{"id":13562444,"url":"https://github.com/movetokube/postgres-operator","last_synced_at":"2025-12-24T13:17:42.461Z","repository":{"id":35812942,"uuid":"179711537","full_name":"movetokube/postgres-operator","owner":"movetokube","description":"Postgres operator for Kubernetes","archived":false,"fork":false,"pushed_at":"2024-08-07T15:28:57.000Z","size":32380,"stargazers_count":172,"open_issues_count":53,"forks_count":58,"subscribers_count":5,"default_branch":"master","last_synced_at":"2024-11-15T00:29:15.926Z","etag":null,"topics":["hacktoberfest","kubernetes","operator-sdk","postgres-operator"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/movetokube.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":["hitman99"]}},"created_at":"2019-04-05T15:50:20.000Z","updated_at":"2024-10-28T19:57:19.000Z","dependencies_parsed_at":"2024-11-04T14:34:05.297Z","dependency_job_id":"d21cdaf5-672c-45bf-bb45-9e326fb0e7d4","html_url":"https://github.com/movetokube/postgres-operator","commit_stats":null,"previous_names":[],"tags_count":32,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/movetokube%2Fpostgres-operator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/movetokube%2Fpostgres-operator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/movetokube%2Fpostgres-operator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/movetokube%2Fpostgres-operator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/movetokube","download_url":"https://codeload.github.com/movetokube/postgres-operator/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247057083,"owners_count":20876509,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacktoberfest","kubernetes","operator-sdk","postgres-operator"],"created_at":"2024-08-01T13:01:08.695Z","updated_at":"2025-12-24T13:17:42.433Z","avatar_url":"https://github.com/movetokube.png","language":"Go","readme":"# External PostgreSQL Server Operator for Kubernetes\n\n[![Artifact Hub](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/ext-postgres-operator)](https://artifacthub.io/packages/search?repo=ext-postgres-operator)\n[![Sponsor](https://img.shields.io/badge/Sponsor_on_GitHub-ff69b4?style=for-the-badge\u0026logo=github)](https://github.com/sponsors/hitman99)\n\nManage external PostgreSQL databases in Kubernetes with ease—supporting AWS RDS, Azure Database for PostgreSQL, GCP Cloud SQL, and more.\n\n---\n\n## Table of Contents\n\n- [Sponsors](#sponsors)\n- [Features](#features)\n- [Supported Cloud Providers](#supported-cloud-providers)\n- [Configuration](#configuration)\n- [Installation](#installation)\n- [Custom Resources (CRs)](#custom-resources-crs)\n- [Multiple Operator Support](#multiple-operator-support)\n- [Secret Templating](#secret-templating)\n- [Compatibility](#compatibility)\n- [Contributing](#contributing)\n- [License](#license)\n\n---\n\n## Sponsors\n\nPlease consider supporting this project!\n\n**Current Sponsors:**\n_None yet. [Become a sponsor!](https://github.com/sponsors/hitman99)_\n\n## Features\n\n- Create databases and roles using Kubernetes CRs\n- Automatic creation of randomized usernames and passwords\n- Supports multiple user roles per database\n- Auto-generates Kubernetes secrets with PostgreSQL connection URIs\n- Supports AWS RDS, Azure Database for PostgreSQL, and GCP Cloud SQL\n- Handles CRs in dynamically created namespaces\n- Customizable secret values using templates\n\n---\n\n## Supported Cloud Providers\n\n### AWS\n\nSet `POSTGRES_CLOUD_PROVIDER` to `AWS` via environment variable, Kubernetes Secret, or deployment manifest (`operator.yaml`).\n\n### Azure Database for PostgreSQL – Flexible Server\n\n\u003e **Note:** Azure Single Server is deprecated as of v2.x. Only Flexible Server is supported.\n\n- `POSTGRES_CLOUD_PROVIDER=Azure`\n- `POSTGRES_DEFAULT_DATABASE=postgres`\n\n### GCP\n\n- `POSTGRES_CLOUD_PROVIDER=GCP`\n- Configure a PostgreSQL connection secret\n- Manually create a Master role and reference it in your CRs\n- Master roles are never dropped by the operator\n\n## Configuration\n\nSet environment variables in [`config/manager/operator.yaml`](config/manager/operator.yaml):\n\n| Name | Description | Default |\n| --- | --- | --- |\n| `WATCH_NAMESPACE` | Namespace to watch. Empty string = all namespaces. | (all namespaces) |\n| `POSTGRES_INSTANCE` | Operator identity for multi-instance deployments. | (empty) |\n| `KEEP_SECRET_NAME` | Use user-provided secret names instead of auto-generated ones. | disabled |\n\n\u003e **Note:**\n\u003e If enabling `KEEP_SECRET_NAME`, ensure there are no secret name conflicts in your namespace to avoid reconcile loops.\n\n## Installation\n\n### Install Using Helm (Recommended)\n\nThe Helm chart for this operator is located in the `charts/ext-postgres-operator` subdirectory. Follow these steps to install:\n\n1. Add the Helm repository:\n   ```bash\n   helm repo add ext-postgres-operator https://movetokube.github.io/postgres-operator/\n   ```\n\n2. Install the operator:\n   ```bash\n   helm install -n operators ext-postgres-operator ext-postgres-operator/ext-postgres-operator\n   ```\n\n3. Customize the installation by modifying the values in [values.yaml](charts/ext-postgres-operator/values.yaml).\n\n### Install Using Kustomize\n\nThis operator requires a Kubernetes Secret to be created in the same namespace as the operator itself.\nThe Secret should contain these keys: `POSTGRES_HOST`, `POSTGRES_USER`, `POSTGRES_PASS`, `POSTGRES_URI_ARGS`, `POSTGRES_CLOUD_PROVIDER`, `POSTGRES_DEFAULT_DATABASE`.\n\nExample:\n\n```yaml\napiVersion: v1\nkind: Secret\nmetadata:\n  name: ext-postgres-operator\n  namespace: operators\ntype: Opaque\ndata:\n  POSTGRES_HOST: cG9zdGdyZXM=\n  POSTGRES_USER: cG9zdGdyZXM=\n  POSTGRES_PASS: YWRtaW4=\n  POSTGRES_URI_ARGS: IA==\n  POSTGRES_CLOUD_PROVIDER: QVdT\n  POSTGRES_DEFAULT_DATABASE: cG9zdGdyZXM=\n```\n\nTo install the operator using Kustomize, follow these steps:\n\n1. Configure Postgres credentials for the operator in `config/default/secret.yaml`.\n\n2. Deploy the operator:\n   ```bash\n   kubectl kustomize config/default/ | kubectl apply -f -\n   ```\n\n   Alternatively, use [Kustomize](https://github.com/kubernetes-sigs/kustomize) directly:\n   ```bash\n   kustomize build config/default/ | kubectl apply -f -\n   ```\n\n## Custom Resources (CRs)\n\n### Postgres\n\n```yaml\napiVersion: db.movetokube.com/v1alpha1\nkind: Postgres\nmetadata:\n  name: my-db\n  namespace: app\n  annotations:\n    # OPTIONAL\n    # use this to target which instance of operator should process this CR. See General config\n    postgres.db.movetokube.com/instance: POSTGRES_INSTANCE\nspec:\n  database: test-db # Name of database created in PostgreSQL\n  dropOnDelete: false # Set to true if you want the operator to drop the database and role when this CR is deleted (optional)\n  masterRole: test-db-group (optional)\n  schemas: # List of schemas the operator should create in database (optional)\n  - stores\n  - customers\n  extensions: # List of extensions that should be created in the database (optional)\n  - fuzzystrmatch\n  - pgcrypto\n```\n\nThis creates a database called `test-db` and a role `test-db-group` that is set as the owner of the database.\nReader and writer roles are also created. These roles have read and write permissions to all tables in the schemas created by the operator, if any.\n\n### PostgresUser\n\n```yaml\napiVersion: db.movetokube.com/v1alpha1\nkind: PostgresUser\nmetadata:\n  name: my-db-user\n  namespace: app\n  annotations:\n    # OPTIONAL\n    # use this to target which instance of operator should process this CR. See general config\n    postgres.db.movetokube.com/instance: POSTGRES_INSTANCE\nspec:\n  role: username\n  database: my-db       # This references the Postgres CR\n  secretName: my-secret\n  privileges: OWNER     # Can be OWNER/READ/WRITE\n  annotations:          # Annotations to be propagated to the secrets metadata section (optional)\n    foo: \"bar\"\n  labels:\n    foo: \"bar\"          # Labels to be propagated to the secrets metadata section (optional)\n  secretTemplate:       # Output secrets can be customized using standard Go templates\n    PQ_URL: \"host={{.Host}} user={{.Role}} password={{.Password}} dbname={{.Database}}\"\n```\n\nThis creates a user role `username-\u003chash\u003e` and grants role `test-db-group`, `test-db-writer` or `test-db-reader` depending on `privileges` property. Its credentials are put in secret `my-secret-my-db-user` (unless `KEEP_SECRET_NAME` is enabled).\n\n`PostgresUser` needs to reference a `Postgres` in the same namespace.\n\nTwo `Postgres` referencing the same database can exist in more than one namespace. The last CR referencing a database will drop the group role and transfer database ownership to the role used by the operator.\nEvery PostgresUser has a generated Kubernetes secret attached to it, which contains the following data (i.e.):\n\n|  Key                 | Comment             |\n|----------------------|---------------------|\n| `DATABASE_NAME`      | Name of the database, same as in `Postgres` CR, copied for convenience |\n| `HOST`               | PostgreSQL server host (including port number) |\n| `URI_ARGS`           | URI Args, same as in `Postgres` CR, copied for convenience |\n| `PASSWORD`           | Autogenerated password for user |\n| `ROLE`               | Autogenerated role with login enabled (user) |\n| `LOGIN`              | Same as `ROLE`. In case `POSTGRES_CLOUD_PROVIDER` is set to \"Azure\", `LOGIN` it will be set to `{role}@{serverName}`, serverName is extracted from `POSTGRES_USER` from operator's config. |\n| `POSTGRES_URL`       | Connection string for Posgres, could be used for Go applications |\n| `POSTGRES_JDBC_URL`  | JDBC compatible Postgres URI, formatter as `jdbc:postgresql://{POSTGRES_HOST}/{DATABASE_NAME}` |\n| `HOSTNAME`           | The PostgreSQL server hostname (without port) |\n| `PORT`               | The PostgreSQL server port |\n\n| Functions      | Meaning                                                           |\n|----------------|-------------------------------------------------------------------|\n| `mergeUriArgs` | Merge any provided uri args with any set in the `Postgres` CR     |\n\n### Multiple operator support\n\nRun multiple operator instances by setting unique POSTGRES_INSTANCE values and using annotations in your CRs to assign them.\n\n#### Annotations Use Case\n\nWith the help of annotations it is possible to create annotation-based copies of secrets in other namespaces.\n\nFor more information and an example, see [kubernetes-replicator#pull-based-replication](https://github.com/mittwald/kubernetes-replicator#pull-based-replication)\n\n### Secret Templating\n\nUsers can specify the structure and content of secrets based on their unique requirements using standard\n[Go templates](https://pkg.go.dev/text/template#hdr-Actions). This flexibility allows for a more tailored approach to\nmeeting the specific needs of different applications.\n\nAvailable context:\n\n| Variable    | Meaning                      |\n|-------------|------------------------------|\n| `.Host`     | Database host                |\n| `.Role`     | Generated user/role name     |\n| `.Database` | Referenced database name     |\n| `.Password` | Generated role password      |\n| `.Hostname` | Database host (without port) |\n| `.Port`     | Database port                |\n\n### Compatibility\n\nPostgres operator uses Operator SDK, which uses kubernetes client. Kubernetes client compatibility with Kubernetes cluster\ncan be found [here](https://github.com/kubernetes/client-go/blob/master/README.md#compatibility-matrix)\n\nPostgres operator compatibility with Operator SDK version is in the table below\n\n|                           | Operator SDK version | apiextensions.k8s.io |\n|---------------------------|----------------------|----------------------|\n| `postgres-operator 0.4.x` | v0.17                |  v1beta1             |\n| `postgres-operator 1.x.x` | v0.18                |  v1                  |\n| `postgres-operator 2.x.x` | v1.39                |  v1                  |\n| `HEAD`                    | v1.39                |  v1                  |\n\n\n## Contributing\n\nSee [CONTRIBUTING.md](CONTRIBUTING.md)\n\n## License\n\nThis project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.\n","funding_links":["https://github.com/sponsors/hitman99","https://github.com/sponsors/hitman99)_"],"categories":["Go"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmovetokube%2Fpostgres-operator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmovetokube%2Fpostgres-operator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmovetokube%2Fpostgres-operator/lists"}