Closed mrclrchtr closed 5 months ago
Is this not a duplicate of #197?
There is a PR for it - #239.
No, sorry, I should have expressed myself better. This is about using existing secrets for database access, i.e. cluster-app
and cluster-superuser
.
No, I didn't mean simply creating one, but annotating the generated one with the help of a template. Then it can be copied by other tools like replicator.
The idea was to run the cluster in a different namespace than the application.
In the meantime, however, I have also decided against this. So it's probably ok to close the issue, unless you see some use in the feature?
You can use the cluster chart with your favourite orchestration tool and set the access passwords during creation time. Your orchestration tool can then allocate a secret with the credentials in your app namespace. I've done this in the past with the database in a separate namespace
Also I imagine you can use HashiCorp Vault for an even fancier solution.
I would prefer to annotate the generated secret to be able to replicate it, but I don't think that's possible with CNPG yet, is it?
Therefore it would be very good to have the possibility to use already existing secrets for the creation of clusters.