diff options
author | Bruno Sakoto <bruno.sakoto@bell.ca> | 2021-03-08 17:59:44 -0500 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-03-24 15:47:12 +0000 |
commit | c27240ba03334c57a012b9b4f535cecdde602526 (patch) | |
tree | 455139b2db782573aad30f8ed0c0fecdd5699291 /kubernetes/cps | |
parent | d8e1c6c974e5df6a7b34e1fa04b64f40d8bbcbab (diff) |
[CPS] Add credentials for service basic auth
Set environment variables for basic authentication to cps service.
Username and password are provided from values file. If the password
is not provided, it is generated from master password at deployment
time.
Issue-ID: CPS-175
Signed-off-by: Bruno Sakoto <bruno.sakoto@bell.ca>
Change-Id: Icc2744b851cfd4288a3951f791f2bd284f4ad3ca
Diffstat (limited to 'kubernetes/cps')
-rwxr-xr-x | kubernetes/cps/templates/deployment.yaml | 7 | ||||
-rwxr-xr-x | kubernetes/cps/values.yaml | 23 |
2 files changed, 24 insertions, 6 deletions
diff --git a/kubernetes/cps/templates/deployment.yaml b/kubernetes/cps/templates/deployment.yaml index 4f87d206a7..59062cc0f8 100755 --- a/kubernetes/cps/templates/deployment.yaml +++ b/kubernetes/cps/templates/deployment.yaml @@ -1,6 +1,6 @@ {{/* # Copyright (C) 2021 Pantheon.tech, Orange -# Modifications Copyright (C) 2020 Bell Canada. All rights reserved. +# Modifications Copyright (C) 2021 Bell Canada. # Modifications Copyright (C) 2021 Nordix Foundation. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -70,6 +70,11 @@ spec: path: {{ .Values.readiness.path }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: CPS_USERNAME + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 12 }} + - name: CPS_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 12 }} resources: {{ include "common.resources" . | nindent 10 }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 12 }} diff --git a/kubernetes/cps/values.yaml b/kubernetes/cps/values.yaml index 2c28231490..77ebb09dd9 100755 --- a/kubernetes/cps/values.yaml +++ b/kubernetes/cps/values.yaml @@ -1,4 +1,4 @@ -# Copyright (C) 2021 Pantheon.tech, Orange +# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -29,6 +29,12 @@ secrets: login: '{{ .Values.postgres.config.pgUserName }}' password: '{{ .Values.postgres.config.pgUserPassword }}' passwordPolicy: generate + - uid: app-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.appUserExternalSecret) . }}' + login: '{{ .Values.config.appUserName }}' + password: '{{ .Values.config.appUserPassword }}' + passwordPolicy: generate ################################################################# # Global configuration defaults. @@ -44,10 +50,6 @@ global: image: onap/cps-and-nf-proxy:1.0.0 containerPort: &svc_port 8080 -config: - # Set it for pre loading xnfdata, else set to null - liquibaseLabels: xnf-data-preload - service: type: ClusterIP name: cps @@ -117,9 +119,20 @@ securityContext: ################################################################# # Application configuration defaults. ################################################################# + +config: + + # Set it for pre loading xnfdata, else set to null + liquibaseLabels: xnf-data-preload + + # REST API basic authentication credentials (passsword is generated if not provided) + appUserName: cpsuser + #appUserPassword: + logging: level: INFO path: /tmp + ################################################################# # Postgres overriding defaults in the postgres ################################################################# |