The PR #11447 changed the way SSL is configured for Kafka brokers, the process was simplified to access secrets directly using KubernetesSecretProvider. If user provided secret (e.g. custom cert secrets) has been deleted or its field name has been changed, brokers would not be able to restart (likely to go into CrashLoopBackoff). We should find a better way to handle missing secret/field. (Note before the mentioned PR, the pods would have gone into Pending or CrashLoopBackoff as well if secret/field is missing).
Discussion thread: #11447 (comment)
The PR #11447 changed the way SSL is configured for Kafka brokers, the process was simplified to access secrets directly using KubernetesSecretProvider. If user provided secret (e.g. custom cert secrets) has been deleted or its field name has been changed, brokers would not be able to restart (likely to go into CrashLoopBackoff). We should find a better way to handle missing secret/field. (Note before the mentioned PR, the pods would have gone into Pending or CrashLoopBackoff as well if secret/field is missing).
Discussion thread: #11447 (comment)