The oracle-db helm chart located here: OracleDatabase/SingleInstance/helm-charts/oracle-db has a secrets manifest that renders a random string as the database password. This value is re-generated every single time the chart is rendered. The actual database password however does not seem to be update to match the new secret, meaning any pods that reference this secret will now have the incorrect password.
The oracle-db helm chart located here:
OracleDatabase/SingleInstance/helm-charts/oracle-dbhas a secrets manifest that renders a random string as the database password. This value is re-generated every single time the chart is rendered. The actual database password however does not seem to be update to match the new secret, meaning any pods that reference this secret will now have the incorrect password.I believe the solution is to wrap this line in a
lookupcheck, to first see if the secret already exists, and only generate the new value if it does. https://github.com/oracle/docker-images/blob/df7def137d8c7365df7a2f2ba330b3f0624b61fa/OracleDatabase/SingleInstance/helm-charts/oracle-db/templates/secrets.yaml#L13