reconciliation of older clusters broken due to added encryption key secrets
xh3b4sd opened this issue · comments
I found the following error in the logs by accident. The cluster being reconciled is quite old but the processing fails because there is no encryption key yet. This is a perfect example of bad migration paths (none) and weak versioning on our side. Lets try to do this better in the future. I am not sure how we can fix this now.
{"caller":"github.com/giantswarm/aws-operator/vendor/github.com/giantswarm/randomkeytpr/service.go:90","debug":"searching secret: clusterKey=encryption, clusterID=7vzmd","time":"17-10-24 22:36:23.688"}
{"caller":"github.com/giantswarm/aws-operator/service/create/service.go:504","error":"error processing cluster '7vzmd': '[{/go/src/github.com/giantswarm/aws-operator/service/create/service.go:567: could not get keys from secrets: '[{/go/src/github.com/giantswarm/aws-operator/vendor/github.com/giantswarm/randomkeytpr/service.go:74: } {/go/src/github.com/giantswarm/aws-operator/vendor/github.com/giantswarm/randomkeytpr/service.go:143: timed out waiting for secrets} {/go/src/github.com/giantswarm/aws-operator/vendor/github.com/giantswarm/randomkeytpr/error.go:14: secrets retreival failed}]'} {execution failed}]'","time":"17-10-24 22:37:53.696"}
ack @xh3b4sd thx! <3
Should we move this to sig operator's inbox to keep track?
Done. Thanks for the notice. <3
I am closing this since the reconciliation is reworked and nobody will fix this error now. Since there are more and more new clusters and the reconciliation never did really work so far in AWS this should not be a big deal now.