Ability to set pod_environment_secret and pod_environment_configmap on cluster resource

Author: dmvolod

charts/postgres-operator/crds/postgresqls.yaml

@@ -196,6 +196,12 @@ spec:
                 type: boolean
               enableShmVolume:
                 type: boolean
+              env:
+                type: array
+                nullable: true
+                items:
+                  type: object
+                  x-kubernetes-preserve-unknown-fields: true
               init_containers:
                 type: array
                 description: deprecated

manifests/postgresql.crd.yaml

@@ -194,6 +194,12 @@ spec:
                 type: boolean
               enableShmVolume:
                 type: boolean
+              env:
+                type: array
+                nullable: true
+                items:
+                  type: object
+                  x-kubernetes-preserve-unknown-fields: true
               init_containers:
                 type: array
                 description: deprecated

pkg/apis/acid.zalan.do/v1/crds.go

@@ -311,6 +311,16 @@ var PostgresCRDResourceValidation = apiextv1.CustomResourceValidation{
 					"enableShmVolume": {
 						Type: "boolean",
 					},
+					"env": {
+						Type:     "array",
+						Nullable: true,
+						Items: &apiextv1.JSONSchemaPropsOrArray{
+							Schema: &apiextv1.JSONSchemaProps{
+								Type:                   "object",
+								XPreserveUnknownFields: util.True(),
+							},
+						},
+					},
 					"init_containers": {
 						Type:        "array",
 						Description: "deprecated",

pkg/apis/acid.zalan.do/v1/postgresql_type.go

@@ -80,6 +80,7 @@ type PostgresSpec struct {
 	TLS                   *TLSDescription             `json:"tls,omitempty"`
 	AdditionalVolumes     []AdditionalVolume          `json:"additionalVolumes,omitempty"`
 	Streams               []Stream                    `json:"streams,omitempty"`
+	Env                   []v1.EnvVar                 `json:"env,omitempty"`
 
 	// deprecated json tags
 	InitContainersOld       []v1.Container `json:"init_containers,omitempty"`

pkg/apis/acid.zalan.do/v1/zz_generated.deepcopy.go

@@ -938,6 +938,10 @@ func deduplicateEnvVars(input []v1.EnvVar, containerName string, logger *logrus.
 func (c *Cluster) getPodEnvironmentConfigMapVariables() ([]v1.EnvVar, error) {
 	configMapPodEnvVarsList := make([]v1.EnvVar, 0)
 
+	if len(c.Spec.Env) > 0 {
+		configMapPodEnvVarsList = append(configMapPodEnvVarsList, c.Spec.Env...)
+	}
+
 	if c.OpConfig.PodEnvironmentConfigMap.Name == "" {
 		return configMapPodEnvVarsList, nil
 	}
@@ -959,7 +963,9 @@ func (c *Cluster) getPodEnvironmentConfigMapVariables() ([]v1.EnvVar, error) {
 		}
 	}
 	for k, v := range cm.Data {
-		configMapPodEnvVarsList = append(configMapPodEnvVarsList, v1.EnvVar{Name: k, Value: v})
+		if !isEnvVarExist(configMapPodEnvVarsList, k) {
+			configMapPodEnvVarsList = append(configMapPodEnvVarsList, v1.EnvVar{Name: k, Value: v})
+		}
 	}
 	return configMapPodEnvVarsList, nil
 }
@@ -968,6 +974,10 @@ func (c *Cluster) getPodEnvironmentConfigMapVariables() ([]v1.EnvVar, error) {
 func (c *Cluster) getPodEnvironmentSecretVariables() ([]v1.EnvVar, error) {
 	secretPodEnvVarsList := make([]v1.EnvVar, 0)
 
+	if len(c.Spec.Env) > 0 {
+		secretPodEnvVarsList = append(secretPodEnvVarsList, c.Spec.Env...)
+	}
+
 	if c.OpConfig.PodEnvironmentSecret == "" {
 		return secretPodEnvVarsList, nil
 	}
@@ -999,20 +1009,31 @@ func (c *Cluster) getPodEnvironmentSecretVariables() ([]v1.EnvVar, error) {
 	}
 
 	for k := range secret.Data {
-		secretPodEnvVarsList = append(secretPodEnvVarsList,
-			v1.EnvVar{Name: k, ValueFrom: &v1.EnvVarSource{
-				SecretKeyRef: &v1.SecretKeySelector{
-					LocalObjectReference: v1.LocalObjectReference{
-						Name: c.OpConfig.PodEnvironmentSecret,
+		if !isEnvVarExist(secretPodEnvVarsList, k) {
+			secretPodEnvVarsList = append(secretPodEnvVarsList,
+				v1.EnvVar{Name: k, ValueFrom: &v1.EnvVarSource{
+					SecretKeyRef: &v1.SecretKeySelector{
+						LocalObjectReference: v1.LocalObjectReference{
+							Name: c.OpConfig.PodEnvironmentSecret,
+						},
+						Key: k,
 					},
-					Key: k,
-				},
-			}})
+				}})
+		}
 	}
 
 	return secretPodEnvVarsList, nil
 }
 
+func isEnvVarExist(envs []v1.EnvVar, key string) bool {
+	for _, env := range envs {
+		if env.Name == key {
+			return true
+		}
+	}
+	return false
+}
+
 func getSidecarContainer(sidecar acidv1.Sidecar, index int, resources *v1.ResourceRequirements) *v1.Container {
 	name := sidecar.Name
 	if name == "" {