Skip to main content

Connections

Connections are an easy way to authenticate against sources. It can be created via a CRD or by adding it in the settings page

A sample connection CRD looks like:

apiVersion: mission-control.flanksource.com/v1
kind: Connection
metadata:
name: payments-database
namespace: default
spec:
postgres:
database:
value: payments
host:
value: postgres.host.com
insecureTLS: true
username:
valueFrom:
secretKeyRef:
name: payments-database-credentials
key: POSTGRES_USER
password:
valueFrom:
secretKeyRef:
name: payments-database-credentials
key: POSTGRES_PASSWORD

Referencing Connections

A connection string can be represented in the form of namespace/connection_name

It can then be used in Health Checks, Playbooks, Notifications etc via the connection field.

apiVersion: canaries.flanksource.com/v1
kind: Canary
metadata:
name: postgres-check
spec:
postgres:
- name: postgres schemas check
connection: connection://default/payments-database
query: SELECT COUNT(*) FROM payments where state = 'pending'

This allows us a safe and reusable way to handle authentication

tip

The connection string can also be found in the status.ref field of the connection kubernetes object.

tip

If the entire URL is in the secrets and cannot be constructed like scheme://$(username):$(password)@<host>:<port> you can fetch that directly like

kind: Connection
metadata:
name: opensearch-global
spec:
type: opensearch
url:
value: $(password)
password:
valueFrom:
secretKeyRef:
name: opensearch-credentials
key: OPENSEARCH_URL

Schema

FieldDescriptionSchemeRequired
urlURL in templatable formEnvVaryes
portPort numberEnvVar
typeType of datasource (postgres,mysql,elasticsearch ...)string
usernameUsernameEnvVar
passwordPasswordEnvVar
certificateCertificate for verificationEnvVar
propertiesProperty fieldsmap[string]string
insecure_tlsAllow insecure tlsbool