From 4f750ade6b16f890593088caf77511bd09401e49 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20No=C3=ABl?= Date: Mon, 9 Feb 2026 16:14:03 -0500 Subject: [PATCH 1/3] Fix incorrect creds for replica MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Philippe Noël --- charts/cluster/templates/origin-azure-creds.yaml | 2 +- charts/cluster/templates/origin-google-creds.yaml | 2 +- charts/cluster/templates/origin-s3-creds.yaml | 2 +- charts/cluster/templates/recovery-azure-creds.yaml | 2 +- charts/cluster/templates/recovery-google-creds.yaml | 2 +- charts/cluster/templates/recovery-s3-creds.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/cluster/templates/origin-azure-creds.yaml b/charts/cluster/templates/origin-azure-creds.yaml index 1da9c19e9d..df26644ca3 100644 --- a/charts/cluster/templates/origin-azure-creds.yaml +++ b/charts/cluster/templates/origin-azure-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-origin-azure-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} + name: {{ default (printf "%s-origin-azure-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} namespace: {{ include "cluster.namespace" . }} data: AZURE_CONNECTION_STRING: {{ .Values.recovery.azure.connectionString | b64enc | quote }} diff --git a/charts/cluster/templates/origin-google-creds.yaml b/charts/cluster/templates/origin-google-creds.yaml index 852ae7a0b5..64df5ab4fb 100644 --- a/charts/cluster/templates/origin-google-creds.yaml +++ b/charts/cluster/templates/origin-google-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-origin-google-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} + name: {{ default (printf "%s-origin-google-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} namespace: {{ include "cluster.namespace" . }} data: APPLICATION_CREDENTIALS: {{ .Values.recovery.google.applicationCredentials | b64enc | quote }} diff --git a/charts/cluster/templates/origin-s3-creds.yaml b/charts/cluster/templates/origin-s3-creds.yaml index cc19da4668..d65c245f90 100644 --- a/charts/cluster/templates/origin-s3-creds.yaml +++ b/charts/cluster/templates/origin-s3-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-origin-s3-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} + name: {{ default (printf "%s-origin-s3-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} namespace: {{ include "cluster.namespace" . }} data: ACCESS_KEY_ID: {{ required ".Values.replica.origin.objectStore.s3.accessKey is required, but not specified." .Values.replica.origin.objectStore.s3.accessKey | b64enc | quote }} diff --git a/charts/cluster/templates/recovery-azure-creds.yaml b/charts/cluster/templates/recovery-azure-creds.yaml index fc4f676d1d..5205bb4989 100644 --- a/charts/cluster/templates/recovery-azure-creds.yaml +++ b/charts/cluster/templates/recovery-azure-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-recovery-azure-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} + name: {{ default (printf "%s-recovery-azure-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} namespace: {{ include "cluster.namespace" . }} data: AZURE_CONNECTION_STRING: {{ .Values.recovery.azure.connectionString | b64enc | quote }} diff --git a/charts/cluster/templates/recovery-google-creds.yaml b/charts/cluster/templates/recovery-google-creds.yaml index 013e9d7cae..47c49823f0 100644 --- a/charts/cluster/templates/recovery-google-creds.yaml +++ b/charts/cluster/templates/recovery-google-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-recovery-google-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} + name: {{ default (printf "%s-recovery-google-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} namespace: {{ include "cluster.namespace" . }} data: APPLICATION_CREDENTIALS: {{ .Values.recovery.google.applicationCredentials | b64enc | quote }} diff --git a/charts/cluster/templates/recovery-s3-creds.yaml b/charts/cluster/templates/recovery-s3-creds.yaml index d70ed2120f..0986010bcb 100644 --- a/charts/cluster/templates/recovery-s3-creds.yaml +++ b/charts/cluster/templates/recovery-s3-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-recovery-s3-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} + name: {{ default (printf "%s-recovery-s3-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} namespace: {{ include "cluster.namespace" . }} data: ACCESS_KEY_ID: {{ required ".Values.recovery.s3.accessKey is required, but not specified." .Values.recovery.s3.accessKey | b64enc | quote }} From a170da26fdeefa8b357c1a7510ce9ae5ae59f79f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20No=C3=ABl?= Date: Mon, 9 Feb 2026 16:15:25 -0500 Subject: [PATCH 2/3] Undo recovery changes MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Philippe Noël --- charts/cluster/templates/recovery-azure-creds.yaml | 2 +- charts/cluster/templates/recovery-google-creds.yaml | 2 +- charts/cluster/templates/recovery-s3-creds.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/charts/cluster/templates/recovery-azure-creds.yaml b/charts/cluster/templates/recovery-azure-creds.yaml index 5205bb4989..fc4f676d1d 100644 --- a/charts/cluster/templates/recovery-azure-creds.yaml +++ b/charts/cluster/templates/recovery-azure-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-recovery-azure-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} + name: {{ default (printf "%s-recovery-azure-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} namespace: {{ include "cluster.namespace" . }} data: AZURE_CONNECTION_STRING: {{ .Values.recovery.azure.connectionString | b64enc | quote }} diff --git a/charts/cluster/templates/recovery-google-creds.yaml b/charts/cluster/templates/recovery-google-creds.yaml index 47c49823f0..013e9d7cae 100644 --- a/charts/cluster/templates/recovery-google-creds.yaml +++ b/charts/cluster/templates/recovery-google-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-recovery-google-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} + name: {{ default (printf "%s-recovery-google-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} namespace: {{ include "cluster.namespace" . }} data: APPLICATION_CREDENTIALS: {{ .Values.recovery.google.applicationCredentials | b64enc | quote }} diff --git a/charts/cluster/templates/recovery-s3-creds.yaml b/charts/cluster/templates/recovery-s3-creds.yaml index 0986010bcb..d70ed2120f 100644 --- a/charts/cluster/templates/recovery-s3-creds.yaml +++ b/charts/cluster/templates/recovery-s3-creds.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: {{ default (printf "%s-recovery-s3-creds" (include "cluster.fullname" .)) .Values.replica.origin.objectStore.secret.name }} + name: {{ default (printf "%s-recovery-s3-creds" (include "cluster.fullname" .)) .Values.recovery.secret.name }} namespace: {{ include "cluster.namespace" . }} data: ACCESS_KEY_ID: {{ required ".Values.recovery.s3.accessKey is required, but not specified." .Values.recovery.s3.accessKey | b64enc | quote }} From e6234838e324fbfc3933d369e787116e7f3bab37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Philippe=20No=C3=ABl?= Date: Mon, 9 Feb 2026 16:17:44 -0500 Subject: [PATCH 3/3] Add Azure test MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Philippe Noël --- .../04-replica_origin_azure_creds-assert.yaml | 9 +++++++ .../04-replica_origin_azure_creds.yaml | 27 +++++++++++++++++++ .../chainsaw-test.yaml | 12 +++++++++ 3 files changed, 48 insertions(+) create mode 100644 charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds-assert.yaml create mode 100644 charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds.yaml diff --git a/charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds-assert.yaml b/charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds-assert.yaml new file mode 100644 index 0000000000..b2b2fb10b4 --- /dev/null +++ b/charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds-assert.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: Secret +metadata: + name: replica-origin-azure-creds-paradedb-origin-azure-creds +data: + AZURE_CONNECTION_STRING: "bXljb25uc3RyaW5n" + AZURE_STORAGE_ACCOUNT: "bXlhY2NvdW50" + AZURE_STORAGE_KEY: "bXlzdG9yYWdla2V5" + AZURE_STORAGE_SAS_TOKEN: "bXlzYXN0b2tlbg==" diff --git a/charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds.yaml b/charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds.yaml new file mode 100644 index 0000000000..51810ffaf3 --- /dev/null +++ b/charts/cluster/test/postgresql-cluster-configuration/04-replica_origin_azure_creds.yaml @@ -0,0 +1,27 @@ +type: postgresql +mode: replica + +cluster: + instances: 1 + storage: + size: 256Mi + +replica: + self: "replica-cluster" + primary: "source-cluster" + bootstrap: + source: object_store + origin: + objectStore: + clusterName: source-cluster + provider: azure + destinationPath: "https://myaccount.blob.core.windows.net/mycontainer" + azure: + connectionString: "myconnstring" + storageAccount: "myaccount" + storageKey: "mystoragekey" + storageSasToken: "mysastoken" + containerName: "mycontainer" + +backups: + enabled: false diff --git a/charts/cluster/test/postgresql-cluster-configuration/chainsaw-test.yaml b/charts/cluster/test/postgresql-cluster-configuration/chainsaw-test.yaml index 9eeb457a93..f5c6d03862 100644 --- a/charts/cluster/test/postgresql-cluster-configuration/chainsaw-test.yaml +++ b/charts/cluster/test/postgresql-cluster-configuration/chainsaw-test.yaml @@ -47,6 +47,18 @@ spec: recovery-backup-database-owner ../../ - assert: file: ./03-recovery_backup_database_owner-assert.yaml + - name: Verify replica origin Azure credentials are rendered correctly + try: + - script: + content: | + helm template \ + --namespace $NAMESPACE \ + --values ./04-replica_origin_azure_creds.yaml \ + --show-only templates/origin-azure-creds.yaml \ + replica-origin-azure-creds ../../ \ + | kubectl apply --namespace $NAMESPACE -f - + - assert: + file: ./04-replica_origin_azure_creds-assert.yaml - name: Cleanup try: - script: