diff --git a/charts/postgres-operator/crds/postgresqls.yaml b/charts/postgres-operator/crds/postgresqls.yaml index 667c58efa..ec9fb4afc 100644 --- a/charts/postgres-operator/crds/postgresqls.yaml +++ b/charts/postgres-operator/crds/postgresqls.yaml @@ -138,6 +138,16 @@ spec: connectionPooler: type: object properties: + imagePullSecrets: + type: array + nullable: true + items: + type: object + required: + - name + properties: + name: + type: string dockerImage: type: string maxDBConnections: diff --git a/docs/reference/cluster_manifest.md b/docs/reference/cluster_manifest.md index ab0353202..1243e28d3 100644 --- a/docs/reference/cluster_manifest.md +++ b/docs/reference/cluster_manifest.md @@ -588,6 +588,9 @@ for both master and replica pooler services (if `enableReplicaConnectionPooler` User to create for connection pooler to be able to connect to a database. You can also choose a role from the `users` section or a system user role. +* **imagePullSecrets** + References an existing Kubernetes secret to use when pulling a custom pooler image. + * **dockerImage** Which docker image to use for connection pooler deployment. diff --git a/manifests/postgresql.crd.yaml b/manifests/postgresql.crd.yaml index 7a1b21a4d..161364bd0 100644 --- a/manifests/postgresql.crd.yaml +++ b/manifests/postgresql.crd.yaml @@ -136,6 +136,16 @@ spec: connectionPooler: type: object properties: + imagePullSecrets: + type: array + nullable: true + items: + type: object + required: + - name + properties: + name: + type: string dockerImage: type: string maxDBConnections: diff --git a/pkg/apis/acid.zalan.do/v1/crds.go b/pkg/apis/acid.zalan.do/v1/crds.go index b89cb1448..8beb87c68 100644 --- a/pkg/apis/acid.zalan.do/v1/crds.go +++ b/pkg/apis/acid.zalan.do/v1/crds.go @@ -220,6 +220,19 @@ var PostgresCRDResourceValidation = apiextv1.CustomResourceValidation{ "connectionPooler": { Type: "object", Properties: map[string]apiextv1.JSONSchemaProps{ + "imagePullSecrets": { + Type: "array", + Nullable: true, + Items: &apiextv1.JSONSchemaPropsOrArray{ + Schema: &apiextv1.JSONSchemaProps{ + Type: "object", + Required: []string{"name"}, + Properties: map[string]apiextv1.JSONSchemaProps{ + "name": {Type: "string"}, + }, + }, + }, + }, "dockerImage": { Type: "string", }, diff --git a/pkg/apis/acid.zalan.do/v1/postgresql_type.go b/pkg/apis/acid.zalan.do/v1/postgresql_type.go index ef6dfe7ff..6533f3b16 100644 --- a/pkg/apis/acid.zalan.do/v1/postgresql_type.go +++ b/pkg/apis/acid.zalan.do/v1/postgresql_type.go @@ -242,12 +242,13 @@ type PostgresStatus struct { // makes sense to expose. E.g. pool size (min/max boundaries), max client // connections etc. type ConnectionPooler struct { - NumberOfInstances *int32 `json:"numberOfInstances,omitempty"` - Schema string `json:"schema,omitempty"` - User string `json:"user,omitempty"` - Mode string `json:"mode,omitempty"` - DockerImage string `json:"dockerImage,omitempty"` - MaxDBConnections *int32 `json:"maxDBConnections,omitempty"` + NumberOfInstances *int32 `json:"numberOfInstances,omitempty"` + Schema string `json:"schema,omitempty"` + User string `json:"user,omitempty"` + Mode string `json:"mode,omitempty"` + DockerImage string `json:"dockerImage,omitempty"` + MaxDBConnections *int32 `json:"maxDBConnections,omitempty"` + ImagePullSecrets []v1.LocalObjectReference `json:"imagePullSecrets,omitempty"` *Resources `json:"resources,omitempty"` } diff --git a/pkg/cluster/connection_pooler.go b/pkg/cluster/connection_pooler.go index ac4ce67d8..63a281005 100644 --- a/pkg/cluster/connection_pooler.go +++ b/pkg/cluster/connection_pooler.go @@ -412,6 +412,10 @@ func (c *Cluster) generateConnectionPoolerPodTemplate(role PostgresRole) ( }, } + if len(connectionPoolerSpec.ImagePullSecrets) > 0 { + podTemplate.Spec.ImagePullSecrets = connectionPoolerSpec.ImagePullSecrets + } + nodeAffinity := c.nodeAffinity(c.OpConfig.NodeReadinessLabel, spec.NodeAffinity) if c.OpConfig.EnablePodAntiAffinity { labelsSet := labels.Set(c.connectionPoolerLabels(role, false).MatchLabels)