Open
Description
- Which image of the operator are you using? Latest, looking at the code.
- **Where do you run it - Metal. Kubernetes.
- Are you running Postgres Operator in production? yes
- Type of issue? Bug report, feature request
We provide our own secrets so we can add additional data to them. Sometimes secrets don't show up for a few moments, for example if using ExternalSecrets.
When applying a set of manifests including a postgresql and an ExternalSecret that will after a short delay supply a Secret, if the operator's sync happens before ExternalSecrets can create the secret, the operator creates it, and then ExternalSecrets updates it.
This creates a mismatch between the password in the secret and in the password in the DB.
Simply being able to disable secret creation would solve this problem.
If we're open to this idea, would adding a new OperatorConfiguration setting (disable_secret_generation?) and checking it here, here, and here be sufficient?