Keep the credentials secret when PostgreSQL Role is orphaned

[FelixLusseau]

What happened ?

When I delete the Crossplane resource of a PostgreSQL Role that is in Orphan deletion policy, the secret containing the credentials is still deleted. If I recreate the resource, the secret is now empty (that is the normal behavior). Why delete the secret if the Role is configured to persist after deleting the resource ?

How can we reproduce it ?

• Create a Role that has deletionPolicy: Orphan spec
• Delete the Role
• Recreate it identically. The password is the same but the secret is empty because recreated.

apiVersion: postgresql.sql.crossplane.io/v1alpha1
kind: Role
metadata:
  name: user
spec:
  deletionPolicy: Orphan
  forProvider:
    privileges:
      login: true
  writeConnectionSecretToRef:
    name: my-secret
    namespace: default

Expected behavior ?

Keep the secret if the Role is orphaned.

What environment did it happen in?

Crossplane version: crossplane-1.15.2 from Helm Chart Provider version : provider-sql:v0.9.0

Thank you for your help

[Duologic]

I believe this is Crosplane behavior, this issue seems to address that: https://github.com/crossplane/crossplane-runtime/issues/269