unable to change user's import secret

[KyriosGN0]

Describe the bug

when changing the name of the import secret in a user CR, the message topology update doesn't update the user itself

To Reproduce

Steps to reproduce the behavior:

1. create a user with a import secret (our name was -user-credentials)
2. create a new secret with a required password and username fields
3. change the import secret param in the user cr
4. try to login with the new user, fails

Expected behavior
rmq will use the password in the new secret

Version and environment information

• Messaging Topology Operator: [1.15.0]
• RabbitMQ: [e.g. 3.13.7]
• RabbitMQ Cluster Operator: [1.15.0]
• Kubernetes: [1.30.0]
• Cloud provider or hardware configuration: GKE

Additional context

the new secret had more fields then required if that's a problem

[github-actions]

This issue has been marked as stale due to 60 days of inactivity. Stale issues will be closed after a further 30 days of inactivity; please remove the stale label in order to prevent this occurring.

[KyriosGN0]

not stale

[Zerpet]

This is working as intended. Perhaps not ideal, but as intended. See this answer for more details of what happens internally #571 (comment)

In order to support secret updates, the Operator would have to compare the information from the Secret with the current state inside RabbitMQ to take the adequate action. What is adequate when the username changes? RabbitMQ does not support username updates, shall the operator delete the user and create a new one? This can have many implications, and possibly open room for exploit.