Open rhrytskiv opened 1 year ago
FxKu
commented
1 year ago I thought we already have an option to not remove the secrets. Does not seem to be the case. You can create a new option so that the operator does not delete secrets.
Btw, secrets are created by the operator when they are not found. No need to create them beforehand.
rhrytskiv
commented
1 year ago Thanks, I've no experience in go development unfortunately, maybe someone else coukld take a look.
Well I'm creating beforehand because I don't want randomly generated secret, I'm generating it with terraform, putting it into aws ssm param store and then I want to use that value as pg user cred. It would've been nice if we could just supply that as a parameter to postgresql resource in the first place though.
kannanvr
commented
1 year ago @FxKu , I will take up this issue. Here we need to implement the new parameter for not to manage the secret. So, the user can create the password as a secret and delete whenever they want.
Please confirm the above implementation. So that i will start implement it
AmisGit
commented
10 months ago @FxKu Hi, i also have the same problem, we need to keep current secrets when we remove any of Postgresql object from Kubernetes! Please help to move this issue in next step
Which image of the operator are you using? e.g. registry.opensource.zalan.do/acid/postgres-operator:v1.8.2 Where do you run it - cloud or metal? Kubernetes or OpenShift? [Bare Metal K8s] Are you running Postgres Operator in production? [not yet] Type of issue? [feature requrest]
So to have managed creds I have to create them beforehand as a secret with Zalando specific name, and then if I delete the postgresql resource, operator deletes this credential as well, which is unwanted. Could you make operator label somehow resource with additional label and only then delete the cred?