public_git
/
postgres-operator
mirror of https://github.com/zalando/postgres-operator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

stop retention user cleanup early again when DB connection attempt fails

This commit is contained in:
Felix Kunde 2025-11-25 12:14:35 +01:00
parent 2c57498e43
commit 36018c54a1
2 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
pkg/cluster/database.go
View File

@ -281,9 +281,23 @@ func findUsersFromRotation(rotatedUsers []string, db *sql.DB) (map[string]string
return extraUsers, nil
}
func (c *Cluster) cleanupRotatedUsers(rotatedUsers []string, db *sql.DB) error {
func (c *Cluster) cleanupRotatedUsers(rotatedUsers []string) error {
c.setProcessName("checking for rotated users to remove from the database due to configured retention")
extraUsers, err := findUsersFromRotation(rotatedUsers, db)
err := c.initDbConn()
if err != nil {
return fmt.Errorf("could not init db connection: %v", err)
}
defer func() {
if c.connectionIsClosed() {
return
}
if err := c.closeDbConn(); err != nil {
c.logger.Errorf("could not close database connection after removing users exceeding configured retention interval: %v", err)
}
}()
extraUsers, err := findUsersFromRotation(rotatedUsers, c.pgDb)
if err != nil {
return fmt.Errorf("error when querying for deprecated users from password rotation: %v", err)
}
@ -304,7 +318,7 @@ func (c *Cluster) cleanupRotatedUsers(rotatedUsers []string, db *sql.DB) error {
}
if retentionDate.After(userCreationDate) {
c.logger.Infof("dropping user %q due to configured days in password_rotation_user_retention", rotatedUser)
if err = users.DropPgUser(rotatedUser, db); err != nil {
if err = users.DropPgUser(rotatedUser, c.pgDb); err != nil {
c.logger.Errorf("could not drop role %q: %v", rotatedUser, err)
continue
}

9
pkg/cluster/sync.go
View File

@ -1089,16 +1089,9 @@ func (c *Cluster) syncSecrets() error {
// remove rotation users that exceed the retention interval
if len(retentionUsers) > 0 {
err := c.initDbConn()
if err != nil {
errors = append(errors, fmt.Sprintf("could not init db connection: %v", err))
}
if err = c.cleanupRotatedUsers(retentionUsers, c.pgDb); err != nil {
if err := c.cleanupRotatedUsers(retentionUsers); err != nil {
errors = append(errors, fmt.Sprintf("error removing users exceeding configured retention interval: %v", err))
}
if err := c.closeDbConn(); err != nil {
errors = append(errors, fmt.Sprintf("could not close database connection after removing users exceeding configured retention interval: %v", err))
}
}
if len(errors) > 0 {