Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bitnami/postgresql] PostgreSQL passwords stops working after a few days #29758

Open
mordax7 opened this issue Oct 2, 2024 · 1 comment
Open

[bitnami/postgresql] PostgreSQL passwords stops working after a few days #29758

mordax7 opened this issue Oct 2, 2024 · 1 comment
Assignees
@carrodher
Labels
tech-issues The user has a technical issue about an application triage Triage is needed

Comments

@mordax7
Copy link

mordax7 commented Oct 2, 2024
edited by carrodher
Loading

Name and Version

bitnami/postgresql 12.12.10

What architecture are you using?

arm64

What steps will reproduce the bug?

I am using ArgoCD to try to install this chart, using these values:

authentik:
  global:
    env:
      - name: AUTHENTIK_POSTGRESQL__PASSWORD
        valueFrom:
          secretKeyRef:
            name: authentik-postgresql
            key: password
      - name: AUTHENTIK_REDIS__PASSWORD
        valueFrom:
          secretKeyRef:
            name: authentik-redis
            key: password
      - name: AUTHENTIK_SECRET_KEY
        valueFrom:
          secretKeyRef:
            name: authentik-secret-key
            key: key

  authentik:
    # Disable GeoIP features
    events:
      context_processors:
        geoip: ""
        asn: ""
  
  # Authentik server configuration
  server:
    # Disable all resource limits
    resources:
      requests:
        cpu: 100m
        memory: 512Mi
      limits:
  
  # Enable persistence for PostgreSQL
  postgresql:
    enabled: true
    auth:
      username: authentik
      database: authentik
      existingSecret: authentik-postgresql
    primary:
      resources:
        limits: {}

  # Enable Redis
  redis:
    enabled: true
    auth:
      enabled: true
      existingSecret: authentik-redis
      existingSecretPasswordKey: password

The secrets for the passwords I create with the following template:

---
apiVersion: v1
kind: Secret
metadata:
  name: authentik-postgresql
  labels:
    app.kubernetes.io/name: {{ include "authentik.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
type: Opaque
data:
  password: {{ randAlphaNum 20 | b64enc | quote }}
  postgres-password: {{ randAlphaNum 20 | b64enc | quote }}
---
apiVersion: v1
kind: Secret
metadata:
  name: authentik-redis
  labels:
    app.kubernetes.io/name: {{ include "authentik.name" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
type: Opaque
data:
  password: {{ randAlphaNum 20 | b64enc | quote }}

What do you see instead?

Despite not doing any manual changes, I am experiencing an issue with the app's inability to connect to the PostgreSQL server after a few days. When attempting to connect to the PostgreSQL server manually, the environment variables POSTGRES_PASSWORD and POSTGRES_POSTGRES_PASSWORD still match the originally set passwords from the secrets. However, I am unable to connect locally using these credentials, even though it was working when I initially deployed everything.

I have attempted to resolve the issue by setting it up initially and then restarting each Pod, but it does not seem to have been connected to the problem.

I suspect that when there is a new version of the Helm Chart, which I upgrade automatically, it may be causing some changes and possibly setting a new password. However, I am unable to confirm my suspicions at this time.

I found this issue #28893, which goes a bit in this direction but do not understand what exactly the fix was.

Additional information

I have the same problem also when trying to deploy Next Cloud. The PostgreSQL password just changes after some time.
@mordax7 mordax7 added the tech-issues The user has a technical issue about an application label Oct 2, 2024
@github-actions github-actions bot added the triage Triage is needed label Oct 2, 2024
@carrodher
Copy link
Member

Hi, the issue may not be directly related to the Bitnami container image/Helm chart, but rather to how the application is being utilized, configured in your specific environment, or tied to a particular scenario that is not easy to reproduce on our side.

If you think that's not the case and want to contribute a solution, we welcome you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.

Suppose you have any questions about the application, customizing its content, or technology and infrastructure usage. In that case, we highly recommend that you refer to the forums and user guides provided by the project responsible for the application or technology.

With that said, we'll keep this ticket open until the stale bot automatically closes it, in case someone from the community contributes valuable insights.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@carrodher carrodher

Labels
tech-issues The user has a technical issue about an application triage Triage is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@carrodher @mordax7