[Upgrade] Upgrade clears the syndesis-pull-secret link from service accounts
See original GitHub issueThis is a…
[ ] Feature request
[ ] Regression (a behavior that used to work and stopped working in a new release)
[X] Bug report
[ ] Documentation issue or request
Description
I created the syndesis-pull-secret
secret with my authentication details and deploy 7.3.1. Now when I do the upgrade, what the upgrade pod does is:
...
=== * Update resources (upgrade_40_update_resources)
- ServiceAccount: force update (delete/create)
* syndesis-default
* syndesis-integration
* syndesis-prometheus
* syndesis-server
...
so it deletes the old SAs with linked secret and replaces them with the ones from the template and those do not have the pull secret linked.
We will need to have this script https://github.com/syndesisio/syndesis/blob/1.6.x/tools/upgrade/migration/resource/any/03_ensure_service_account_setup.sh but not as a migration script (those are called before the SAs are re-created) but as part of the upgrade_40_update_resources
script, after apply_resources
call: https://github.com/syndesisio/syndesis/blob/d0c9225266b7dda3f4c1df326ed0583f39618f5a/tools/upgrade/steps/upgrade_40_update_resources#L48-L56
Issue Analytics
- State:
- Created 4 years ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Service Accounts | OpenShift Container Platform 3.11
To allow a secret to be used as an image pull secret by a service account's pods, run: $ oc secrets link --for=pull...
Read more >Creating and managing service accounts | IAM Documentation
This page explains how to create and manage service accounts using the Identity and Access Management (IAM) API, the Google Cloud console, and...
Read more >NGC Private Registry User Guide
This document describes how to use the NVIDIA® GPU Cloud (NGC) private registry. This guide assumes the user is familiar with Linux and ......
Read more >Adding pull secrets to service accounts in OpenShift ...
To make that work I need to make sure that every service account contains the corresponding pull secret. Especially when operators (like strimzi) ......
Read more >Azure resource provider operations | Microsoft Learn
In this article. This section lists the operations for Azure resource providers, which are used in built-in roles.
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@avano if you already have a fix, please open the PR. I think the 1.6 migration script should be slightly changed to work on upstream (where we don’t have the pull secret), but it should be ok for 1.7.
Fixed with https://github.com/syndesisio/syndesis/pull/6233