We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When I am loading a user password from a k8s secret the generated users chop-generated-users.xml references the wrong environment variable.
chop-generated-users.xml
My config:
apiVersion: clickhouse.altinity.com/v1 kind: ClickHouseInstallation metadata: name: instance namespace: clickhouse spec: configuration: clusters: - layout: replicasCount: 1 shardsCount: 1 name: instance templates: podTemplate: clickhouse-stable serviceTemplate: chi-service-template volumeClaimTemplate: storage-vc-template files: users.d/ro_role.xml: | <clickhouse> <roles> <ro_role> <grants> <query>REVOKE ALL ON *.*</query> <query>GRANT SELECT,SHOW,dictGet ON *.*</query> </grants> </ro_role> </roles> </clickhouse> users: clickhouse_operator/networks/ip: - 0.0.0.0/0 grafana/grants/query: - GRANT ro_role grafana/networks/ip: - 0.0.0.0/0 grafana/password: valueFrom: secretKeyRef: key: grafana name: passwords foo/allow_databases/database: - foo foo/networks/ip: - 0.0.0.0/0 foo/password: valueFrom: secretKeyRef: key: foo name: passwords defaults: templates: serviceTemplate: chi-service-template templates: podTemplates: - metadata: labels: app.kubernetes.io/name: clickhouse-instance name: clickhouse-stable spec: containers: - image: altinity/clickhouse-server:23.8.8.21.altinitystable name: clickhouse serviceAccountName: instance serviceTemplates: - generateName: '{chi}' name: chi-service-template spec: ports: - name: http port: 8123 protocol: TCP targetPort: http - name: tcp port: 9000 protocol: TCP targetPort: tcp type: ClusterIP volumeClaimTemplates: - name: storage-vc-template spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi storageClassName: standard
which generates chop-generated-users.xml
<yandex> <users> <clickhouse_operator> <networks> <ip>10.35.19.198</ip> <ip>0.0.0.0/0</ip> </networks> <password_sha256_hex>716b36073a90c6fe1d445ac1af85f4777c5b7a155cea359961826a030513e448</password_sha256_hex> <profile>clickhouse_operator</profile> </clickhouse_operator> <default> <networks> <host_regexp>(chi-instance-[^.]+\d+-\d+|clickhouse\-instance)\.clickhouse\.svc\.cluster\.local$</host_regexp> <ip>::1</ip> <ip>127.0.0.1</ip> <ip>10.35.19.225</ip> </networks> <profile>default</profile> <quota>default</quota> </default> <grafana> <grants> <query>GRANT ro_role</query> </grants> <networks> <host_regexp>(chi-instance-[^.]+\d+-\d+|clickhouse\-instance)\.clickhouse\.svc\.cluster\.local$</host_regexp> <ip>::1</ip> <ip>127.0.0.1</ip> <ip>0.0.0.0/0</ip> </networks> <password from_env="CONFIGURATION_USERS_VAR_5_GRAFANA_PASSWORD"></password> <profile>default</profile> <quota>default</quota> </grafana> <foo> <allow_databases> <database>foo</database> </allow_databases> <networks> <host_regexp>(chi-instance-[^.]+\d+-\d+|clickhouse\-instance)\.clickhouse\.svc\.cluster\.local$</host_regexp> <ip>::1</ip> <ip>127.0.0.1</ip> <ip>0.0.0.0/0</ip> </networks> <password from_env="CONFIGURATION_USERS_VAR_12_FOO_PASSWORD"></password> <profile>default</profile> <quota>default</quota> </foo> </users> </yandex>
but the defined env variables in the pods are: CONFIGURATION_USERS_VAR_8_GRAFANA_PASSWORD=... CONFIGURATION_USERS_VAR_7_FOO_PASSWORD=...
CONFIGURATION_USERS_VAR_8_GRAFANA_PASSWORD=...
CONFIGURATION_USERS_VAR_7_FOO_PASSWORD=...
So when I connect to the instance I get a wrong password error
Best Adrian
The text was updated successfully, but these errors were encountered:
which clickouse-operator version do you use? is your ClickHouseInstallation in Completed status now?
clickouse-operator
ClickHouseInstallation
Completed
Sorry, something went wrong.
I am using the release-0.23.1 and the status is Completed
release-0.23.1
Test for #1344
8229143
Reproduced in tests and fixed in 0.23.2
https://github.com/Altinity/clickhouse-operator/releases/tag/release-0.23.2
sunsingerus
No branches or pull requests
When I am loading a user password from a k8s secret the generated users
chop-generated-users.xml
references the wrong environment variable.My config:
which generates
chop-generated-users.xml
but the defined env variables in the pods are:
CONFIGURATION_USERS_VAR_8_GRAFANA_PASSWORD=...
CONFIGURATION_USERS_VAR_7_FOO_PASSWORD=...
So when I connect to the instance I get a wrong password error
Best Adrian
The text was updated successfully, but these errors were encountered: