[MISC] Conditional password #604
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #604 +/- ##
==========================================
- Coverage 70.85% 70.81% -0.04%
==========================================
Files 12 12
Lines 3043 3039 -4
Branches 538 537 -1
==========================================
- Hits 2156 2152 -4
Misses 771 771
Partials 116 116 ☔ View full report in Codecov by Sentry. |
| {%- if patroni_password %} | ||
| authentication: | ||
| username: patroni | ||
| password: {{ patroni_password }} | ||
| {%- endif %} |
There was a problem hiding this comment.
If the leader elected executes after the template is rendered we'll be stuck with None pass and will be unable to reload via the REST API
There was a problem hiding this comment.
Can this happen in wild? What is our answer there?
There was a problem hiding this comment.
I don't think so, but when we add rotation (DPE-5270) we should switch to SIGHUPing the service instead of reloading via REST.
There was a problem hiding this comment.
Basic question: At which point during charm execution the patroni template is rendered?
There was a problem hiding this comment.
2 @lucasgameiroborges good to have this answer in https://charmhub.io/postgresql-k8s/docs/e-flowchart-charm for VM charm :-D
There was a problem hiding this comment.
Basic question: At which point during charm execution the patroni template is rendered?
I don't think there's a set order, especially during charm's bootstrap.
There was a problem hiding this comment.
I might ask @marceloneppel once hes back, might be good to have this clear and documented somewhere (maybe on the diagrams!)
There was a problem hiding this comment.
I believe that the issue might be happening at
postgresql-operator/src/upgrade.py
Line 149 in 5f546f1
The changes from this PR LGTM.
| raft_encryption = ( | ||
| int( | ||
| json.loads(self.peer_relation.data[self.charm.app].get("dependencies", "{}")) | ||
| .get("charm", {}) | ||
| .get("version", 0) | ||
| ) | ||
| < 3 | ||
| ) |
There was a problem hiding this comment.
Looks like the 503 errors were API related not RAFT related.
dragomirp
requested review from
a team,
taurus-forever,
marceloneppel and
lucasgameiroborges
and removed request for
a team
There was a problem hiding this comment.
LGTM. The Patroni 503 is know reply when it is not-yet-started.
I am askin @marceloneppel to request upstream change it to 603 declined whole Patroni is starting... so we can recognize the real 503 internal errors and react or continue waiting...
| {%- if patroni_password %} | ||
| authentication: | ||
| username: patroni | ||
| password: {{ patroni_password }} | ||
| {%- endif %} |
There was a problem hiding this comment.
Can this happen in wild? What is our answer there?
Conditionally add REST password to patroni config