Unverified Commit c9f450b3 authored by Derek Nola's avatar Derek Nola Committed by GitHub

Ignore value conflicts when reencrypting secrets (#6918)

* Ignore conflict secrets Signed-off-by: 's avatarDerek Nola <derek.nola@suse.com>
parent 30528539
......@@ -11,6 +11,7 @@ import (
coreclient "github.com/rancher/wrangler/pkg/generated/controllers/core/v1"
"github.com/sirupsen/logrus"
corev1 "k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/api/meta"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/labels"
......@@ -223,8 +224,8 @@ func (h *handler) updateSecrets(node *corev1.Node) error {
i := 0
err = meta.EachListItem(secretsList, func(obj runtime.Object) error {
if secret, ok := obj.(*corev1.Secret); ok {
if _, err := h.secrets.Update(secret); err != nil {
return fmt.Errorf("failed to reencrypted secret: %v", err)
if _, err := h.secrets.Update(secret); err != nil && !apierrors.IsConflict(err) {
return fmt.Errorf("failed to update secret: %v", err)
}
if i != 0 && i%10 == 0 {
h.recorder.Eventf(nodeRef, corev1.EventTypeNormal, secretsProgressEvent, "reencrypted %d secrets", i)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment