trident icon indicating copy to clipboard operation
trident copied to clipboard
verified publisher icon NetApp

"Username is specified in both config and secret ..." message is incorrectly logged

Open tksm opened this issue 3 years ago • 0 comments

Describe the bug

"Username is specified in both config and secret ..." and similar warning messages are incorrectly logged after updating Trident v22.07.0.

time="2022-08-01T01:42:13Z" level=warning msg="clientPrivateKey is specified in both config and secret; overriding from secret."
time="2022-08-01T01:42:13Z" level=warning msg="Username is specified in both config and secret; overriding from secret."
time="2022-08-01T01:42:13Z" level=warning msg="Password is specified in both config and secret; overriding from secret."

It seems that this behavior is introduced in https://github.com/NetApp/trident/commit/655e707d26e047df7809740f05f1f984bb36cb1f. Apparently, this commit assumes ClientPrivateKey, Username, and Password in OntapStorageDriverConfig are empty if the backend secret is used. But these fields have values like secret:tbe-3282edab-7edf-46ef-b57d-eb134fa5bbd0 if we use the backend secret, so these warning messages are always logged.

Environment

  • Trident version: 22.07.0
  • Trident installation flags used: silenceAutosupport: true (Trident Operator)
  • Container runtime: containerd://1.6.6
  • Kubernetes version: v1.23.4
  • Kubernetes orchestrator: Kubernetes
  • Kubernetes enabled feature gates: none
  • OS: Ubuntu 20.04.4 LTS
  • NetApp backend types: ONTAP AFF 9.9.1P
  • Other:

To Reproduce

  1. Make an ontap-san backend on Trident v22.07.0.
tridentctl create backend -f- << EOL
{
  "version": 1,
  "storageDriverName": "ontap-san",
  "backendName": "ontapsan",
  "managementLIF": "${MANAGEMENT_LIF}",
  "svm": "${SVM}",
  "username": "${SVM_USER}",
  "password": "${SVM_PASSWORD}",
  "igroupName": "${IGROUP_NAME}",
  "storagePrefix": "${STORAGE_PREFIX}",
}
  1. Restart the trident controller plugin.
kubectl rollout restart -n trident deployment trident-csi
  1. The warning messages will be incorrectly reported.
kubectl logs -n trident deploy/trident-csi trident-main | grep "is specified in both"

time="2022-08-08T07:24:37Z" level=warning msg="Username is specified in both config and secret; overriding from secret."
time="2022-08-08T07:24:37Z" level=warning msg="Password is specified in both config and secret; overriding from secret."

Expected behavior

Trident should not log these warning messages when we only use the backend secret.

tksm avatar Aug 08 '22 08:08 tksm