error while replicating by label selector

Question

error while replicating by label selector

jullianow opened this issue 3 years ago · 1 comments

Describe the bug
When using the replication of an object (Secret) through the mechanism replicate-to-matching considering two labels in the namespaces, according to the example below:
E.g:

apiVersion: v1
data: {}
kind: Secret
metadata:
  name: infrastructure-certificate
  annotations:
    replicator.v1.mittwald.de/replicate-to-matching: replicate-secret-infrastructure-certificate=true,projectCustomer=yes
type: Opaque

I'm getting the following error

{
  "jsonPayload": {
    "level": "error",
    "kind": "Secret",
    "error": "Replicated liferay/infrastructure-certificate to 68 out of 126 namespaces: 58 errors occurred:\n\t* Failed to replicate Secret liferay/infrastructure-certificate -> afavkvklbdgiduzkky: Failed to update secret afavkvklbdgiduzkky/infrastructure-certificate: secrets \"infrastructure-certificate\" already exists: Failed to update secret afavkvklbdgiduzkky/infrastructure-certificate: secrets \"infrastructure-certificate\" already exists\n ....",
    "msg": "error while replicating by label selector",
    "resource": "liferay/infrastructure-certificate"
  }
}

NOTE: Summarize the contents of the error field so that it is not too long.

However, I noticed that Secret replication happened normally. It seemed to me that the error was a false positive.
It is also important to note that it was only a subset of namespaces that entered the error condition. What seems even more strange to me, because just to register, all the namespaces in question in the cluster that I'm synchronizing the secret, have the secret.
So it doesn't seem to me to be just an error because the secret already exists at the destination, the kubernetes-replicator failed to sync (overwriting the already existing secret).

To Reproduce
Secret:

apiVersion: v1
data: {}
kind: Secret
metadata:
  name: infrastructure-certificate
  annotations:
    replicator.v1.mittwald.de/replicate-to-matching: replicate-secret-infrastructure-certificate=true,projectCustomer=yes
type: Opaque

Namespace:

apiVersion: v1
kind: Namespace
metadata:
  labels:
    namespace: afavkvklbdgiduzkky
    projectCustomer: "yes"
    projectId: projectId
    projectSandbox: ""
    projectTrial: "yes"
    projectType: non-production
    projectUid: projectUid
    replicate-secret-infrastructure-certificate: "true"
  name: afavkvklbdgiduzkky

Expected behavior
Expected no sync error messages to occur.

Environment:

Kubernetes version: [e.g. 1.19]
kubernetes-replicator version: [e.g. v2.6.3]

Additional context
Add any other context about the problem here.

Answer 1 · 2021-11-03T02:07:29.000Z

There has not been any activity to this issue in the last 14 days. It will automatically be closed after 7 more days. Remove the stale label to prevent this.