feat(pgbouncer): simplify authentication using `auth_dbname` by leonardoce · Pull Request #8671 · cloudnative-pg/cloudnative-pg
Previously, CloudNativePG configured authentication by creating a `user_search` function in every accessible database and granting CONNECT privileges to the PgBouncer auth_user. This patch simplifies the process by using the `auth_dbname` configuration option, so that PgBouncer runs its authentication queries only against the `postgres` database. This results in a simpler reconciliation loop with no extra connections required for other databases. Closes: cloudnative-pg#4939 Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com>
label
Sep 26, 2025
gbartolini
changed the title
feat: use
feat(pgbouncer): simplify authentication using auth_dbname option in PgBouncerauth_dbname
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
and removed size:M
This PR changes 30-99 lines, ignoring generated files.labels
Sep 27, 2025
Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com>
Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
rossigee pushed a commit to rossigee/cloudnative-pg that referenced this pull request
Oct 2, 2025…tive-pg#8671) Previously, authentication was handled by creating a `user_search` function in every accessible database and granting `CONNECT` privileges to the PgBouncer `auth_user`. This change leverages the `auth_dbname` option, so PgBouncer runs its authentication queries only against the `postgres` database. PgBouncer 1.19+ is required (`auth_dbame` option needed). Benefits: - simpler reconciliation loop - no extra connections required for other databases Closes: cloudnative-pg#1383 --------- Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com> Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com> Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com> Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com>
THE-BRAHMA pushed a commit to THE-BRAHMA/cloudnative-pg that referenced this pull request
Oct 30, 2025…tive-pg#8671) Previously, authentication was handled by creating a `user_search` function in every accessible database and granting `CONNECT` privileges to the PgBouncer `auth_user`. This change leverages the `auth_dbname` option, so PgBouncer runs its authentication queries only against the `postgres` database. PgBouncer 1.19+ is required (`auth_dbame` option needed). Benefits: - simpler reconciliation loop - no extra connections required for other databases Closes: cloudnative-pg#1383 --------- Signed-off-by: Leonardo Cecchi <leonardo.cecchi@enterprisedb.com> Signed-off-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com> Signed-off-by: Armando Ruocco <armando.ruocco@enterprisedb.com> Co-authored-by: Gabriele Bartolini <gabriele.bartolini@enterprisedb.com> Co-authored-by: Armando Ruocco <armando.ruocco@enterprisedb.com> Signed-off-by: theBrahma <office.utpal.brahma@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters