MongoDBUser new feature to retrieve user and password from a secret
Hi! I hope you are doing well.
We would like to have an option in the "MongoDBUser" Custom Resource to reference a Kubernetes secret with user and password instead of only "spec.passwordSecretKeyRef". For us, it's also important to save the user MongoDB in a secret as well and don't pass the user through commands(helm).
Basically, we would like to perform the following steps:
- Create a secret in GCP Secret Manager with MongoDB's user/password.
- Recover the secret using the "External Secrets tool" running in Kubernetes.
- Refer only one secret with user/password in the "MongoDBUser" custom resources as we are doing currently for "spec.passwordSecretKeyRef"...
- The operator will use one secret to retrieve the user and the password.
As we mentioned for security reasons we would like to have the user as a secret as well.
Example:
apiVersion: mongodb.com/v1
kind: MongoDBUser
metadata:
name: example-database-user
spec:
secretKeyRef:
name: mongodb-user-password-kubernetes-secret
usernameKey: username
passwordKey: password
apiVersion: v1
kind: Secret
data:
username: Y3VzdG9tZXIx
password: Y3VzdG9tZXIx
![](https://secure.gravatar.com/avatar/5fdad081f711a928bc847270bc5ae552?size=40&default=https%3A%2F%2Fassets.uvcdn.com%2Fpkg%2Fadmin%2Ficons%2Fuser_70-6bcf9e08938533adb9bac95c3e487cb2a6d4a32f890ca6fdc82e3072e0ea0368.png)
-
Marcos Aranda Lucas commented
Does anyone want this feature?