From e62cdc008ef872935c37bd6ef564c9f77954c153 Mon Sep 17 00:00:00 2001
From: Rohan Kumar <rohaan@redhat.com>
Date: Mon, 5 Jan 2026 00:16:39 +0530
Subject: [PATCH] fix (backupcronjob): use non-cached client for registry auth
 Secret lookup

Use NonCachingClient when retrieving backup registry auth Secrets to avoid cache
misses caused by label-restricted Secret caching.

Signed-off-by: Rohan Kumar <rohaan@redhat.com>
---
 controllers/backupcronjob/backupcronjob_controller.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/controllers/backupcronjob/backupcronjob_controller.go b/controllers/backupcronjob/backupcronjob_controller.go
index f07134b33..fd88278f1 100644
--- a/controllers/backupcronjob/backupcronjob_controller.go
+++ b/controllers/backupcronjob/backupcronjob_controller.go
@@ -474,7 +474,7 @@ func (r *BackupCronJobReconciler) handleRegistryAuthSecret(ctx context.Context,
 
 	// First check the workspace namespace for the secret
 	registryAuthSecret := &corev1.Secret{}
-	err := r.Get(ctx, client.ObjectKey{
+	err := r.NonCachingClient.Get(ctx, client.ObjectKey{
 		Name:      secretName,
 		Namespace: workspace.Namespace}, registryAuthSecret)
 	if err == nil {
@@ -488,7 +488,7 @@ func (r *BackupCronJobReconciler) handleRegistryAuthSecret(ctx context.Context,
 	log.Info("Registry auth secret not found in workspace namespace, checking operator namespace", "secretName", secretName)
 
 	// If the secret is not found in the workspace namespace, check the operator namespace as fallback
-	err = r.Get(ctx, client.ObjectKey{
+	err = r.NonCachingClient.Get(ctx, client.ObjectKey{
 		Name:      secretName,
 		Namespace: dwOperatorConfig.Namespace}, registryAuthSecret)
 	if err != nil {