mirror of
https://github.com/bitnami/charts.git
synced 2026-03-05 14:57:31 +08:00
[bitnami/postgresql-ha] Fix authentication and add configuration options to backup cronjob (#29865)
* [bitnami/postgresql-ha] Add configuration options to backup cronjob - extraEnvVars - extraEnvVarsCM - extraEnvVarsSecret - extraVolumes - extraVolumeMounts Signed-off-by: Luis Morgenstern <luis.morgenstern@isg-stuttgart.de> * [bitnami/postgresql-ha] Fix backup authentication - Generate correct secret name for password - Change from default user to admin (username "postgres") Signed-off-by: Luis Morgenstern <luis.morgenstern@isg-stuttgart.de> * [bitnami/postgresql-ha] Bump chart version Signed-off-by: Luis Morgenstern <luis.morgenstern@isg-stuttgart.de> * [bitnami/postgresql-ha] Use correct secret variable in backup cronjob Signed-off-by: Luis Morgenstern <luis.morgenstern@isg-stuttgart.de> * [bitnami/postgresql-ha] Bump chart version Signed-off-by: Luis Morgenstern <luis.morgenstern@isg-stuttgart.de> * [bitnami/postgresql-ha] Fix parameter description in values.yaml Signed-off-by: Luis Morgenstern <luis.morgenstern@isg-stuttgart.de> * Update CHANGELOG.md Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> --------- Signed-off-by: Luis Morgenstern <luis.morgenstern@isg-stuttgart.de> Signed-off-by: Bitnami Containers <bitnami-bot@vmware.com> Co-authored-by: Bitnami Containers <bitnami-bot@vmware.com>
This commit is contained in:
Luis Morgenstern
@@ -1,8 +1,12 @@
|
||||
# Changelog
|
||||
|
||||
## 14.2.34 (2024-10-10)
|
||||
## 14.3.0 (2024-10-15)
|
||||
|
||||
* [bitnami/postgresql-ha] Release 14.2.34 ([#29858](https://github.com/bitnami/charts/pull/29858))
|
||||
* [bitnami/postgresql-ha] Fix authentication and add configuration options to backup cronjob ([#29865](https://github.com/bitnami/charts/pull/29865))
|
||||
|
||||
## <small>14.2.34 (2024-10-10)</small>
|
||||
|
||||
* [bitnami/postgresql-ha] Release 14.2.34 (#29858) ([605e68f](https://github.com/bitnami/charts/commit/605e68f43db220bb43800682631ddaf9c42fdf97)), closes [#29858](https://github.com/bitnami/charts/issues/29858)
|
||||
|
||||
## <small>14.2.33 (2024-10-04)</small>
|
||||
|
||||
|
||||
@@ -40,4 +40,4 @@ maintainers:
|
||||
name: postgresql-ha
|
||||
sources:
|
||||
- https://github.com/bitnami/charts/tree/main/bitnami/postgresql-ha
|
||||
version: 14.2.34
|
||||
version: 14.3.0
|
||||
|
||||
@@ -909,6 +909,11 @@ A default `StorageClass` is needed in the Kubernetes cluster to dynamically prov
|
||||
| `backup.cronjob.annotations` | Set the cronjob annotations | `{}` |
|
||||
| `backup.cronjob.nodeSelector` | Node labels for PostgreSQL backup CronJob pod assignment | `{}` |
|
||||
| `backup.cronjob.tolerations` | Tolerations for PostgreSQL backup CronJob pod assignment | `[]` |
|
||||
| `backup.cronjob.extraEnvVars` | Array containing extra environment variables | `[]` |
|
||||
| `backup.cronjob.extraEnvVarsCM` | ConfigMap with extra environment variables | `""` |
|
||||
| `backup.cronjob.extraEnvVarsSecret` | Secret with extra environment variables | `""` |
|
||||
| `backup.cronjob.extraVolumes` | Extra volumes to add to the backup container | `[]` |
|
||||
| `backup.cronjob.extraVolumeMounts` | Extra volume mounts to add to the backup container. Normally used with `extraVolumes` | `[]` |
|
||||
| `backup.cronjob.storage.existingClaim` | Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`) | `""` |
|
||||
| `backup.cronjob.storage.resourcePolicy` | Setting it to "keep" to avoid removing PVCs during a helm delete operation. Leaving it empty will delete PVCs after the chart deleted | `""` |
|
||||
| `backup.cronjob.storage.storageClass` | PVC Storage Class for the backup data volume | `""` |
|
||||
|
||||
@@ -303,6 +303,22 @@ Return the database to use for repmgr
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return true if the PostgreSQL credential secret has a separate entry for the postgres user
|
||||
*/}}
|
||||
{{- define "postgresql-ha.postgresqlSeparatePostgresPassword" -}}
|
||||
{{- if (include "postgresql-ha.postgresqlCreateSecret" .) -}}
|
||||
{{- if and (include "postgresql-ha.postgresqlPostgresPassword" .) (not (eq (include "postgresql-ha.postgresqlUsername" .) "postgres")) -}}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- else -}}
|
||||
{{- $pgSecret := index (lookup "v1" "Secret" (include "common.names.namespace" .) (include "postgresql-ha.postgresqlSecretName" .)) "data" -}}
|
||||
{{- if and $pgSecret (index $pgSecret "postgres-password") -}}
|
||||
{{- true -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
{{- end -}}
|
||||
|
||||
{{/*
|
||||
Return true if a secret object should be created for PostgreSQL
|
||||
*/}}
|
||||
|
||||
@@ -4,7 +4,6 @@ SPDX-License-Identifier: APACHE-2.0
|
||||
*/}}
|
||||
|
||||
{{- if .Values.backup.enabled }}
|
||||
{{- $pgUser := include "postgresql-ha.postgresqlUsername" . }}
|
||||
apiVersion: batch/v1
|
||||
kind: CronJob
|
||||
metadata:
|
||||
@@ -54,7 +53,7 @@ spec:
|
||||
imagePullPolicy: {{ .Values.postgresql.image.pullPolicy | quote }}
|
||||
env:
|
||||
- name: PGUSER
|
||||
value: {{ (include "postgresql-ha.postgresqlUsername" .) | quote }}
|
||||
value: "postgres"
|
||||
{{- if .Values.postgresql.usePasswordFile }}
|
||||
- name: PGPASSFILE
|
||||
value: "/opt/bitnami/postgresql/secrets/postgres-password"
|
||||
@@ -63,15 +62,11 @@ spec:
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ include "postgresql-ha.postgresqlSecretName" . }}
|
||||
{{- if (include "postgresql-ha.postgresqlCreateSecret" .) }}
|
||||
key: password
|
||||
{{- else }}
|
||||
{{- if ( index ( lookup "v1" "Secret" (include "common.names.namespace" .) (include "postgresql-ha.postgresqlSecretName" .) ) ".data.postgres-password" ) }}
|
||||
{{- if (include "postgresql-ha.postgresqlSeparatePostgresPassword" .) }}
|
||||
key: postgres-password
|
||||
{{- else }}
|
||||
key: password
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
- name: PGHOST
|
||||
value: {{ include "postgresql-ha.postgresql" . }}
|
||||
@@ -83,6 +78,18 @@ spec:
|
||||
- name: PGSSLROOTCERT
|
||||
values: {{ include "postgresql-ha.pgpool.tlsCACert" . }}
|
||||
{{- end }}
|
||||
{{- if .Values.backup.cronjob.extraEnvVars }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.extraEnvVars "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
envFrom:
|
||||
{{- if .Values.backup.cronjob.extraEnvVarsCM }}
|
||||
- configMapRef:
|
||||
name: {{ .Values.backup.cronjob.extraEnvVarsCM }}
|
||||
{{- end }}
|
||||
{{- if .Values.backup.cronjob.extraEnvVarsSecret }}
|
||||
- secretRef:
|
||||
name: {{ .Values.backup.cronjob.extraEnvVarsSecret }}
|
||||
{{- end }}
|
||||
command: {{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.command "context" $) | nindent 14 }}
|
||||
volumeMounts:
|
||||
- name: empty-dir
|
||||
@@ -95,6 +102,9 @@ spec:
|
||||
- name: datadir
|
||||
mountPath: {{ .Values.backup.cronjob.storage.mountPath }}
|
||||
subPath: {{ .Values.backup.cronjob.storage.subPath }}
|
||||
{{- if .Values.backup.cronjob.extraVolumeMounts }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.extraVolumeMounts "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
{{- if .Values.backup.cronjob.containerSecurityContext.enabled }}
|
||||
securityContext: {{- include "common.compatibility.renderSecurityContext" (dict "secContext" .Values.backup.cronjob.containerSecurityContext "context" $) | nindent 14 }}
|
||||
{{- end }}
|
||||
@@ -115,4 +125,7 @@ spec:
|
||||
persistentVolumeClaim:
|
||||
claimName: {{ include "postgresql-ha.postgresql" . }}-pgdumpall
|
||||
{{- end }}
|
||||
{{- if .Values.backup.cronjob.extraVolumes }}
|
||||
{{- include "common.tplvalues.render" (dict "value" .Values.backup.cronjob.extraVolumes "context" $) | nindent 12 }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
|
||||
@@ -2215,6 +2215,24 @@ backup:
|
||||
## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
|
||||
##
|
||||
tolerations: []
|
||||
## @param backup.cronjob.extraEnvVars Array containing extra environment variables
|
||||
## For example:
|
||||
## - name: BEARER_AUTH
|
||||
## value: true
|
||||
##
|
||||
extraEnvVars: []
|
||||
## @param backup.cronjob.extraEnvVarsCM ConfigMap with extra environment variables
|
||||
##
|
||||
extraEnvVarsCM: ""
|
||||
## @param backup.cronjob.extraEnvVarsSecret Secret with extra environment variables
|
||||
##
|
||||
extraEnvVarsSecret: ""
|
||||
## @param backup.cronjob.extraVolumes Extra volumes to add to the backup container
|
||||
##
|
||||
extraVolumes: []
|
||||
## @param backup.cronjob.extraVolumeMounts Extra volume mounts to add to the backup container. Normally used with `extraVolumes`
|
||||
##
|
||||
extraVolumeMounts: []
|
||||
storage:
|
||||
## @param backup.cronjob.storage.existingClaim Provide an existing `PersistentVolumeClaim` (only when `architecture=standalone`)
|
||||
## If defined, PVC must be created manually before volume will be bound
|
||||
|
||||
Reference in New Issue
Block a user