Add postgresql option target_session_attrs (#1847)

Signed-off-by: Lars Wildemann <lars.wildemann@plusserver.com>
2026-05-06 13:22:50 +00:00 · 2024-05-15 20:47:33 +02:00
parent b49d68ca92
commit e98c913f86
4 changed files with 11 additions and 0 deletions
--- a/.helm/starter/templates/postgres-config.yaml
+++ b/.helm/starter/templates/postgres-config.yaml
@@ -12,6 +12,7 @@ stringData:
  username: {{ .username }}
  password: {{ .password }}
  sslmode: {{ .sslmode }}
+  target_session_attrs: {{ .target_session_attrs | default "any" }}
  type: {{ .type }}
 type: Opaque
 {{- end }}
--- a/docs/user-guide/database-configuration.md
+++ b/docs/user-guide/database-configuration.md
@@ -27,6 +27,7 @@ stringData:
  username: <username to connect as>
  password: <password to connect with>
  sslmode: prefer
+  target_session_attrs: read-write
  type: unmanaged
 type: Opaque
 ```
@@ -37,6 +38,8 @@ type: Opaque

 **Note**: The variable `sslmode` is valid for `external` databases only. The allowed values are: `prefer`, `disable`, `allow`, `require`, `verify-ca`, `verify-full`.

+**Note**: The variable `target_session_attrs` is only useful for `clustered external` databases. The allowed values are: `any` (default), `read-write`, `read-only`, `primary`, `standby` and `prefer-standby`, whereby only `read-write` and `primary` really make sense in AWX use, as you want to connect to a database node that offers write support.
+
 Once the secret is created, you can specify it on your spec:

 ```yaml
--- a/roles/installer/tasks/database_configuration.yml
+++ b/roles/installer/tasks/database_configuration.yml
@@ -100,6 +100,7 @@
    awx_postgres_port: "{{ pg_config['resources'][0]['data']['port'] | b64decode }}"
    awx_postgres_host: "{{ pg_config['resources'][0]['data']['host'] | b64decode }}"
    awx_postgres_sslmode: "{{ pg_config['resources'][0]['data']['sslmode'] |  default('prefer'|b64encode) | b64decode }}"
+    awx_postgres_target_session_attrs: "{{ pg_config['resources'][0]['data']['target_session_attrs'] | default('') | b64decode }}"
  no_log: "{{ no_log }}"

 - name: Set database as managed
--- a/roles/installer/templates/settings/credentials.py.j2
+++ b/roles/installer/templates/settings/credentials.py.j2
@@ -10,6 +10,9 @@ DATABASES = {
        'OPTIONS': { 'sslmode': '{{ awx_postgres_sslmode }}',
 {% if awx_postgres_sslmode in ['verify-ca', 'verify-full'] %}
                     'sslrootcert': '{{ ca_trust_bundle }}',
+{% endif %}
+{% if awx_postgres_target_session_attrs %}
+                     'target_session_attrs': '{{ awx_postgres_target_session_attrs }}',
 {% endif %}
        },
    }
@@ -25,6 +28,9 @@ LISTENER_DATABASES = {
            'keepalives_count': {{ postgres_keepalives_count }},
 {% else %}
            'keepalives': 0,
+{% endif %}
+{% if awx_postgres_target_session_attrs %}
+            'target_session_attrs': '{{ awx_postgres_target_session_attrs }}',
 {% endif %}
        },
    }