Skip to content

Commit 1c63dfd

Browse files
mmalvezzmmalvezz
committed
Merge branch 'mmalvezz' into 'master'
fix for bug 34817258 UNPLUGPDB FUNCTION : VARIABLE TDESECRET AND TDEPASSWORD HAVE WRONG SCOPE DEFINITION See merge request rac-docker-dev/oracle-database-operator!232
2 parents ecdec61 + 6668f6b commit 1c63dfd

File tree

1 file changed

+29
-6
lines changed

1 file changed

+29
-6
lines changed

controllers/database/pdb_controller.go

Lines changed: 29 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -119,6 +119,10 @@ var (
119119

120120
const PDBFinalizer = "database.oracle.com/PDBfinalizer"
121121

122+
var tdePassword string
123+
var tdeSecret string
124+
125+
122126
//+kubebuilder:rbac:groups=database.oracle.com,resources=pdbs,verbs=get;list;watch;create;update;patch;delete
123127
//+kubebuilder:rbac:groups=database.oracle.com,resources=pdbs/status,verbs=get;update;patch
124128
//+kubebuilder:rbac:groups=database.oracle.com,resources=pdbs/finalizers,verbs=get;create;update;patch;delete
@@ -585,6 +589,9 @@ func (r *PDBReconciler) createPDB(ctx context.Context, req ctrl.Request, pdb *db
585589
log := r.Log.WithValues("createPDB", req.NamespacedName)
586590

587591
var err error
592+
var tdePassword string
593+
var tdeSecret string
594+
588595

589596
cdb, err := r.getCDBResource(ctx, req, pdb)
590597
if err != nil {
@@ -613,14 +620,17 @@ func (r *PDBReconciler) createPDB(ctx context.Context, req ctrl.Request, pdb *db
613620
"getScript": strconv.FormatBool(*(pdb.Spec.GetScript))}
614621

615622
if *(pdb.Spec.TDEImport) {
616-
tdePassword, err := r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
623+
tdePassword, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
617624
if err != nil {
618625
return err
619626
}
620-
tdeSecret, err := r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
627+
tdeSecret, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
621628
if err != nil {
622629
return err
623630
}
631+
632+
tdeSecret = tdeSecret[:len(tdeSecret)-1]
633+
tdePassword = tdeSecret[:len(tdePassword)-1]
624634
values["tdePassword"] = tdePassword
625635
values["tdeKeystorePath"] = pdb.Spec.TDEKeystorePath
626636
values["tdeSecret"] = tdeSecret
@@ -636,6 +646,7 @@ func (r *PDBReconciler) createPDB(ctx context.Context, req ctrl.Request, pdb *db
636646
}
637647
_, err = r.callAPI(ctx, req, pdb, url, values, "POST")
638648
if err != nil {
649+
log.Error(err, "callAPI error", err.Error())
639650
return err
640651
}
641652

@@ -720,6 +731,8 @@ func (r *PDBReconciler) plugPDB(ctx context.Context, req ctrl.Request, pdb *dbap
720731
log := r.Log.WithValues("plugPDB", req.NamespacedName)
721732

722733
var err error
734+
var tdePassword string
735+
var tdeSecret string
723736

724737
cdb, err := r.getCDBResource(ctx, req, pdb)
725738
if err != nil {
@@ -742,14 +755,17 @@ func (r *PDBReconciler) plugPDB(ctx context.Context, req ctrl.Request, pdb *dbap
742755
"getScript": strconv.FormatBool(*(pdb.Spec.GetScript))}
743756

744757
if *(pdb.Spec.TDEImport) {
745-
tdePassword, err := r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
758+
tdePassword, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
746759
if err != nil {
747760
return err
748761
}
749-
tdeSecret, err := r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
762+
tdeSecret, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
750763
if err != nil {
751764
return err
752765
}
766+
767+
tdeSecret = tdeSecret[:len(tdeSecret)-1]
768+
tdePassword = tdeSecret[:len(tdePassword)-1]
753769
values["tdePassword"] = tdePassword
754770
values["tdeKeystorePath"] = pdb.Spec.TDEKeystorePath
755771
values["tdeSecret"] = tdeSecret
@@ -793,6 +809,9 @@ func (r *PDBReconciler) unplugPDB(ctx context.Context, req ctrl.Request, pdb *db
793809
log := r.Log.WithValues("unplugPDB", req.NamespacedName)
794810

795811
var err error
812+
var tdePassword string
813+
var tdeSecret string
814+
796815

797816
cdb, err := r.getCDBResource(ctx, req, pdb)
798817
if err != nil {
@@ -806,21 +825,25 @@ func (r *PDBReconciler) unplugPDB(ctx context.Context, req ctrl.Request, pdb *db
806825

807826
if *(pdb.Spec.TDEExport) {
808827
// Get the TDE Password
809-
tdePassword, err := r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
828+
tdePassword, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
810829
if err != nil {
811830
return err
812831
}
813-
tdeSecret, err := r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
832+
tdeSecret, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
814833
if err != nil {
815834
return err
816835
}
836+
837+
tdeSecret = tdeSecret[:len(tdeSecret)-1]
838+
tdePassword = tdeSecret[:len(tdePassword)-1]
817839
values["tdePassword"] = tdePassword
818840
values["tdeKeystorePath"] = pdb.Spec.TDEKeystorePath
819841
values["tdeSecret"] = tdeSecret
820842
values["tdeExport"] = strconv.FormatBool(*(pdb.Spec.TDEExport))
821843
}
822844

823845
url := "https://" + pdb.Spec.CDBResName + "-ords:" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdb.Spec.PDBName + "/"
846+
log.Info("CallAPI(url)", "url", url)
824847

825848
pdb.Status.Phase = pdbPhaseUnplug
826849
pdb.Status.Msg = "Waiting for PDB to be unplugged"

0 commit comments

Comments
 (0)