Skip to content

Commit

Permalink
Make sure we don't propagate users between syncs.
Browse files Browse the repository at this point in the history 
PostgreSQL users should not be propagated between syncs through the
internal state of the operator. Instead, they are always read from
the respective sources (i.e. teams API, infrastructure roles secrets).
  • Loading branch information
@alexeyklyukin
alexeyklyukin committed Dec 4, 2017
1 parent ed7dab4 commit 570c930
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions pkg/cluster/cluster.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,6 +168,11 @@ func (c *Cluster) setStatus(status spec.PostgresStatus) {
// initUsers populates c.systemUsers and c.pgUsers maps.
func (c *Cluster) initUsers() error {
c.setProcessName("initializing users")

// clear our the previous state of the cluster users (in case we are running a sync).
c.systemUsers = map[string]spec.PgUser{}
c.pgUsers = map[string]spec.PgUser{}

c.initSystemUsers()

if err := c.initInfrastructureRoles(); err != nil {
Expand Down

0 comments on commit 570c930

Please sign in to comment.