Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Duplicate ClusterRoleBindings will be attempted to be created when we set watchAnyNamespace to true and add some namespaces to watchNamespaces #10378

Closed
Eric84626 opened this issue Jul 24, 2024 · 6 comments · Fixed by #10479
Closed

[Bug]: Duplicate ClusterRoleBindings will be attempted to be created when we set watchAnyNamespace to true and add some namespaces to watchNamespaces #10378

Eric84626 opened this issue Jul 24, 2024 · 6 comments · Fixed by #10479
Labels
bug help wanted

Comments

@Eric84626
Copy link
Contributor

Eric84626 commented Jul 24, 2024
edited
Loading

Bug Description

Duplicate ClusterRoleBindings will be attempted to be created when we set watchAnyNamespace to true and add some namespaces to watchNamespaces.

Steps to reproduce

watchNamespaces:

  • namespaceA
  • namesapceB
    watchAnyNamespace: true

Duplicate ClusterRoleBindings will be attempted to be created(strimzi-cluster-operator-namespaced & strimzi-cluster-operator-watched & strimzi-cluster-operator-entity-operator-delegation).

Expected behavior

If I set watchAnyNamespace to true, we should ignore the values of watchNamespaces list

Strimzi version

0.42.0

Kubernetes version

1.28

Installation method

Helm chart

Infrastructure

AWS EKS/Azure AKS

Configuration files and logs

No response

Additional context

No response
@Eric84626
Copy link
Contributor Author

I will fix it, and create a PR.

@scholzj
Copy link
Member

scholzj commented Aug 4, 2024
edited
Loading

@Eric84626 Sure, feel free to open the PR

@forsberg
Copy link

forsberg commented Aug 5, 2024
edited
Loading

Related is that I got the same error when my watchNamespaces setting included the namespace in which the operator is installed. This is inline with documentation, but still confused me after a Helm version upgrade.

@Eric84626
Copy link
Contributor Author

Related is that I got the same error when my watchNamespaces setting included the namespace in which the operator is installed. This is inline with documentation, but still confused me after a Helm version upgrade.

Hello @forsberg ,
I think we should not add strimzi operator namespace to watchNamespaces list.
Please refer below comment in strimzi operator helm chart.
https://github.com/strimzi/strimzi-kafka-operator/blob/main/packaging/helm-charts/helm3/strimzi-kafka-operator/values.yaml#L6-L7

@scholzj
Copy link
Member

scholzj commented Aug 8, 2024

Triaged on the Community call on 8.8.2024: This should be fixed.

If it is possible, I think we prefer if it throws an error when both options are configured in parallel. If that is not possible (we do not have much Helm knowledge to be honest),the suggested solution to ignore the watchNamespaces option when it is configured to watch all namespaces sounds good as well.

@Eric84626
Copy link
Contributor Author

hello @scholzj,
Thanks for your confirm, my PR is in progress.

@Eric84626 Eric84626 mentioned this issue Aug 21, 2024
Merged
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug help wanted
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix duplicate clustersrolebindings issue fidelity-contributions/strimzi-strimzi-kafka-operator
3 participants
@forsberg @scholzj @Eric84626