search

canonical / postgresql-k8s-operator

A Charmed Operator for running PostgreSQL on Kubernetes
https://charmhub.io/postgresql-k8s
Apache License 2.0
9 stars 19 forks source link

postgresql-k8s integration with tls-certificates-operator doesn't work #398

Closed nsakkos closed 6 months ago

nsakkos commented 7 months ago

Steps to reproduce

Following the tutorial to deploy postgresql-k8s and enable security:

  1. juju deploy postgresql-k8s --channel 14/stable --trust
  2. juju deploy tls-certificates-operator --config generate-self-signed-certificates="true" --config ca-common-name="Tutorial CA"
  3. juju integrate postgresql-k8s tls-certificates-operator

Expected behavior

> openssl s_client -starttls postgres -connect POSTGRESQL_IP:5432 | grep Issuer
...
depth=1 C = US, CN = Tutorial CA
verify error:num=19:self-signed certificate in certificate chain

...

Actual behavior

image

Versions

Operating system: Ubuntu 22.04.4 LTS (charmed-dev multipass blueprint)

Juju CLI: 3.1.7

Juju agent: 3.1.7

Charm revision: postgresql-k8s 14/stable rev 177 tls-certificates-operator stable rev 22

microk8s: MicroK8s v1.27.11 revision 6530

Log output

Juju debug log: log.txt

Additional context

github-actions[bot] commented 7 months ago

https://warthogs.atlassian.net/browse/DPE-3618

dragomirp commented 6 months ago

Hi, @nsakkos, there are issues with secrets on 14/stable (rev. 177) and Juju 3.1.7. Please, try 14/candidate (rev. 193), it fixes the issue and should be promoted to 14/stable soon.

nsakkos commented 6 months ago

Hi @dragomirp, thank you for the update. I confirm that it works with 14/candidate .

dragomirp commented 6 months ago

Closing as the issue will be fixed when candidate is promoted.