K8SPSMDB-1387 certmanager --enable-certificate-owner-ref option causes no startup of any mongodb clusters

[Demch1k]

CHANGE DESCRIPTION

https://perconadev.atlassian.net/browse/K8SPSMDB-1387

---

Problem:
We have enabled --enable-certificate-owner-ref for certmanager and after that mongodb operator can not startup any mongodb clusters.

Cause:
Mongodb operator return error when can't update owner references for certificates recources. But with --enable-certificate-owner-ref certmanager do it by itselfs.

Solution:
Catch error connected with already exists owner ref and jus print it out

CHECKLIST

Jira

• Is the Jira ticket created and referenced properly?
• Does the Jira ticket have the proper statuses for documentation (Needs Doc) and QA (Needs QA)?
• Does the Jira ticket link to the proper milestone (Fix Version field)?

Tests

• Is an E2E test/test case added for the new feature/change?
• Are unit tests added where appropriate?
• Are OpenShift compare files changed for E2E tests (compare/*-oc.yml)?

Config/Logging/Testability

• Are all needed new/changed options added to default YAML files?
• Are all needed new/changed options added to the Helm Chart?
• Did we add proper logging messages for operator actions?
• Did we ensure compatibility with the previous version or cluster upgrade process?
• Does the change support oldest and newest supported MongoDB version?
• Does the change support oldest and newest supported Kubernetes version?

[CLAassistant]

All committers have signed the CLA.

[egegunes]

few comments.

also I wonder if we need to set this flag while deploying cert-manager in our tests

[egegunes]

should we return error here?

[egegunes]

should we return error here?

[egegunes]

@gkech wdyt of this errors.Cause maybe we should check with errors.Is?

[gkech]

yes it is better @egegunes

@Demch1k let's use errors.Is and also, let's drop switch since it is not needed, so the following for all cases.

if err = controllerutil.SetControllerReference(cr, secret, c.scheme); err != nil {
if errors.Is(err, &controllerutil.AlreadyOwnedError{}) {
	return errors.Wrap(err, "set owner reference")
}
return errors.Wrap(err, "set controller reference")
}

[gkech]

@Demch1k any updates on this one?

[egegunes]

seems like we will need to take this over, i'm moving this to next release

[Demch1k]

@egegunes Could you check changes made by @pooknull , I think it's ready for review

[Demch1k]

@pooknull Could you approve this PR?

[egegunes]

demand-backup-physical-gcp-native, demand-backup-physical-sharded-gcp-native and pitr-to-new-cluster test failures needs to be investigated. @Demch1k if you aren't able to understand what's wrong with them, we'll help you when we start working on v1.22.0.

[JNKPercona]

Test Name	Result	Time
arbiter	passed	00:00:00
balancer	passed	00:00:00
cross-site-sharded	passed	00:00:00
custom-replset-name	passed	00:00:00
custom-tls	passed	00:00:00
custom-users-roles	passed	00:00:00
custom-users-roles-sharded	passed	00:00:00
data-at-rest-encryption	passed	00:00:00
data-sharded	passed	00:00:00
demand-backup	passed	00:00:00
demand-backup-eks-credentials-irsa	passed	00:00:00
demand-backup-fs	passed	00:00:00
demand-backup-if-unhealthy	passed	00:00:00
demand-backup-incremental	passed	00:00:00
demand-backup-incremental-sharded	passed	00:00:00
demand-backup-physical-parallel	passed	00:00:00
demand-backup-physical-aws	passed	00:00:00
demand-backup-physical-azure	passed	00:00:00
demand-backup-physical-gcp-s3	passed	00:00:00
demand-backup-physical-gcp-native	passed	00:00:00
demand-backup-physical-minio	passed	00:00:00
demand-backup-physical-minio-native	passed	00:00:00
demand-backup-physical-sharded-parallel	passed	00:00:00
demand-backup-physical-sharded-aws	passed	00:00:00
demand-backup-physical-sharded-azure	passed	00:00:00
demand-backup-physical-sharded-gcp-native	passed	00:00:00
demand-backup-physical-sharded-minio	passed	00:00:00
demand-backup-physical-sharded-minio-native	passed	00:00:00
demand-backup-sharded	passed	00:00:00
expose-sharded	passed	00:00:00
finalizer	passed	00:00:00
ignore-labels-annotations	passed	00:00:00
init-deploy	passed	00:00:00
ldap	passed	00:00:00
ldap-tls	passed	00:00:00
limits	passed	00:00:00
liveness	passed	00:00:00
mongod-major-upgrade	passed	00:00:00
mongod-major-upgrade-sharded	passed	00:00:00
monitoring-2-0	passed	00:00:00
monitoring-pmm3	passed	00:00:00
multi-cluster-service	passed	00:00:00
multi-storage	passed	00:00:00
non-voting-and-hidden	passed	00:00:00
one-pod	passed	00:00:00
operator-self-healing-chaos	passed	00:00:00
pitr	passed	00:00:00
pitr-physical	passed	00:00:00
pitr-sharded	passed	00:00:00
pitr-to-new-cluster	passed	00:00:00
pitr-physical-backup-source	passed	00:00:00
preinit-updates	passed	00:00:00
pvc-resize	passed	00:00:00
recover-no-primary	passed	00:00:00
replset-overrides	passed	00:00:00
replset-remapping	passed	00:00:00
replset-remapping-sharded	passed	00:00:00
rs-shard-migration	passed	00:00:00
scaling	passed	00:00:00
scheduled-backup	passed	00:00:00
security-context	passed	00:00:00
self-healing-chaos	passed	00:00:00
service-per-pod	passed	00:00:00
serviceless-external-nodes	passed	00:00:00
smart-update	passed	00:00:00
split-horizon	passed	00:00:00
stable-resource-version	passed	00:00:00
storage	passed	00:00:00
tls-issue-cert-manager	passed	00:00:00
unsafe-psa	passed	00:00:00
upgrade	passed	00:00:00
upgrade-consistency	passed	00:00:00
upgrade-consistency-sharded-tls	passed	00:00:00
upgrade-sharded	passed	00:00:00
upgrade-partial-backup	passed	00:00:00
users	passed	00:00:00
users-vault	passed	00:00:00
version-service	passed	00:00:00

Summary	Value
Tests Run	78/78
Job Duration	00:12:56
Total Test Time	N/A

commit: 164edc2
image: perconalab/percona-server-mongodb-operator:PR-1850-164edc23

[hors]

@Demch1k Thank you for your contribution.