Add separate host and port to secret template

Author: pimmerks

README.md

@@ -194,12 +194,14 @@ Every PostgresUser has a generated Kubernetes secret attached to it, which conta
 |  Key                 | Comment             |
 |----------------------|---------------------|
 | `DATABASE_NAME`      | Name of the database, same as in `Postgres` CR, copied for convenience |
-| `HOST`               | PostgreSQL server host |
+| `HOST`               | PostgreSQL server host (including port number) |
 | `PASSWORD`           | Autogenerated password for user |
 | `ROLE`               | Autogenerated role with login enabled (user) |
 | `LOGIN`              | Same as `ROLE`. In case `POSTGRES_CLOUD_PROVIDER` is set to "Azure", `LOGIN` it will be set to `{role}@{serverName}`, serverName is extracted from `POSTGRES_USER` from operator's config. |
 | `POSTGRES_URL`       | Connection string for Posgres, could be used for Go applications |
 | `POSTGRES_JDBC_URL`  | JDBC compatible Postgres URI, formatter as `jdbc:postgresql://{POSTGRES_HOST}/{DATABASE_NAME}` |
+| `HOSTNAME`           | The PostgreSQL server hostname (without port) |
+| `PORT`               | The PostgreSQL server port |
 
 ### Multiple operator support
 
@@ -219,12 +221,14 @@ meeting the specific needs of different applications.
 
 Available context:
 
-| Variable    | Meaning                  |
-|-------------|--------------------------|
-| `.Host`     | Database host            |
-| `.Role`     | Generated user/role name |
-| `.Database` | Referenced database name |
-| `.Password` | Generated role password  |
+| Variable    | Meaning                      |
+|-------------|------------------------------|
+| `.Host`     | Database host                |
+| `.Role`     | Generated user/role name     |
+| `.Database` | Referenced database name     |
+| `.Password` | Generated role password      |
+| `.Hostname` | Database host (without port) |
+| `.Port`     | Database port                |
 
 ### Compatibility
 

internal/controller/postgresuser_controller.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"maps"
+	"net"
 
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -177,7 +178,7 @@ func (r *PostgresUserReconciler) Reconcile(ctx context.Context, req ctrl.Request
 		return r.requeue(ctx, instance, err)
 	}
 
-	secret, err := r.newSecretForCR(instance, role, password, login)
+	secret, err := r.newSecretForCR(reqLogger, instance, role, password, login)
 	if err != nil {
 		return r.requeue(ctx, instance, err)
 	}
@@ -232,10 +233,17 @@ func (r *PostgresUserReconciler) getPostgresCR(ctx context.Context, instance *db
 	return &database, nil
 }
 
-func (r *PostgresUserReconciler) newSecretForCR(cr *dbv1alpha1.PostgresUser, role, password, login string) (*corev1.Secret, error) {
+func (r *PostgresUserReconciler) newSecretForCR(reqLogger logr.Logger, cr *dbv1alpha1.PostgresUser, role, password, login string) (*corev1.Secret, error) {
+	hostname, port, err := net.SplitHostPort(r.pgHost)
+	if err != nil {
+		hostname = r.pgHost
+		port = "5432"
+		reqLogger.Error(err, fmt.Sprintf("failed to parse host and port from: '%s', using default port 5432", r.pgHost))
+	}
+
 	pgUserUrl := fmt.Sprintf("postgresql://%s:%s@%s/%s", role, password, r.pgHost, cr.Status.DatabaseName)
 	pgJDBCUrl := fmt.Sprintf("jdbc:postgresql://%s/%s", r.pgHost, cr.Status.DatabaseName)
-	pgDotnetUrl := fmt.Sprintf("User ID=%s;Password=%s;Host=%s;Port=5432;Database=%s;", role, password, r.pgHost, cr.Status.DatabaseName)
+	pgDotnetUrl := fmt.Sprintf("User ID=%s;Password=%s;Host=%s;Port=%s;Database=%s;", role, password, hostname, port, cr.Status.DatabaseName)
 	labels := map[string]string{
 		"app": cr.Name,
 	}
@@ -253,6 +261,8 @@ func (r *PostgresUserReconciler) newSecretForCR(cr *dbv1alpha1.PostgresUser, rol
 		Host:     r.pgHost,
 		Database: cr.Status.DatabaseName,
 		Password: password,
+		Hostname: hostname,
+		Port:     port,
 	})
 	if err != nil {
 		return nil, fmt.Errorf("render templated keys: %w", err)
@@ -267,6 +277,8 @@ func (r *PostgresUserReconciler) newSecretForCR(cr *dbv1alpha1.PostgresUser, rol
 		"ROLE":                []byte(role),
 		"PASSWORD":            []byte(password),
 		"LOGIN":               []byte(login),
+		"PORT":                []byte(port),
+		"HOSTNAME":            []byte(hostname),
 	}
 	// templates may override standard keys
 	if len(templateData) > 0 {

internal/controller/postgresuser_controller_test.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 
+	"github.com/go-logr/logr"
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 	"go.uber.org/mock/gomock"
@@ -324,6 +325,8 @@ var _ = Describe("PostgresUser Controller", func() {
 				Expect(foundSecret.Data).To(HaveKey("POSTGRES_JDBC_URL"))
 				Expect(foundSecret.Data).To(HaveKey("POSTGRES_URL"))
 				Expect(foundSecret.Data).To(HaveKey("ROLE"))
+				Expect(foundSecret.Data).To(HaveKey("HOSTNAME"))
+				Expect(foundSecret.Data).To(HaveKey("PORT"))
 			})
 
 			It("should fail if the database does not exist", func() {
@@ -528,7 +531,7 @@ var _ = Describe("PostgresUser Controller", func() {
 			}
 
 			// Call newSecretForCR with test values
-			secret, err := rp.newSecretForCR(cr, "role1", "pass1", "login1")
+			secret, err := rp.newSecretForCR(logr.Discard(), cr, "role1", "pass1", "login1")
 
 			// Verify results
 			Expect(err).NotTo(HaveOccurred())
@@ -574,7 +577,7 @@ var _ = Describe("PostgresUser Controller", func() {
 			}
 
 			// Call newSecretForCR
-			secret, err := rp.newSecretForCR(cr, "role2", "pass2", "login2")
+			secret, err := rp.newSecretForCR(logr.Discard(), cr, "role2", "pass2", "login2")
 
 			// Verify results
 			Expect(err).NotTo(HaveOccurred())
@@ -611,7 +614,7 @@ var _ = Describe("PostgresUser Controller", func() {
 			}
 
 			// Call newSecretForCR
-			secret, err := rp.newSecretForCR(cr, "role3", "pass3", "login3")
+			secret, err := rp.newSecretForCR(logr.Discard(), cr, "role3", "pass3", "login3")
 
 			// Verify results
 			Expect(err).NotTo(HaveOccurred())

pkg/utils/template.go

@@ -11,6 +11,8 @@ type TemplateContext struct {
 	Role     string
 	Database string
 	Password string
+	Hostname string // Hostname is different from Host as it does not contain the port number.
+	Port     string
 }
 
 func RenderTemplate(data map[string]string, tc TemplateContext) (map[string][]byte, error) {

pkg/utils/template_test.go

@@ -18,29 +18,33 @@ var _ = ginkgo.Describe("Template Utils", func() {
 				Role:     "admin",
 				Database: "postgres",
 				Password: "secret",
+				Hostname: "localhost",
+				Port:     "5432",
 			}
 		})
 
 		ginkgo.When("provided with valid templates", func() {
 			ginkgo.BeforeEach(func() {
 				templates = map[string]string{
-					"simple":      "Host: {{.Host}}",
-					"all-fields":  "Host: {{.Host}}, Role: {{.Role}}, DB: {{.Database}}, Password: {{.Password}}",
-					"multi-line":  "Connection Info:\n  Host: {{.Host}}\n  Database: {{.Database}}",
-					"empty-templ": "",
+					"simple":            "Host: {{.Host}}",
+					"all-fields":        "Host: {{.Host}}, Role: {{.Role}}, DB: {{.Database}}, Password: {{.Password}}",
+					"multi-line":        "Connection Info:\n  Host: {{.Host}}\n  Database: {{.Database}}",
+					"empty-templ":       "",
+					"connection-string": "postgres://{{.Role}}:{{.Password}}@{{.Hostname}}:{{.Port}}/{{.Database}}",
 				}
 			})
 
 			ginkgo.It("should render all templates correctly", func() {
 				result, err := RenderTemplate(templates, templateContext)
 
 				gomega.Expect(err).NotTo(gomega.HaveOccurred())
-				gomega.Expect(result).To(gomega.HaveLen(4))
+				gomega.Expect(result).To(gomega.HaveLen(5))
 
 				gomega.Expect(string(result["simple"])).To(gomega.Equal("Host: localhost"))
 				gomega.Expect(string(result["all-fields"])).To(gomega.Equal("Host: localhost, Role: admin, DB: postgres, Password: secret"))
 				gomega.Expect(string(result["multi-line"])).To(gomega.Equal("Connection Info:\n  Host: localhost\n  Database: postgres"))
 				gomega.Expect(string(result["empty-templ"])).To(gomega.Equal(""))
+				gomega.Expect(string(result["connection-string"])).To(gomega.Equal("postgres://admin:secret@localhost:5432/postgres"))
 			})
 		})