[BUG] orioledb cluster container pgbouncer logs contain secret password

JashBook commented 1 month ago

Describe the bug

kbcli version
Kubernetes: v1.29.6-gke.1038001
KubeBlocks: 0.9.1-beta.6
kbcli: 0.9.0

+ echo '"postgres" "75rbcktq"'

To Reproduce Steps to reproduce the behavior:

create etcd cluster

kbcli cluster create  etcdo-boroli --termination-policy=WipeOut --cluster-definition=etcd --enable-all-logs=false --cluster-version=etcd-v3.5.6 --set cpu=100m,memory=0.5Gi,replicas=3,storage=1Gi

create orioledb cluster

kbcli cluster create  orioledb-boroli --termination-policy=Delete --cluster-definition=orioledb --enable-all-logs=false --cluster-version=orioledb-beta1 --set cpu=100m,memory=0.5Gi,replicas=1,storage=1Gi --service-reference name=etcdService,cluster=etcdo-boroli,namespace=default


kubectl get pod -l app.kubernetes.io/instance=orioledb-boroli
NAME                         READY   STATUS    RESTARTS   AGE
orioledb-boroli-orioledb-0   5/5     Running   0          28m
orioledb-boroli-orioledb-1   5/5     Running   0          27m

kubectl get secrets orioledb-boroli-conn-credential -o jsonpath="{.data.password}"|base64 -d 75rbcktq

3. See error

kubectl logs orioledb-boroli-orioledb-0 -c pgbouncer

mkdir -p /opt/bitnami/pgbouncer/conf/ /opt/bitnami/pgbouncer/logs/ /opt/bitnami/pgbouncer/tmp/
cp /home/pgbouncer/conf/pgbouncer.ini /opt/bitnami/pgbouncer/conf/
echo '"postgres" "75rbcktq"'
echo -e '\n[databases]'
echo 'postgres=host=10.128.9.154 port=5432 dbname=postgres'
chmod 777 /opt/bitnami/pgbouncer/conf/pgbouncer.ini
chmod 777 /opt/bitnami/pgbouncer/conf/userlist.txt
useradd pgbouncer
chown -R pgbouncer:pgbouncer /opt/bitnami/pgbouncer/conf/ /opt/bitnami/pgbouncer/logs/ /opt/bitnami/pgbouncer/tmp/
/opt/bitnami/scripts/pgbouncer/run.sh pgbouncer 11:39:34.92 INFO ==> Starting PgBouncer 2024-07-22 11:39:34.950 UTC [19] LOG kernel file descriptor limit: 1048576 (hard: 1048576); max_client_conn: 56, max expected fd use: 108 2024-07-22 11:39:34.951 UTC [19] LOG listening on 0.0.0.0:6432 2024-07-22 11:39:34.951 UTC [19] LOG listening on unix:/tmp//.s.PGSQL.6432 2024-07-22 11:39:34.951 UTC [19] LOG process up: PgBouncer 1.19.0, libevent 2.1.12-stable (epoll), adns: c-ares 1.17.1, tls: OpenSSL 1.1.1n 15 Mar 2022 2024-07-22 11:40:34.951 UTC [19] LOG stats: 0 xacts/s, 0 queries/s, in 0 B/s, out 0 B/s, xact 0 us, query 0 us, wait 0 us 2024-07-22 11:41:34.951 UTC [19] LOG stats: 0 xacts/s, 0 queries/s, in 0 B/s, out 0 B/s, xact 0 us, query 0 us, wait 0 us

Expected behavior A clear and concise description of what you expected to happen.

Screenshots If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):

OS: [e.g. iOS]
Browser [e.g. chrome, safari]
Version [e.g. 22]

Additional context Add any other context about the problem here.

JashBook commented 1 month ago

opengauss cluster container opengauss logs contain secret password

create cluster

kbcli cluster create  ogauss-cluster --termination-policy=Halt --cluster-definition=opengauss --cluster-version=opengauss-3.0.0


kubectl get pod -l app.kubernetes.io/instance=ogauss-cluster                                
NAME                         READY   STATUS    RESTARTS   AGE
ogauss-cluster-opengauss-0   1/1     Running   0          19s

kubectl get secrets ogauss-cluster-conn-credential -o jsonpath="{.data.password}"|base64 -d p@ssW0rd1

2.  see error

kubectl logs ogauss-cluster-opengauss-0 -c opengauss|grep "p@ssW0rd1" Execute SQL: gsql -v ON_ERROR_STOP=1 --username omm --password p@ssW0rd1 --dbname postgres --set db=opengauss --set passwd=p@ssW0rd1 Execute SQL: gsql -v ON_ERROR_STOP=1 --username omm --password p@ssW0rd1 --dbname postgres --set db=opengauss --set passwd=p@ssW0rd1 --set user=kbadmin

1aal commented 1 month ago

Get it

apecloud / kubeblocks

[BUG] orioledb cluster container pgbouncer logs contain secret password #7854