Adam Brusselback
02/03/2025, 8:05 PMAdam Brusselback
02/03/2025, 10:54 PM{{- $secret := (lookup "v1" "Secret" .Release.Namespace "goacquire-cluster-prefect-app") }}
{{- if $secret }}
---
apiVersion: v1
kind: Secret
metadata:
name: prefect-postgres-secret
type: Opaque
data:
connection-string: {{ printf "<postgresql+asyncpg://%s:%s@goacquire-cluster-prefect-rw:5432/app>" ($secret.data.username | b64dec) ($secret.data.password | b64dec) | b64enc }}
{{- end }}
I really hate this solution... Any other ideas?Jamie Zieziula
02/03/2025, 11:09 PMprefect-server
Jamie Zieziula
02/03/2025, 11:11 PM<postgresql+asyncpg://username:password@host>:port/db
Jamie Zieziula
02/03/2025, 11:11 PMMitch Nielsen
02/03/2025, 11:15 PMpostgresql.auth.existingSecret
- I suspect that's coming from the downstream PostgreSQL chart and we just don't happen to be overriding it from oursMitch Nielsen
02/03/2025, 11:17 PMMitch Nielsen
02/03/2025, 11:19 PMpostgresql:
auth:
existingSecret: my-secret
server:
secret:
create: false
Adam Brusselback
02/03/2025, 11:19 PMhelm install...
helm update...
before my cluster worksAdam Brusselback
02/03/2025, 11:20 PMprefect-server:
secret:
create: false
name: prefect-postgres-secret
postgresql:
enabled: false
It does work... I really hate the fact I can't install in one go though.Jamie Zieziula
02/03/2025, 11:23 PMJamie Zieziula
02/03/2025, 11:23 PMAdam Brusselback
02/03/2025, 11:25 PM{{- $secret := (lookup "v1" "Secret" .Release.Namespace "goacquire-cluster-prefect-app") }}
{{- if $secret }}
---
apiVersion: v1
kind: Secret
metadata:
name: prefect-postgres-secret
type: Opaque
data:
connection-string: {{ printf "<postgresql+asyncpg://%s:%s@goacquire-cluster-prefect-rw:5432/app>" ($secret.data.username | b64dec) ($secret.data.password | b64dec) | b64enc }}
{{- end }}
Notice the if
clause there... If I remove it, I get the following error:
Error: INSTALLATION FAILED: template: goacquire/templates/prefect-postgres-secret.yaml:12:106: executing "goacquire/templates/prefect-postgres-secret.yaml" at <$secret.data.username>: nil pointer evaluating interface {}.username
Adam Brusselback
02/03/2025, 11:26 PMAdam Brusselback
02/03/2025, 11:27 PMMitch Nielsen
02/03/2025, 11:37 PMMitch Nielsen
02/03/2025, 11:42 PMAdam Brusselback
02/03/2025, 11:50 PMhelm install ...
helm upgrade ...
and I need to live with it.Adam Brusselback
02/03/2025, 11:51 PMMitch Nielsen
02/03/2025, 11:51 PMhelm install <goacquire
and then helm install prefect-server
. some tools like helmfile
make this easier to manage - I wonder if they allow you to specify the order š¤Mitch Nielsen
02/03/2025, 11:52 PMAdam Brusselback
02/03/2025, 11:55 PMprefect-server:
env:
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: goacquire-cluster-prefect-app
key: username
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: goacquire-cluster-prefect-app
key: password
- name: POSTGRES_HOST
value: goacquire-cluster-prefect-rw
- name: POSTGRES_PORT
value: 5432
- name: POSTGRES_DATABASE
value: app
(or whatever env var names make sense for Prefect).
I think that would work at least...if the chart supported it.Adam Brusselback
02/04/2025, 12:01 AMMitch Nielsen
02/04/2025, 12:04 AMextraEnv
and allow you to provide a list of map entries where you can specify all that. if you're interested in opening a PR for that we'd be happy to review it, otherwise we can try to get to that soon
edit: actually, this would require an application change, too, to accept individual env vars and parse together the connection string itself rather than the existing all-in-one PREFECT_API_DATABASE_CONNECTION_URL
. I can look into that more on the app side and see if that's supported, and if not we can propose itMitch Nielsen
02/04/2025, 12:04 AMMitch Nielsen
02/04/2025, 12:06 AMAdam Brusselback
02/04/2025, 12:08 AMMitch Nielsen
02/04/2025, 12:51 AM