Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve database existingSecret functionality #92

Open
davidfrickert opened this issue Jun 6, 2024 · 1 comment
Open

Improve database existingSecret functionality #92

davidfrickert opened this issue Jun 6, 2024 · 1 comment

Comments

@davidfrickert
Copy link

The current existingSecret options is not great. It forces you to create a secret with the full database URI including host and credentials.
I think the chart should support passing each param separately.
Ideal format (taken from bitnami/keycloak)

externalDatabase:
  host: tools-pg
  user: bn_keycloak
  database: bitnami_keycloak
  existingSecret: bn-keycloak.tools-pg.credentials.postgresql.acid.zalan.do
  existingSecretUserKey: username
  existingSecretPasswordKey: password

The big benefit is that i can re-use the generated secret from posgres operator very easily and in current setup i have to create a new secret with full DB url which is not great. It also does not allow me to take advantage of automatic credential rotation.

current setup:

database:
  type: postgresql
  existingSecret: vaultwarden-pg
  existingSecretKey: uri

proposed setupp:

database:
  type: postgresql
  existingSecret: vaultwarden-pg
  host: tools-pg
  user: bn_keycloak
  database: bitnami_keycloak
  existingSecret: bn-keycloak.tools-pg.credentials.postgresql.acid.zalan.do
  existingSecretUserKey: username
  existingSecretPasswordKey: password
  # existingSecretKey: uri

If existingSecretKey is set then use it, else use individual settings.
@danielr1996
Copy link

danielr1996 commented Jul 10, 2024
edited
Loading

I also would be very happy to use this feature in combination with the postresql operator. I spent a couple of hours trying to figure out how to get this to work and submitted a pullrequest with the results, please let me know what you think about this. For the meantime I published a patched version at oci://ghcr.io/danielr1996/vaultwarden:0.24.3

@danielr1996 danielr1996 mentioned this issue Jul 10, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@danielr1996 @davidfrickert