fix(k8s): Always define AutomaticTLSCertificates with bool value in K8S

Starting with the 'v1.11.0' version of the scylla-operator the TLS feature gets enabled by default. At first, we do not need it. At second, it makes the scylla-manager operations fail [1]. So, disable it explicitly if we do not expect it to overwrite the default setting. [1] scylladb/scylla-manager#3679
scylladb · Jan 21, 2024 · 3758da0 · 3758da0
1 parent d311c6c
commit 3758da0
Showing 1 changed file with 8 additions and 8 deletions.
diff --git a/sdcm/cluster_k8s/__init__.py b/sdcm/cluster_k8s/__init__.py
@@ -751,15 +751,15 @@ def deploy_scylla_operator(self, pool_name: str = None) -> None:
                 namespace=SCYLLA_OPERATOR_NAMESPACE,
                 values=values
             ))
-            if self.params.get('k8s_enable_tls') and ComparableScyllaOperatorVersion(
-                    self.scylla_operator_chart_version.split("-")[0]) >= "1.8.0":
-                patch_cmd = ('patch deployment scylla-operator --type=json -p=\'[{"op": "add",'
-                             '"path": "/spec/template/spec/containers/0/args/-", '
-                             '"value": "--feature-gates=AutomaticTLSCertificates=true" }]\' ')
+            scylla_operator_version = self.scylla_operator_chart_version.split("-")[0]
+            enable_tls = 'true' if self.params.get('k8s_enable_tls') else 'false'
+            if ComparableScyllaOperatorVersion(scylla_operator_version) >= "1.8.0":
+                patch_cmd = (
+                    'patch deployment scylla-operator --type=json -p=\'[{"op": "add",'
+                    ' "path": "/spec/template/spec/containers/0/args/-", '
+                    f'"value": "--feature-gates=AutomaticTLSCertificates={enable_tls}" }}]\' ')
                 self.kubectl(patch_cmd, namespace=SCYLLA_OPERATOR_NAMESPACE)
-
-            if self.params.get('k8s_enable_tls') and ComparableScyllaOperatorVersion(
-                    self.scylla_operator_chart_version.split("-")[0]) >= "1.9.0":
+            if enable_tls == 'true' and ComparableScyllaOperatorVersion(scylla_operator_version) >= "1.9.0":
                 # around 10 keys that need to be cached per cluster
                 crypto_key_buffer_size = self.params.get('k8s_tenants_num') * 10
                 for flag in (f"--crypto-key-buffer-size-min={crypto_key_buffer_size}",