search

crossplane-contrib / provider-sql

An SQL provider for @crossplane
https://crossplane.io
Apache License 2.0
104 stars 59 forks source link

GCPCloudSQL Role Password unable to update #131

Closed gogovan-vincentngai closed 1 year ago

gogovan-vincentngai commented 1 year ago

What happened?

GCPCloudSQL Role Password unable to update

How can we reproduce it?

What environment did it happen in?

Crossplane version: 1.10.1 provider-sql: 0.6.0 Kubernetes version: 1.22 Kubernetes distribution: GKE

pascal-sochacki commented 1 year ago

Hey, I just looked at the bug and found you need to define a writeConnectionSecretToRef in your Role

example:

apiVersion: postgresql.sql.crossplane.io/v1alpha1
kind: Role
metadata:
  annotations:
    crossplane.io/external-name: vincent-test
  name: vincent-test
spec:

  writeConnectionSecretToRef: <<<
    name: db-pass-2  <<<
    namespace: default   <<<

  forProvider:
    passwordSecretRef:
      name: db-pass
      namespace: default
      key: password
    connectionLimit: -1
    privileges:
      login: true

The Reason for this is, in the current implementation, the difference is detected if the password in the created secret (from the writeConnectionSecretToRef) is not the same as in the passwordSecretRef. (see the code at https://github.com/crossplane-contrib/provider-sql/blob/c6c358b9f05e1e7f2e77906c20eb5d714e29143e/pkg/controller/postgresql/role/utils.go#L47). I hope I could help.

Duologic commented 1 year ago

Sounds like this was resolved.