Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[k8s operator] Allow every field from Credentials to be configured from a secret #2051

Closed
eshepelyuk opened this issue Sep 6, 2023 · 6 comments
Assignees

Comments

@eshepelyuk
Copy link

eshepelyuk commented Sep 6, 2023

Hi all

It would be useful to to extend credentials field to allow at least host and user to be picked up from a secret. Ideally every field could be picked up from the secret.

https://atlasgo.io/integrations/kubernetes/operator#credentials-object

The motivation is that we're using 3rd party software (Crossplane) to create DB and role for a microservices. As a result the k8s secret is generated with username, db host, port and password. Unfortunately Crossplane 's secret structure is static. Also the db host / username can vary depending on Crossplane CRD config, so they can't be hardcoded in advance in Atlas CRD.
Currently as a workaround I have to generate another Atlas specific secret that contains URL from the secret created by Crossplane .

For the same purpose I also would like to have a new field of the same credentials type to be introduced for using it as a devDB credentials.

Crossplane secret for pgsql contains

  • username
  • password
  • endpoint (aka host)
  • port
@datdao
Copy link
Member

datdao commented Sep 6, 2023

Hi @eshepelyuk, thanks for your request, and it seems reasonable to pick the username and host from the secret. You will have it in the next release.

@datdao datdao self-assigned this Sep 6, 2023
@eshepelyuk
Copy link
Author

Hi @eshepelyuk, thanks for your request, and it seems reasonable to pick the username and host from the secret. You will have it in the next release.

Thanks for quick feedback,
Does it also mean that devCredentials will be introduced to allow referring devDB credentials by using Crossplane secret ?

@datdao
Copy link
Member

datdao commented Sep 6, 2023

Does it also mean that devCredentials will be introduced to allow referring devDB credentials by using Crossplane secret ?

Hi @eshepelyuk, We will consider adding devCredentials. However, the operator already handles spinning up devDB for you and cleanup as well. So, may I ask if there is any special case where you need to use a custom devDB?

@eshepelyuk
Copy link
Author

Does it also mean that devCredentials will be introduced to allow referring devDB credentials by using Crossplane secret ?

Hi @eshepelyuk, We will consider adding devCredentials. However, the operator already handles spinning up devDB for you and cleanup as well. So, may I ask if there is any special case where you need to use a custom devDB?

https://discord.com/channels/930720389120794674/1147429172076097647

@datdao
Copy link
Member

datdao commented Sep 18, 2023

Hi @eshepelyuk, we have released Operator v0.3.3 🎉 with more flexibility when configuring credentials #90. According to this update, we have also added a new flag prewarmDevDB to control the lifecycle of devDB. You can configure the flag as false if you want the devDB pod to be deleted entirely after the migration process. Here's an example of how to configure the flag during chart installation

helm install atlas-operator oci://ghcr.io/ariga/charts/atlas-operator --create-namespace --namespace atlas-operator --set prewarmDevDB=false

Thanks for your contribution ❤️ . I will mark the issue as resolved. Feel free to create new issues if you have any ideas for improvements.

@datdao datdao closed this as completed Sep 18, 2023
@ievgenii-shepeliuk
Copy link

Thanks will give it a try hopefully this week.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants