diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-05-05 11:36:30 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-05-05 12:08:27 +0200 |
commit | bb48fc854a89ae8a9e4efc926df0930ae5a271d5 (patch) | |
tree | d7b91ab3bd2aff21063aebf9959f243a4b70c865 /kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml | |
parent | 35e942928f807e690da35ed438de832b0531a008 (diff) |
[DCAEGEN2] Use common secret template for postgres credentials
Even through we use common secret template both passwords are still
hardcoded in common postgres chart but this will be removed as a final
step just like we did for mariadb-galera.
Issue-ID: OOM-2250
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I4b499e277bb084d7d1f2f2d9b72533a6532b751f
Diffstat (limited to 'kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml')
-rw-r--r-- | kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml index 51af963343..a26ae5d196 100644 --- a/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-inventory-api/values.yaml @@ -26,10 +26,20 @@ global: loggingImage: beats/filebeat:5.5.0 tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 + envsubstImage: dibi/envsubst repositoryCred: user: docker password: docker +secrets: + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-dcae-inventory-api-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "dcae-inventory-api-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate + config: logstashServiceName: log-ls logstashPort: 5044 @@ -82,24 +92,11 @@ postgres: replica: dcae-inv-pg-replica config: pgUserName: dcae_inv + pgUserExternalSecret: *pgUserCredsSecretName pgDatabase: dcae_inventory - pgPrimaryPassword: onapdemodb - pgUserPassword: onapdemodb - pgRootPassword: onapdemodb persistence: mountSubPath: dcae-inv/data mountInitPath: dcae-inv - pgpool: - nameOverride: dcae-inv-pgpool - service: - name: dcae-inv-pgpool - credentials: - pgusername: ddcae_inv - pgpassword: onapdemodb - container: - name: - primary: dcae-inv-pgpool-primary - replica: dcae-inv-pgpool-replica # Resource Limit flavor -By Default using small flavor: small |