Fix: consider additional config for default user creds #1974
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The RabbitMQ operator now respects `default_user` and `default_pass` values provided in the `additionalConfig` field of the `RabbitmqCluster` manifest when creating the default user secret. Previously, the operator would generate random credentials, leading to mismatches and confusion. This change modifies the `Build` function in `internal/resource/default_user_secret.go` to parse the `additionalConfig` string. If `default_user` and `default_pass` are present, their values are used. Otherwise, random credentials are generated, maintaining backward compatibility. Unit tests in `internal/resource/default_user_secret_test.go` and integration tests in `controllers/rabbitmqcluster_controller_test.go` have been added to verify this behavior.
Zerpet
changed the title
|
Hold merge until we have produced 2.17.0 |
mkuratczyk
reviewed
Oct 17, 2025
There was a problem hiding this comment.
Looks good, thanks. My only worry is the compatibility of the ini format as used by RabbitMQ vs github.com/go-ini/ini/. If I'm not mistaken, with this change, we now require additionalConfig to pass go-ini validation, which was not the case before. I'm sure it it will work in most cases, but I don't know about the compatibility of ini formats with more complex content
Zerpet
changed the title
|
That's an interesting point I hadn't consider 🤔 It's always possible to fallback to advanced config. Undesirable, but go-ini validation won't block any user completely. Happy to hold if you want to try to break this PR? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This closes #1018
Note to reviewers: remember to look at the commits in this PR and consider if they can be squashed
Summary Of Changes
The RabbitMQ operator now respects
default_useranddefault_passvalues provided in the
additionalConfigfield of theRabbitmqClustermanifest when creating the default user secret. Previously, the operator
would generate random credentials, leading to mismatches and confusion.
This change modifies the
Buildfunction ininternal/resource/default_user_secret.goto parse theadditionalConfigstring. If
default_useranddefault_passare present, their valuesare used. Otherwise, random credentials are generated, maintaining backward
compatibility.
Unit tests in
internal/resource/default_user_secret_test.goandintegration tests in
controllers/rabbitmqcluster_controller_test.gohavebeen added to verify this behavior.
Local Testing
Unit and integration tests passing.