[DCAEGEN2][bootstrap] Use common secret template for postgres credentials

Even through we use common secret template both passwords are still
hardcoded in common postgres chart but this will be removed as a final
step just like we did for mariadb-galera.

Issue-ID: OOM-2250
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Icaa5334d6ebad4fbce23ed4f59b74448c02783cf

1 files changed, 10 insertions, 12 deletions

diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index a5bd69af02..5fcd916989 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -28,6 +28,15 @@ global:
   loggingImage: beats/filebeat:5.5.0
   tlsRepository: nexus3.onap.org:10001
   tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+  envsubstImage: dibi/envsubst
+
+secrets:
+  - uid: pg-root-pass
+    name: &pgRootPassSecretName '{{ include "common.release" . }}-dcae-bootstrap-pg-root-pass'
+    type: password
+    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "dcae-bootstrap-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+    password: '{{ .Values.postgres.config.pgRootpassword }}'
+    policy: generate
 
 config:
   logstashServiceName: log-ls
@@ -77,21 +86,10 @@ postgres:
       primary: dcae-pg-primary
       replica: dcae-pg-replica
   config:
-    pgPrimaryPassword: onapdemodb
-    pgRootPassword: onapdemodb
+    pgRootPasswordExternalSecret: *pgRootPassSecretName
   persistence:
     mountSubPath: dcae/data
     mountInitPath: dcae
-  pgpool:
-    nameOverride: dcae-pgpool
-    service:
-      name: dcae-pgpool
-    credentials:
-      pgpassword: onapdemodb
-    container:
-      name:
-        primary: dcae-pgpool-primary
-        replica: dcae-pgpool-replica
 
 mongo:
   nameOverride: dcae-mongo