[Bug]: Missing StorageAccount validation allows invalid Azure configurations #9598
Description
Is there an existing issue already for this bug?
- I have searched for an existing issue, and could not find anything. I believe this is a new bug.
I have read the troubleshooting guide
- I have read the troubleshooting guide and I think this is a new bug.
I am running a supported version of CloudNativePG
- I have read the troubleshooting guide and I think this is a new bug.
Contact Details
No response
Version
trunk (main)
What version of Kubernetes are you using?
1.34
What is your Kubernetes environment?
Self-managed: kind (evaluation)
How did you install the operator?
YAML manifest
What happened?
The Azure credentials validation (inherited from barman-cloud dependency) allows users to specify storageKey or storageSasToken without specifying storageAccount. This configuration passes validation but fails at runtime.
Example invalid configuration that currently passes validation:
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: cluster-example
spec:
backup:
barmanObjectStore:
destinationPath: https://mystorageaccount.blob.core.windows.net/backups
azureCredentials:
storageKey:
name: azure-secret
key: storage-key
# Missing storageAccount - passes validation but fails at runtime!There is an existing PR on barman-cloud fixing the issue cloudnative-pg/barman-cloud#177
Cluster resource
Relevant log output
Code of Conduct
- I agree to follow this project's Code of Conduct