User PWs not restored after Restore in Place procedure

[siegenthalerroger]

Hi all

We did a test disaster recovery run and identified some documentation points that should be clarified (as identified by other posters previously, see end of post). We got over all of those issues however and successfully recovered our DB from our backups. We did however encounter some issues even with the DB being restored.

After the restore the PWs of configured DB users were no longer working. The operator did not ensure they were set to the correct values as specified in the pre-existing secrets, nor did it generate new secrets.

Further we encountered some issues with our Harbor deployment. The OAuth client secret, replication secrets and user CLI secrets were all invalid and had to be manually reset.

Is this the expected behaviour after a restore?

Our config:

apiVersion: "acid.zalan.do/v1"
kind: postgresql
metadata:
  name: elderbyte-postgres-cluster
spec:
  clone:
    uid: "<old uid>"
    cluster: "elderbyte-postgres-cluster"
    timestamp: "2023-04-27T12:00:00+01:00"
  teamId: "elderbyte" # required
  numberOfInstances: 2
  postgresql:
    version: "14"
  users: # map of namespace.usernames - user flags
    elderbyte:
      - superuser
    "registry.harbor": []
    "gitlab.gitlab": 
      - superuser
  databases: # map of database names to database owners
    harborcore: registry.harbor
    harbornotaryserver: registry.harbor
    harbornotarysigner: registry.harbor
    gitlabhq_production: gitlab.gitlab
  volume:
    size: 10Gi
    storageClass: ssd-retained
  spiloFSGroup: 103 # needed to make cert-manager secrets readable (see tls key)
  tls:
    secretName: postgres-internal-certificate
    certificateFile: tls.crt
    privateKeyFile: tls.key
    caFile: ca.crt
  resources:
    requests: 
      cpu: 250m
      memory: 500Mi
    limits:
      cpu: 1000m
      memory: 2000Mi

Documentation updates:

• Requirement for CLONE_ variables: restore backups are missing vital information #2197 Point-In-Time Recovery without Cloning? #1353