From 0f31b5bea68021166eb69cdd4f430f9f01b75788 Mon Sep 17 00:00:00 2001
From: Rafia Sabih <rafia.sabih@zalando.de>
Date: Thu, 27 May 2021 14:43:49 +0200
Subject: [PATCH] update docs

---
 charts/postgres-operator/values-crd.yaml          |  2 +-
 charts/postgres-operator/values.yaml              |  2 +-
 docs/reference/operator_parameters.md             | 15 ++++++++-------
 manifests/configmap.yaml                          |  2 +-
 ...postgresql-operator-default-configuration.yaml |  2 +-
 pkg/cluster/cluster.go                            |  2 +-
 6 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/charts/postgres-operator/values-crd.yaml b/charts/postgres-operator/values-crd.yaml
index bd563a636..9c482e0a4 100644
--- a/charts/postgres-operator/values-crd.yaml
+++ b/charts/postgres-operator/values-crd.yaml
@@ -146,7 +146,7 @@ configKubernetes:
   # Postgres pods are terminated forcefully after this timeout
   pod_terminate_grace_period: 5m
   # template for database user secrets generated by the operator
-  secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
+  secret_name_template: "{namespace}.{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
   # set user and group for the spilo container (required to run Spilo as non-root process)
   # spilo_runasuser: "101"
   # spilo_runasgroup: "103"
diff --git a/charts/postgres-operator/values.yaml b/charts/postgres-operator/values.yaml
index 15a53a00d..3c6349bcc 100644
--- a/charts/postgres-operator/values.yaml
+++ b/charts/postgres-operator/values.yaml
@@ -138,7 +138,7 @@ configKubernetes:
   # Postgres pods are terminated forcefully after this timeout
   pod_terminate_grace_period: 5m
   # template for database user secrets generated by the operator
-  secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
+  secret_name_template: "{namespace}.{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
   # set user and group for the spilo container (required to run Spilo as non-root process)
   # spilo_runasuser: "101"
   # spilo_runasgroup: "103"
diff --git a/docs/reference/operator_parameters.md b/docs/reference/operator_parameters.md
index b0d982943..980e27c4c 100644
--- a/docs/reference/operator_parameters.md
+++ b/docs/reference/operator_parameters.md
@@ -172,11 +172,11 @@ under the `users` key.
 
 ## Major version upgrades
 
-Parameters configuring automatic major version upgrades. In a 
+Parameters configuring automatic major version upgrades. In a
 CRD-configuration, they are grouped under the `major_version_upgrade` key.
 
 * **major_version_upgrade_mode**
-  Postgres Operator supports [in-place major version upgrade](../administrator.md#in-place-major-version-upgrade) 
+  Postgres Operator supports [in-place major version upgrade](../administrator.md#in-place-major-version-upgrade)
   with three different modes:
   `"off"` = no upgrade by the operator,
   `"manual"` = manifest triggers action,
@@ -275,11 +275,12 @@ configuration they are grouped under the `kubernetes` key.
 
 * **secret_name_template**
   a template for the name of the database user secrets generated by the
-  operator. `{username}` is replaced with name of the secret, `{cluster}` with
-  the name of the cluster, `{tprkind}` with the kind of CRD (formerly known as
-  TPR) and `{tprgroup}` with the group of the CRD. No other placeholders are
-  allowed. The default is
-  `{username}.{cluster}.credentials.{tprkind}.{tprgroup}`.
+  operator. `{namesapce}` is replaced with name of the namespace (if any,
+  otherwise empty), `{username}` is replaced with name of the secret,
+  `{cluster}` with the name of the cluster, `{tprkind}` with the kind of CRD
+  (formerly known as TPR) and `{tprgroup}` with the group of the CRD.
+  No other placeholders are allowed. The default is
+  `{namesapce}.{username}.{cluster}.credentials.{tprkind}.{tprgroup}`.
 
 * **cluster_domain**
   defines the default DNS domain for the kubernetes cluster the operator is
diff --git a/manifests/configmap.yaml b/manifests/configmap.yaml
index b379975eb..7898735bd 100644
--- a/manifests/configmap.yaml
+++ b/manifests/configmap.yaml
@@ -113,7 +113,7 @@ data:
   resync_period: 30m
   ring_log_lines: "100"
   role_deletion_suffix: "_deleted"
-  secret_name_template: "{username}.{cluster}.credentials"
+  secret_name_template: "{namespace}.{username}.{cluster}.credentials"
   # sidecar_docker_images: ""
   # set_memory_request_to_limit: "false"
   spilo_allow_privilege_escalation: "true"
diff --git a/manifests/postgresql-operator-default-configuration.yaml b/manifests/postgresql-operator-default-configuration.yaml
index 65dfd6ce4..1af4a9ce4 100644
--- a/manifests/postgresql-operator-default-configuration.yaml
+++ b/manifests/postgresql-operator-default-configuration.yaml
@@ -78,7 +78,7 @@ configuration:
     pod_service_account_name: postgres-pod
     # pod_service_account_role_binding_definition: ""
     pod_terminate_grace_period: 5m
-    secret_name_template: "{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
+    secret_name_template: "{namespace}.{username}.{cluster}.credentials.{tprkind}.{tprgroup}"
     spilo_allow_privilege_escalation: true
     # spilo_runasuser: 101
     # spilo_runasgroup: 103
diff --git a/pkg/cluster/cluster.go b/pkg/cluster/cluster.go
index 59c4975e8..ff5fd994b 100644
--- a/pkg/cluster/cluster.go
+++ b/pkg/cluster/cluster.go
@@ -41,7 +41,7 @@ import (
 var (
 	alphaNumericRegexp    = regexp.MustCompile("^[a-zA-Z][a-zA-Z0-9]*$")
 	databaseNameRegexp    = regexp.MustCompile("^[a-zA-Z_][a-zA-Z0-9_]*$")
-	userRegexp            = regexp.MustCompile(`^[a-z0-9,]+\.?[-_a-z0-9,]+[a-z0-9,]$`)
+	userRegexp            = regexp.MustCompile(`^[a-z0-9]+\.?[-_a-z0-9]+[a-z0-9]$`)
 	patroniObjectSuffixes = []string{"config", "failover", "sync"}
 )