For my clusters, I use gitops and sealed secrets to consistently represent the secrets in my cluster without exposing them or randomly generating them.
I am running v1.13.0 of the operator and a v16 postgresql db, on kubernetes 1.31.0. Notably I also have the configKubernetes.enable_owner_references=true option enabled for ArgoCD to be able to see the resources which contributes in part but wholly necessary.
My problem summary is that I cannot find a clean way to use an existing secret with a user definition for a given postgresql database:
There appears to not be a way to reference an existing secret in v1.13.0 for a user's name and password.
Alternatively, if I autogenerate a user then force replacement with an existing secret its list of owner references is emptied, and it now only references the postgresql CRD, along with requiring some manual intervention breaking automation. I would have expected that the owner reference would have been extended rather than replaced.
Are there any current ways to reference an existing secret for a database user's password in particular? I do not mind the lack of secret rotation.
For my clusters, I use gitops and sealed secrets to consistently represent the secrets in my cluster without exposing them or randomly generating them.
I am running v1.13.0 of the operator and a v16 postgresql db, on kubernetes 1.31.0. Notably I also have the
configKubernetes.enable_owner_references=trueoption enabled for ArgoCD to be able to see the resources which contributes in part but wholly necessary.My problem summary is that I cannot find a clean way to use an existing secret with a user definition for a given postgresql database:
Are there any current ways to reference an existing secret for a database user's password in particular? I do not mind the lack of secret rotation.