diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-07 21:06:58 +0100 |
|---|---|---|
| committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-17 22:33:40 +0100 |
| commit | d74a65962b4ece0e89b0ef66912ce367a6187e15 (patch) | |
| tree | 868986b3ca626a6aae04f201aed4d07d8d7a4231 /kubernetes/oof/charts/oof-cmso/values.yaml | |
| parent | 4eddfbdf9caabe3ce30937d78b1bfe8aad72f8f9 (diff) | |
[OOF] Use common secret template for mariadb credentials
Remove all hardcoded credentials for mariadb and depend on common
secret template to generate all passwords at the deployment time.
Issue-ID: OOM-2292
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I54e57b317a8852469bcc11aabf6ddf0040ff5eb3
Diffstat (limited to 'kubernetes/oof/charts/oof-cmso/values.yaml')
| -rw-r--r-- | kubernetes/oof/charts/oof-cmso/values.yaml | 46 |
1 files changed, 42 insertions, 4 deletions
diff --git a/kubernetes/oof/charts/oof-cmso/values.yaml b/kubernetes/oof/charts/oof-cmso/values.yaml index c97138bded..2b8ad9487d 100644 --- a/kubernetes/oof/charts/oof-cmso/values.yaml +++ b/kubernetes/oof/charts/oof-cmso/values.yaml @@ -12,6 +12,23 @@ # See the License for the specific language governing permissions and # limitations under the License. +################################################################# +# Secrets metaconfig +################################################################# +secrets: + - uid: cmso-db-root-password + name: '{{ include "common.release" . }}-cmso-db-root-password' + type: password + password: '' + policy: generate + - uid: cmso-db-secret + name: '{{ include "common.release" . }}-cmso-db-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.db.userName }}' + password: '{{ .Values.config.db.userPassword }}' + passwordPolicy: generate + mariadb-galera: replicaCount: 1 nameOverride: cmso-db @@ -26,9 +43,8 @@ mariadb-galera: enabled: true disableNfsProvisioner: true config: - mariadbRootPassword: beer - userName: cmso-admin - userPassword: nimda-osmc + mariadbRootPasswordExternalSecret: '{{ include "common.release" . }}-cmso-db-root-password' + userCredentialsExternalSecret: '{{ include "common.release" . }}-cmso-db-secret' mysqlDatabase: cmso externalConfig: | [mysqld] @@ -49,4 +65,26 @@ flavor: small config: log: logstashServiceName: log-ls - logstashPort: 5044
\ No newline at end of file + logstashPort: 5044 + db: + # userCredentialsExternalsecret: some secret + userName: cmso-admin + # userPassword: password + +oof-cmso-service: + config: + db: + userCredentialsExternalSecret: '{{ include "common.release" . }}-cmso-db-secret' + rootPasswordExternalSecret: '{{ include "common.release" . }}-cmso-db-root-password' + host: oof-cmso-dbhost + container: cmso-db + mysqlDatabase: cmso + +oof-cmso-optimizer: + config: + db: + userCredentialsExternalSecret: '{{ include "common.release" . }}-cmso-db-secret' + rootPasswordExternalSecret: '{{ include "common.release" . }}-cmso-db-root-password' + host: oof-cmso-dbhost + container: cmso-db + mysqlDatabase: optimizer |