Skip to main content

PgWeb

PgWeb is a lightweight PostgreSQL web UI deployed for cluster operators. It is not part of the normal product runtime path.

Source paths

  • lumie-infra/storage/pgweb/argocd.yaml
  • lumie-infra/storage/pgweb/helm-values.yaml
  • lumie-infra/storage/pgweb/common-values.yaml
  • lumie-infra/security/teleport/agent/helm-values.yaml

Runtime contract

  • The deployment runs in the lumie-db namespace.
  • It uses the bjw-s/app-template chart plus shared charts/common overlays.
  • Its PGWEB_DATABASE_URL comes from the pgweb-db-secrets secret.
  • That secret is rendered from Vault path infrastructure/postgresql and points at:
    • host lumie-db-rw.lumie-db.svc
    • database lumie

Source path: lumie-infra/storage/pgweb/common-values.yaml

Access boundary

  • Ingress is disabled in the chart.
  • The intended UI path is the Teleport app named pgweb, which proxies http://pgweb.lumie-db.svc.cluster.local:80.

This makes PgWeb an operator-facing admin surface, not a public service.

Why it matters

  • PgWeb targets the main product database, not infra-db.
  • It uses high-privilege database credentials rendered from the shared PostgreSQL Vault path.
  • Because it bypasses application-level tenancy and business rules, it should be treated like direct database access.

Failure modes

  • If the VaultStaticSecret stops refreshing, the pod keeps running but cannot reconnect after password drift.
  • Pointing the tool at lumie-db-rw means primary-service availability directly affects the UI; it does not go through the CNPG pooler.
  • Because it is a generic SQL UI, operator mistakes here bypass backend validations, RLS context propagation, and audit conventions enforced in application code.

Verification

kubectl get applications.argoproj.io -n argocd pgweb
kubectl get pods -n lumie-db | rg pgweb
kubectl get secret -n lumie-db pgweb-db-secrets
kubectl describe deploy -n lumie-db pgweb

Observability

  • PgWeb does not define its own dedicated observability stack in repo-local values.
  • Health is mainly operationally visible through the deployment, pod readiness, and Teleport app reachability.