Please, answer some short questions which should help us to understand your problem / question better?
Which image of the operator are you using? ghcr.io/zalando/postgres-operator:v1.13.0
Where do you run it - cloud or metal? Kubernetes or OpenShift? bare metal kubernetes clusters
Are you running Postgres Operator in production? yes
Type of issue? feature request
We use the zalando postgres operator in production with Kyverno. we want to use as little excludes as possible. for the normal containers you can set the security-context trough the values.yaml of the helm chart.
We are currently using a sidecar with an custom image for monitoring of the patroni and wal-g backup state. this image does not need any special privileges.
Not all settings for a sidecar are transferred into the statefulset ( such as setting a command, security-context or envFrom).
we would like to be able to set all these settings. we can work around the EnvFrom by specifying exactly which env variables to copy from a secret.( ugly but it works). for the command we had to bake it into the image we are using.
we would like to request to allow setting these settings for a sidecar. preferably in the postgresql resource to allow different images and settings per postgres cluster. (we have multiple in one kubernetes cluster)
Please, answer some short questions which should help us to understand your problem / question better?
We use the zalando postgres operator in production with Kyverno. we want to use as little excludes as possible. for the normal containers you can set the security-context trough the values.yaml of the helm chart. We are currently using a sidecar with an custom image for monitoring of the patroni and wal-g backup state. this image does not need any special privileges.
Not all settings for a sidecar are transferred into the statefulset ( such as setting a command, security-context or envFrom).
we would like to be able to set all these settings. we can work around the EnvFrom by specifying exactly which env variables to copy from a secret.( ugly but it works). for the command we had to bake it into the image we are using.
i see there already is a PR and issue for allowing a command. but there is not any action https://github.com/zalando/postgres-operator/issues/2448 https://github.com/zalando/postgres-operator/pull/2449
we would like to request to allow setting these settings for a sidecar. preferably in the postgresql resource to allow different images and settings per postgres cluster. (we have multiple in one kubernetes cluster)