Greg H
02/23/2024, 7:00 PMpostgresqlSecretName
in my User Deployment when I deploy the infrastructure (daemon , webserver) separately?Scout
02/23/2024, 7:00 PMpostgresql
section of the values.yaml
file. If you are managing your PostgreSQL credentials as a Kubernetes Secret outside of the Dagster Helm chart, you should disable the generation of this Secret within the chart by setting generatePostgresqlPasswordSecret
to false
. Additionally, you should set .Values.global.postgresqlSecretName
to the name of the externally managed Secret. Therefore, if you are deploying your infrastructure components like the daemon and webserver separately and wish to use an external PostgreSQL database with credentials stored in a Kubernetes Secret, you should indeed set the postgresqlSecretName
in your deployment configuration to point to the name of that Secret. This allows the separate components of your Dagster deployment to access the PostgreSQL database using the credentials defined in the externally managed Secret.Greg H
02/23/2024, 7:32 PMgeneratePostgresqlPasswordSecret
to false
is described for the "infrastructure" deployment that deploys the daemon and webserver but this does not seem to work for the User Deployment. I have them deployed in different namespaces so I cannot access the secret from my User Deployment. How can I tell the user deployment to stop searching for the secret?Scout
02/23/2024, 7:33 PMgeneratePostgresqlPasswordSecret
to false
. However, if this setting is not working as expected for the User Deployment, it might be due to the Helm chart's design or a limitation in how the chart handles secrets for User Deployments specifically. If the Helm chart does not provide a direct way to disable the secret lookup for the User Deployment, you may need to take a different approach. One potential solution is to create a duplicate of the PostgreSQL Secret in the same namespace as the User Deployment. This way, the User Deployment can access the necessary credentials without attempting to access a Secret from another namespace. Here's a general approach you could take: 1. Create a duplicate of the PostgreSQL Secret in the namespace of the User Deployment with the same key-value pairs as the original Secret. 2. Ensure that the User Deployment's Helm chart configuration references the name of the duplicated Secret correctly. If the Helm chart for the User Deployment does not provide a way to specify the secret name or to disable the secret lookup, you might need to customize the Helm chart or seek a feature update from the maintainers of the Dagster Helm chart to support this use case. For further assistance, it would be beneficial to consult the specific Helm chart documentation for User Deployments or reach out to the Dagster community, such as through GitHub issues or discussions, to see if there are any known workarounds or upcoming features that would address this scenario.