diff options
| author |   Sandeep Shah <sandeeplinux1068@gmail.com> | 2020-09-01 21:13:16 -0500 |
|---|---|---|
| committer | Sandeep Shah <sandeeplinux1068@gmail.com> | 2020-09-24 09:35:19 -0500 |
| commit | 2ffb1ba25a2a797fe781009adcc4766fbf44fe38 (patch) | |
| tree | d5282e2b0970b61d7a5bc4b3b350b4b8fa3374b5 /kubernetes/portal/components/portal-app/values.yaml | |
| parent | 47befb7d30489984cde86ef6377a0e9b573d29d6 (diff) | |
[Portal] Remove hardcoded cassandra password
Make cassandra password generate automatically and distribute it to
components that use DB.
Remove also hardcoded encryption key.
Issue-ID: PORTAL-944
Signed-off-by: SandeepLinux <Sandeep.Shah@att.com>
Change-Id: I6e579a76efacc7a0921fea7c74a7a9e49347ebd8
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Diffstat (limited to 'kubernetes/portal/components/portal-app/values.yaml')
| -rw-r--r-- | kubernetes/portal/components/portal-app/values.yaml | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/kubernetes/portal/components/portal-app/values.yaml b/kubernetes/portal/components/portal-app/values.yaml index 73306ba773..55a7ccca38 100644 --- a/kubernetes/portal/components/portal-app/values.yaml +++ b/kubernetes/portal/components/portal-app/values.yaml @@ -23,9 +23,27 @@ global: readinessImage: onap/oom/readiness:3.0.1 loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 + envsubstImage: dibi/envsubst #AAF service aafEnabled: true +################################################################ +# Secrets metaconfig +################################################################# + +secrets: + - uid: portal-cass + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.cassandra.config.cassandraExternalSecret) . }}' + login: '{{ .Values.cassandra.config.cassandraUsername }}' + password: '{{ .Values.cassandra.config.cassandraPassword }}' + passwordPolicy: required + - uid: cipher-enc-key + type: password + externalSecret: '{{ .Values.config.cipherEncKeyExternalSecret}}' + password: '{{ .Values.config.cipherEncKey }}' + passwordPolicy: required + ################################################################# # Application configuration defaults. ################################################################# @@ -35,6 +53,11 @@ repository: nexus3.onap.org:10001 image: onap/portal-app:3.2.3 pullPolicy: Always +# application configuration +config: + # cipherEncKeyExternalSecret: some secret + cipherEncKey: AGLDdG4D04BKm2IxIWEr8o==! + #AAF local config aafURL: https://aaf-service:8100/authz/ @@ -104,6 +127,7 @@ cassandra: service: name: portal-cassandra config: + # cassandraExternalSecret: some secret cassandraUsername: root cassandraPassword: Aa123456 messageRouter: |