diff --git a/charts/cluster/README.md b/charts/cluster/README.md index 439b926af..5b3fcd204 100644 --- a/charts/cluster/README.md +++ b/charts/cluster/README.md @@ -169,6 +169,8 @@ refer to the [CloudNativePG Documentation](https://cloudnative-pg.io/documentat | cluster.postgresUID | int | `-1` | The UID of the postgres user inside the image, defaults to 26 | | cluster.postgresql.parameters | object | `{}` | PostgreSQL configuration options (postgresql.conf) | | cluster.postgresql.pg_hba | list | `[]` | PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) | +| cluster.postgresql.pg_ident | list | `[]` | PostgreSQL User Name Maps rules (lines to be appended to the pg_ident.conf file) | +| cluster.postgresql.shared_preload_libraries | list | `[]` | Lists of shared preload libraries to add to the default ones | | cluster.primaryUpdateMethod | string | `"switchover"` | Method to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated. It can be switchover (default) or restart. | | cluster.primaryUpdateStrategy | string | `"unsupervised"` | Strategy to follow to upgrade the primary server during a rolling update procedure, after all replicas have been successfully updated: it can be automated (unsupervised - default) or manual (supervised) | | cluster.priorityClassName | string | `""` | | diff --git a/charts/cluster/templates/cluster.yaml b/charts/cluster/templates/cluster.yaml index 232c2b18e..c1879cfef 100644 --- a/charts/cluster/templates/cluster.yaml +++ b/charts/cluster/templates/cluster.yaml @@ -56,11 +56,16 @@ spec: {{- if eq .Values.type "timescaledb" }} - timescaledb {{- end }} + {{- with .Values.cluster.postgresql.shared_preload_libraries }} + {{- toYaml . | nindent 6 }} + {{- end }} {{- with .Values.cluster.postgresql }} parameters: {{- toYaml .parameters | nindent 6 }} pg_hba: {{- toYaml .pg_hba | nindent 6 }} + pg_ident: + {{- toYaml .pg_ident | nindent 6 }} {{ end }} managed: diff --git a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml index c26a44faf..5f5c62a68 100644 --- a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml +++ b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster-assert.yaml @@ -17,6 +17,10 @@ spec: max_connections: "42" pg_hba: - host all 1.2.3.4/32 trust + pg_ident: + - mymap /^(.*)@mydomain\.com$ \1 + shared_preload_libraries: + - pgaudit bootstrap: initdb: database: mydb diff --git a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml index 96a3d429c..c86a5dceb 100644 --- a/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml +++ b/charts/cluster/test/postgresql-cluster-configuration/01-non_default_configuration_cluster.yaml @@ -56,6 +56,10 @@ cluster: max_connections: "42" pg_hba: - host all 1.2.3.4/32 trust + pg_ident: + - mymap /^(.*)@mydomain\.com$ \1 + shared_preload_libraries: + - pgaudit initdb: database: mydb owner: dante diff --git a/charts/cluster/test/timescale-minio-backup-restore/chainsaw-test.yaml b/charts/cluster/test/timescale-minio-backup-restore/chainsaw-test.yaml index e0a8ee401..496153398 100644 --- a/charts/cluster/test/timescale-minio-backup-restore/chainsaw-test.yaml +++ b/charts/cluster/test/timescale-minio-backup-restore/chainsaw-test.yaml @@ -34,6 +34,8 @@ spec: - describe: apiVersion: postgresql.cnpg.io/v1 kind: Cluster + - podLogs: + selector: cnpg.io/cluster=timescale-cluster - name: Verify timescale extensions are installed timeouts: apply: 1s @@ -101,6 +103,12 @@ spec: recovery-backup-pitr ../../ - assert: file: ./07-recovery_backup_pitr_cluster-assert.yaml + catch: + - describe: + apiVersion: postgresql.cnpg.io/v1 + kind: Cluster + - podLogs: + selector: cnpg.io/cluster=recovery-backup-pitr-cluster - name: Verify the pre-backup data on the recovery cluster exists but not the post-backup data try: - apply: diff --git a/charts/cluster/values.schema.json b/charts/cluster/values.schema.json index 9d773a473..9e35d7a90 100644 --- a/charts/cluster/values.schema.json +++ b/charts/cluster/values.schema.json @@ -252,6 +252,12 @@ }, "pg_hba": { "type": "array" + }, + "pg_ident": { + "type": "array" + }, + "shared_preload_libraries": { + "type": "array" } } }, diff --git a/charts/cluster/values.yaml b/charts/cluster/values.yaml index e9e31d784..8398c74d1 100644 --- a/charts/cluster/values.yaml +++ b/charts/cluster/values.yaml @@ -245,6 +245,10 @@ cluster: # -- PostgreSQL Host Based Authentication rules (lines to be appended to the pg_hba.conf file) pg_hba: [] # - host all all 10.244.0.0/16 md5 + pg_ident: [] + # - mymap /^(.*)@mydomain\.com$ \1 + shared_preload_libraries: [] + # - pgaudit # -- BootstrapInitDB is the configuration of the bootstrap process when initdb is used. # See: https://cloudnative-pg.io/documentation/current/bootstrap/