aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/appc/values.yaml
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-01-23 11:49:25 +0100
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-02-01 00:10:01 +0100
commite74ed5cd24df70e1e9b137eadf8e32d5c89f236b (patch)
tree09e2881a74abd0833dd7328364c6a666dbeba67c /kubernetes/appc/values.yaml
parent3ed9c940d61526344303ad29d9ce1dc50eb4117a (diff)
[APPC] Don't hardcode mariadb root password
You should never ever assume that secretpassword is a production ready password for your mariadb-galera instance. Instead let's just share a secret with our instance of mariadb-galera. Issue-ID: OOM-2275 Change-Id: I25486ad81a2ec428dbbd379ab3529c84f55acc4b Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/appc/values.yaml')
-rw-r--r--kubernetes/appc/values.yaml9
1 files changed, 8 insertions, 1 deletions
diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml
index 4dfb2263ad..a4cd0a644a 100644
--- a/kubernetes/appc/values.yaml
+++ b/kubernetes/appc/values.yaml
@@ -26,6 +26,14 @@ global:
mountPath: /dockerdata-nfs
#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: "db-root-pass"
+ externalSecret: '{{- include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" (index .Values "mariadb-galera" "nameOverride")) }}'
+ type: password
+
+#################################################################
# Application configuration defaults.
#################################################################
flavor: small
@@ -43,7 +51,6 @@ config:
odlGid: 101
ansibleServiceName: appc-ansible-server
ansiblePort: 8000
- mariadbRootPassword: secretpassword
userName: my-user
userPassword: my-password
mysqlDatabase: my-database