openDesk v1.2.1 / password mismatch for openproject_user in postgres
Environment here (k8s-cluster rolled out with kubespray-2.27.0): k8s-v1.31.4, helm-v3.17.2, helmfile-v1.0.0-rc.12, calico, and local-path-provisioner
Testinstallations with openDesk-v1.1.2 working fine but 1.2.1 stuck at:
Upgrading release=openproject, chart=/tmp/helmfile2775000663/odesk/openproject/openproject/9.8.3/openproject, namespace=odeskThe installation fails in the moment where openproject is trying to access the postgres db. The logs of postgres shows a mismatch with the authentication:
~ # kubectl -n odesk describe pod/openproject-worker-default-574547f5b-tzb58 | tail -n 10
Type Reason Age From Message
---- ------ ---- ---- -------
Warning FailedScheduling 9m56s default-scheduler 0/2 nodes are available: waiting for ephemeral volume controller to create the persistentvolumeclaim "openproject-worker-default-574547f5b-tzb58-app-tmp". preemption: 0/2 nodes are available: 2 Preemption is not helpful for scheduling.
Normal Scheduled 9m36s default-scheduler Successfully assigned odesk/openproject-worker-default-574547f5b-tzb58 to white
Normal Pulling 9m34s kubelet Pulling image "registry.opencode.de/bmi/opendesk/components/supplier/openproject/images-mirror/open_desk:15.4.2@sha256:d88df284e03b5c255ad3963ebe335f38a4e069754569dd47c5e92930e0b26a1b"
Normal Pulled 8m55s kubelet Successfully pulled image "registry.opencode.de/bmi/opendesk/components/supplier/openproject/images-mirror/open_desk:15.4.2@sha256:d88df284e03b5c255ad3963ebe335f38a4e069754569dd47c5e92930e0b26a1b" in 412ms (39.359s including waiting). Image size: 831033933 bytes.
Normal Created 7m13s (x5 over 8m55s) kubelet Created container: wait-for-db
Normal Started 7m13s (x5 over 8m55s) kubelet Started container wait-for-db
Normal Pulled 7m13s (x4 over 8m48s) kubelet Container image "registry.opencode.de/bmi/opendesk/components/supplier/openproject/images-mirror/open_desk:15.4.2@sha256:d88df284e03b5c255ad3963ebe335f38a4e069754569dd47c5e92930e0b26a1b" already present on machine
Warning BackOff 4m32s (x18 over 8m41s) kubelet Back-off restarting failed container wait-for-db in pod openproject-worker-default-574547f5b-tzb58_odesk(25797616-6757-451c-a43a-af323b23203f)~ # kubectl -n odesk logs -f pod/postgresql-0
[...]
2025-04-03 09:32:31.508 UTC [2280] FATAL: password authentication failed for user "openproject_user"
2025-04-03 09:32:31.508 UTC [2280] DETAIL: Connection matched pg_hba.conf line 100: "host all all all scram-sha-256"
[...]Looks like the secret, OPENPROJECT_DB_PASSWORD(?) does not match?
openproject is one of the latest tast, all other installed fine with the postgres db. f.e. see pod list:
k8s-vm:~ # kubectl -n odesk get pods
NAME READY STATUS RESTARTS AGE
clamav-simple-0 2/2 Running 0 54m
collabora-8567b89ff9-7qbqz 1/1 Running 0 39m
cryptpad-fc947674b-msx5j 1/1 Running 0 38m
dovecot-685d746745-jlrb7 1/1 Running 0 49m
intercom-service-576b6ccf58-hmrmb 1/1 Running 0 51m
jitsi-jibri-6b8f6d648b-nfcmp 1/1 Running 0 37m
jitsi-jicofo-749fd6bf48-nr2d5 1/1 Running 0 37m
jitsi-jvb-6d8bbb7b8-8cq9w 1/1 Running 0 36m
jitsi-prosody-0 1/1 Running 0 37m
jitsi-web-7c9bb89b6b-69nm8 1/1 Running 0 36m
mariadb-0 1/1 Running 0 54m
matrix-neoboard-widget-767946c66b-nrq85 1/1 Running 0 35m
matrix-neochoice-widget-75d7776fb6-kg4vh 1/1 Running 0 35m
matrix-neodatefix-bot-5567b74f4-tdsvr 1/1 Running 1 (34m ago) 35m
matrix-neodatefix-widget-b5b86d546-wcg55 1/1 Running 0 35m
memcached-c99c5c69d-gz99z 1/1 Running 0 54m
minio-d64db4845-zgvr4 1/1 Running 0 54m
nubus-nginx-s3-gateway-f6498684c-n6r2p 1/1 Running 0 51m
open-xchange-core-documentconverter-77f696b549-p266f 1/1 Running 0 48m
open-xchange-core-guidedtours-54947d56bd-7wgnk 1/1 Running 0 48m
open-xchange-core-imageconverter-54c8d97bd-wgxxr 1/1 Running 0 48m
open-xchange-core-mw-default-0 1/1 Running 0 44m
open-xchange-core-ui-56cc9f877d-mzx45 1/1 Running 0 48m
open-xchange-core-ui-middleware-84b566db86-wj686 1/1 Running 0 48m
open-xchange-core-ui-middleware-updater-7449f47b9-lfckz 1/1 Running 0 48m
open-xchange-core-user-guide-5c5c79db8b-qqbg4 1/1 Running 0 48m
open-xchange-gotenberg-5dc8dfb7b7-dt95l 1/1 Running 0 48m
open-xchange-guard-ui-9c45f66bc-b55wn 1/1 Running 0 48m
open-xchange-nextcloud-integration-ui-778fd46f9b-mmsng 1/1 Running 0 48m
open-xchange-public-sector-ui-647bb5dd84-rz798 1/1 Running 0 48m
opendesk-element-85455ff46b-rpxrr 1/1 Running 0 35m
opendesk-jitsi-keycloak-adapter-57f9f84677-8pxsh 1/1 Running 0 37m
opendesk-matrix-user-verification-service-679dbbf996-4cqr7 1/1 Running 0 35m
opendesk-nextcloud-aio-cd99f9655-zhghl 1/1 Running 0 40m
opendesk-nextcloud-aio-cron-29061245-gvw45 1/1 Running 0 2s
opendesk-nextcloud-exporter-659989c9d9-bzhjr 1/1 Running 0 40m
opendesk-static-files-c5db84b8d-q4vwf 1/1 Running 0 55m
opendesk-synapse-0 1/1 Running 0 35m
opendesk-synapse-web-86957766bf-dx8lt 1/1 Running 0 35m
opendesk-well-known-7b9b68f45c-dr2gg 1/1 Running 0 35m
openproject-web-67ffc874c7-7pdf7 0/1 Init:CrashLoopBackOff 10 (5m9s ago) 33m
openproject-worker-default-574547f5b-tzb58 0/1 Init:CrashLoopBackOff 11 (14s ago) 33m
ox-connector-0 0/1 Init:0/1 0 48m
postfix-b8fd55b67-7s9xd 1/1 Running 0 54m
postfix-ox-6f6d7678dd-gx774 1/1 Running 0 49m
postgresql-0 1/1 Running 0 54m
redis-master-0 1/1 Running 0 54m
ums-guardian-authorization-api-767b4fdb8d-nt5cs 1/1 Running 6 (45m ago) 50m
ums-guardian-management-api-f59556bb8-kjgmz 1/1 Running 6 (45m ago) 50m
ums-guardian-management-ui-577c454957-xtb87 1/1 Running 0 50m
ums-guardian-open-policy-agent-6dfb44cb4c-nd4tg 1/1 Running 0 50m
ums-keycloak-0 1/1 Running 0 50m
ums-keycloak-bootstrap-bootstrap-1-s2bgs 0/1 Completed 0 50m
ums-keycloak-extensions-handler-7cbd9f4db5-zhf4t 1/1 Running 6 (46m ago) 50m
ums-keycloak-extensions-proxy-6849ff8-v6w2q 1/1 Running 0 50m
ums-ldap-notifier-0 1/1 Running 6 (43m ago) 50m
ums-ldap-server-primary-0 2/2 Running 0 50m
ums-portal-consumer-0 0/1 Init:3/5 9 (7m5s ago) 50m
ums-portal-frontend-58db7dc456-qbtdh 1/1 Running 0 50m
ums-portal-server-9fd7bdb94-dmqbq 1/1 Running 0 50m
ums-provisioning-api-67ff9bb96c-gq4cm 0/1 Init:0/1 10 (6m13s ago) 50m
ums-provisioning-dispatcher-9f6b458d9-n4hqs 0/1 Init:Error 10 (7m20s ago) 50m
ums-provisioning-nats-0 1/3 CrashLoopBackOff 22 (52s ago) 50m
ums-provisioning-prefill-5c8ccd7675-2r27b 0/1 CrashLoopBackOff 12 (4m54s ago) 50m
ums-provisioning-register-consumers-1-5rbsq 0/1 Init:Error 0 32m
ums-provisioning-register-consumers-1-696dq 0/1 Init:Error 0 23m
ums-provisioning-register-consumers-1-cg7vm 0/1 Init:Error 0 45m
ums-provisioning-register-consumers-1-ckhnw 0/1 Init:Error 0 28m
ums-provisioning-register-consumers-1-lm2jz 0/1 Init:Error 0 36m
ums-provisioning-register-consumers-1-szxh4 0/1 Init:Error 0 50m
ums-provisioning-register-consumers-1-vmk58 0/1 Init:Error 0 40m
ums-provisioning-udm-listener-0 1/1 Running 0 50m
ums-provisioning-udm-transformer-75bfc744f4-ksdln 0/1 Init:CrashLoopBackOff 9 (19s ago) 50m
ums-selfservice-listener-6b7c479475-4csxg 0/1 Init:CrashLoopBackOff 10 (53s ago) 50m
ums-stack-data-ums-1-526x5 0/1 Error 0 50m
ums-stack-data-ums-1-654zc 0/1 Completed 0 39m
ums-stack-data-ums-1-tkzf9 0/1 Error 0 40m
ums-udm-rest-api-56d56f58c8-dfrsj 1/1 Running 0 50m
ums-umc-gateway-7f66bbdd6f-kv2hl 1/1 Running 0 50m
ums-umc-server-0 2/2 Running 0 50m
ums-umc-server-b4bf98b9c-lqdcr 1/1 Running 0 50mEdited by Stephan Lauffer