084 1 clusteroperator_controller.go:131] controller/clusteroperator "msg"="reconciling Infrastructure CAPI components" "name"="cluster-api" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="ClusterOperator" I0523 06:14:00.651040 1 secret_sync_controller.go:42] controller/secret/SecretSyncController "msg"="reconciling worker user data secret" "name"="worker-user-data" "namespace"="openshift-cluster-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:14:00.651148 1 kubeconfig.go:85] controller/secret/KubeconfigController "msg"="Reconciling kubeconfig secret" "name"="cluster-capi-operator-secret" "namespace"="openshift-cluster-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:14:00.651176 1 secret_sync_controller.go:72] controller/secret/SecretSyncController "msg"="source and target secrets are equal, no sync needed" "name"="worker-user-data" "namespace"="openshift-cluster-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:14:00.651469 1 secret_sync_controller.go:158] controller/secret "msg"="user Data Secret Controller is available" "name"="worker-user-data" "namespace"="openshift-cluster-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:14:00.658093 1 kubeconfig.go:85] controller/secret/KubeconfigController "msg"="Reconciling kubeconfig secret" "name"="cluster-capi-operator-secret" "namespace"="openshift-cluster-api" "reconciler group"="" "reconciler kind"="Secret" I0523 06:20:20.772649 1 clusteroperator_controller.go:49] controller/clusteroperator/ClusterOperatorController "msg"="reconciling Cluster API components for technical preview cluster" "name"="cluster-api" "namespace"="" "reconciler group"="config.openshift.io" "reconciler kind"="ClusterOperator"
*** This bug has been marked as a duplicate of bug 2089254 ***