diff --git a/flux2/core/base/single-sign-on/single-sign-on-database-values-configmap.yaml b/flux2/core/base/single-sign-on/single-sign-on-database-values-configmap.yaml
index 876e898ed5239a2135122045eaf03b5d94cff4d9..2f60358e4b6e101ab489b64f84f9899a34edc8ac 100644
--- a/flux2/core/base/single-sign-on/single-sign-on-database-values-configmap.yaml
+++ b/flux2/core/base/single-sign-on/single-sign-on-database-values-configmap.yaml
@@ -7,9 +7,10 @@ data:
values.yaml: |
auth:
rootPassword: '${database_root_password}'
- persistence:
- enabled: true
- existingClaim: single-sign-on-database
+ primary:
+ persistence:
+ enabled: true
+ existingClaim: single-sign-on-database
initdbScripts:
setup.sql: |
CREATE USER hydra IDENTIFIED BY '${hydra_database_password}';
diff --git a/install/generate_secrets.py b/install/generate_secrets.py
index 3640fd75d388c12aebd4134318a5121c008f501a..04aed3ff53ed53ddc6b7226068fa0ce780b1bcd2 100644
--- a/install/generate_secrets.py
+++ b/install/generate_secrets.py
@@ -24,6 +24,7 @@ import yaml
from kubernetes import client, config
from kubernetes.client.exceptions import ApiException
from kubernetes.utils import create_from_yaml
+from kubernetes.utils.create_from_yaml import FailToCreateError
# This script gets called with an app name as argument. Most of them need an
# oauth client in Hydra, but some don't. This list contains the ones that
@@ -161,10 +162,15 @@ def store_kubernetes_secret(secret_dict, namespace, update=False):
api_response = patch_kubernetes_secret(secret_dict, namespace)
else:
verb = "created"
- api_response = create_from_yaml(
- api_client,
- yaml_objects=[secret_dict],
- namespace=namespace)
+ try:
+ api_response = create_from_yaml(
+ api_client,
+ yaml_objects=[secret_dict],
+ namespace=namespace)
+ except FailToCreateError as ex:
+ print(f"Secret not {verb} because of exception {ex}")
+ return
+
print(f"Secret {verb} with api response: {api_response}")
def patch_kubernetes_secret(secret_dict, namespace):