Increase unseal retry limit

[alemorcuq]

Description of the change
Increase the number of maximum unseal retries to 15.

The original first 5 retries happen in just 200ms, which is not enough time for some scenarios, such as the one described in #1599.
Increasing this number will ensure the exponential backoff takes off.

Here's an excerpt from the logs that shows the time at which each retry happens (starting at 1, since 0 shows the first attempt which is not a retry):

$ kubectl logs -n kube-system deploy/sealed-secrets-controller | grep Updating | nl -v 0
     0	time=2024-09-29T11:49:35.764Z level=INFO msg=Updating key=default/my-secret
     1	time=2024-09-29T11:49:35.777Z level=INFO msg=Updating key=default/my-secret
     2	time=2024-09-29T11:49:35.794Z level=INFO msg=Updating key=default/my-secret
     3	time=2024-09-29T11:49:35.822Z level=INFO msg=Updating key=default/my-secret
     4	time=2024-09-29T11:49:35.867Z level=INFO msg=Updating key=default/my-secret
     5	time=2024-09-29T11:49:35.955Z level=INFO msg=Updating key=default/my-secret
     6	time=2024-09-29T11:49:36.123Z level=INFO msg=Updating key=default/my-secret
     7	time=2024-09-29T11:49:36.451Z level=INFO msg=Updating key=default/my-secret
     8	time=2024-09-29T11:49:37.098Z level=INFO msg=Updating key=default/my-secret
     9	time=2024-09-29T11:49:38.389Z level=INFO msg=Updating key=default/my-secret
    10	time=2024-09-29T11:49:40.957Z level=INFO msg=Updating key=default/my-secret
    11	time=2024-09-29T11:49:46.088Z level=INFO msg=Updating key=default/my-secret
    12	time=2024-09-29T11:49:56.338Z level=INFO msg=Updating key=default/my-secret
    13	time=2024-09-29T11:50:16.823Z level=INFO msg=Updating key=default/my-secret
    14	time=2024-09-29T11:50:57.793Z level=INFO msg=Updating key=default/my-secret
    15	time=2024-09-29T11:52:19.723Z level=INFO msg=Updating key=default/my-secret
    16	time=2024-09-29T11:55:03.572Z level=INFO msg=Updating key=default/my-secret

Benefits
The controller takes longer to give up on a Sealed Secret.

Possible drawbacks
There will be more retries when the unseal error is legit, but that shouldn't cause any issues because of the exponential backoff.

Applicable issues

• fixes Secret deleted by the garbage collector with delay #1599

[agarcia-oss]

Hi @alemorcuq, I wonder if it'll be a better option to make the number of retries a configurable flag for the controller instead. WDYT?

[github-actions]

This Pull Request has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thank you for your contribution.

[aso-adeo]

Hi @agarcia-oss ,
I agree with you.

[alvneiayu]

better including a flag to configure the retries

[alvneiayu]

thanks a lot for your PR @alemorcuq . I included the changes requested by the community on a new PR. Thanks a lot for your time, help and your investigation.