Secret Environment variable not used in Backup Plan

[torstenbrink]

Hi,
I´m experiencing an issue with the newly introduced feature to load ENV VARs to inject them into the backup plan configuration.

Specifically I´d like to insert the MongoDB password into the Backup Plan via ENV.

So here´s what I did.

a) Have a values.yaml file for the HELM chart:

    extraEnvSecrets:
      GRAYLOG__TARGET_PASSWORD:   # PLAN_ID__KEY_PROPERTY
         secret: mgob-secrets
         key: graylog-db
    config:
        graylog.yml:
          scheduler:
            # run on time every day at 2:30 am CET.
            cron: "30 2 * * *"
            retention: 8
            timeout: 60
          target:
            host: "mongodb-0.mongodb-headless.components.svc.cluster.local,mongodb-1.mongodb-headless.components.svc.cluster.local"
            port: 27017
            database: "graylog"
            username: "graylog" # Username, leave blank if auth is not enabled
            params: "--authenticationDatabase graylog --authenticationMechanism SCRAM-SHA-256"

b) Created the secret in the same namespace:

apiVersion: v1
kind: Secret
metadata:
  name: mgob-secrets
  namespace: components
 data:
  graylog-db: ***************
type: Opaque

What did I verify:

• The ENV is available within the container, so that´s fine.

mgob-0:/# echo $GRAYLOG__TARGET_PASSWORD
***************

• What confused me a bit, is the cmd that is beeing used from mgob when trying to do a manual (or scheduled) backup:

time="2024-06-06T06:12:02Z" level=debug msg="dump cmd: mongodump --archive=/tmp/graylog-1717654322.gz --gzip --host mongodb-0.mongodb-headless.components.svc.cluster.local,mongodb-1.mongodb-headless.components.svc.cluster.local --port 27017 --db graylog --authenticationDatabase graylog --authenticationMechanism SCRAM-SHA-256 "

It is missing the username and password parameter, which is obviously the reason why this is not working. However the username exists in the configuration. If I add the password manually in the yaml and try it with classic approach everything is fine.

Would be great to get some support on this, as I´m now kind of stuck with this (or too stupid ;-) )

Thanks

Torsten

[maxisam]

honestly, I don't know. Once it is in environment variable like that it should work. I am doing the same way.
What helm chart do you use? It should be

  - name: mgob
    version: '2.1.0'
    repository: 'https://maxisam.github.io/mgob'

[torstenbrink]

Hi,
first of all many thanks for support here. We were able to identify the issue itself as the chart you were refering to (2.1.0) does not provide this new announced feature:

Current default values:

image:
  registry: docker.io
  repository: maxisam/mgob
  tag: "2.0.18-all"

However the image tag above doesn´t contain the feature yet.. so we had to update the image.tag to make it work.. see below:

    image:
      tag: "2.0.20-all"

[maxisam]

Thanks, I should update the helm chart when I create a new version next time.