-
Notifications
You must be signed in to change notification settings - Fork 500
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't initialize when there is no tidb.password #282
Conversation
Relates to some discussion on #274 |
Don't create * a secret * an initializer job The user can manage users from the MySQL connection
The related documents should be updated too. |
/run-e2e-tests |
What are the checkbox meaning? Will you support both of them in this PR? |
Yes. It is listing the manual testing cases. Perhaps you want to do the unchecked one? |
From #274, we've discussed that it's better to reference secret name created outside of helm. Are you going to do this in another PR or just leave it like this? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
secret name references would be a different PR. |
* Don't initialize when there is no tidb.password Don't create * a secret * an initializer job The user can manage users from the MySQL connection * update password documentation
Changes
Don't create
Motivation
From my reading, random password initialization is broken: helm/helm#3053
The user can manage users from the MySQL connection
As a benefit this allows users manage their password such that it is never stored in K8s. Or they can create their own init job, etc.
Testing
For both options: