From 2946d55f05ebd770de0b083f325aa4a8960c38b3 Mon Sep 17 00:00:00 2001
From: mmontes11 <martin11lrx@gmail.com>
Date: Fri, 10 Jan 2025 22:01:57 +0100
Subject: [PATCH] Improved comment

---
 pkg/builder/container_builder.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pkg/builder/container_builder.go b/pkg/builder/container_builder.go
index 63a6831d..4dd5de42 100644
--- a/pkg/builder/container_builder.go
+++ b/pkg/builder/container_builder.go
@@ -432,8 +432,8 @@ func mariadbEnv(mariadb *mariadbv1alpha1.MariaDB) []corev1.EnvVar {
 			},
 		}...)
 
-		// By default, wsrep_sst_mariabackup.sh validates the client certificate commonName against the container IP.
-		// This doesn't work with Kubernetes, we cannot issue a certificate for a specific IP, as Pod IPs are ephemeral.
+		// By default, wsrep_sst_mariabackup.sh validates the client certificate commonName against the Pod IP.
+		// This doesn't work with Kubernetes, we cannot issue a certificate for a specific IP, as Pod IPs are ephemeral and unpredictable.
 		// Instead, we could configure wsrep_sst_mariabackup.sh to validate the certificate against the expected commonName:
 		// See:
 		// https://github.com/codership/mariadb-server/blob/16394f1aa1b4097f897b8ab01ea2064726cca059/scripts/wsrep_sst_common.sh#L1064