postgres-operator icon indicating copy to clipboard operation
postgres-operator copied to clipboard

Published 20 hours ago verified publisher icon zalando

Disable secret generation

Open snarlysodboxer opened this issue 3 years ago • 2 comments

  • Which image of the operator are you using? Latest, looking at the code.
  • **Where do you run it - Metal. Kubernetes.
  • Are you running Postgres Operator in production? yes
  • Type of issue? Bug report, feature request

We provide our own secrets so we can add additional data to them. Sometimes secrets don't show up for a few moments, for example if using ExternalSecrets.

When applying a set of manifests including a postgresql and an ExternalSecret that will after a short delay supply a Secret, if the operator's sync happens before ExternalSecrets can create the secret, the operator creates it, and then ExternalSecrets updates it.

This creates a mismatch between the password in the secret and in the password in the DB.

Simply being able to disable secret creation would solve this problem.

If we're open to this idea, would adding a new OperatorConfiguration setting (disable_secret_generation?) and checking it here, here, and here be sufficient?

snarlysodboxer avatar Feb 10 '22 10:02 snarlysodboxer

I confirm this in the same exact use case

achetronic avatar Apr 08 '22 10:04 achetronic

Would appreciate that feature as well.

jceb avatar Aug 16 '22 12:08 jceb

Any updates on this one?

ConstBur avatar May 23 '23 06:05 ConstBur