Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow specifying database user from a Kubernetes secret #4804

Open
ubajze opened this issue Aug 12, 2024 · 2 comments
Open

Allow specifying database user from a Kubernetes secret #4804

ubajze opened this issue Aug 12, 2024 · 2 comments
Labels
feature request New feature or request more info needed needs triage

Comments

@ubajze
Copy link

ubajze commented Aug 12, 2024

What would you like to see!

We use an external PostgreSQL database for our deployment of Grafana on-call. Database credentials are generated on request. We use HashiCorp Vault to generate dynamic database credentials (PostgreSQL), meaning a unique username and password are generated whenever requested.

We can save credentials to a K8s secret. The current version of HelmCharts only allows for specifying a database password from a K8s secret, but not a username:

oncall/helm/oncall/values.yaml

Line 564 in e2bc9d7

existingSecret:

This is a problem for us because the externalPostgresql.user field is mandatory and we cannot set it dynamically.

We would like to have a feature where we specify a username in a similar way to a password. So, instead of adding a username directly to values, we would like to reference a secret where our username is stored.

Product Area

Other

Anything else to add?

No response
@ubajze ubajze added the feature request New feature or request label Aug 12, 2024
@github-actions GitHub Actions
Copy link
Contributor

The current version of Grafana OnCall, at the time this issue was opened, is v1.8.10. If your issue pertains to an older version of Grafana OnCall, please be sure to list it in the PR description. Thank you 😄!

@ChristianCiach
Copy link

ChristianCiach commented Sep 20, 2024
edited
Loading

We use cloudnative-pg which creates a Secret that contains the username, password, host, port and database-name, so I would like to retrieve all of these attributes by referencing a secret.

Funnily enough, the helm chart already supports configuring a usernameKey for all database types except for postgresql. But I would like to see a configurable hostKey, portKey and databaseNameKey in addition to that, to reference the keys of the Secret generated by Cloudnative-PG operator.

We currently workaround this issue by specifying dummy-values for externalPostgresql.user, externalPostgresql.host, externalPostgresql.port and externalPostgresql.db_name, and then patch these dummy values via Kustomize to reference the Secret instead.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request New feature or request more info needed needs triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ubajze @ChristianCiach