diff options
author | Sandeep Shah <sandeeplinux1068@gmail.com> | 2020-09-25 15:53:18 -0500 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-10-02 14:01:09 +0000 |
commit | d6b989d947334a7da8acc36ae064d753db360f2c (patch) | |
tree | c8d02b15fcd77ececd798b088a8069c187fa3c5e /kubernetes/portal/components/portal-mariadb/templates | |
parent | 0394e0d21274fd742cadcf9e91e68395bbd6a63f (diff) |
[PORTAL] Non-root user for back-end database
Creation of a non-root user for portal backend
mariaDB database. Update portal apps, such as
front-end app and sdk app, to use the non-root
user to access back-end mariaDB database
Issue-ID: OOM-2576
Signed-off-by: SandeepLinux <Sandeep.Shah@att.com>
Change-Id: Ie13c7d190c08a4075058b97b352f4b71bbb0aa47
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Diffstat (limited to 'kubernetes/portal/components/portal-mariadb/templates')
-rw-r--r-- | kubernetes/portal/components/portal-mariadb/templates/deployment.yaml | 12 | ||||
-rw-r--r-- | kubernetes/portal/components/portal-mariadb/templates/secrets.yaml | 3 |
2 files changed, 15 insertions, 0 deletions
diff --git a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml index ec6cc50634..196a2d1ad4 100644 --- a/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-mariadb/templates/deployment.yaml @@ -69,6 +69,18 @@ spec: secretKeyRef: name: {{ template "common.fullname" . }} key: db-root-password + - name: MYSQL_USER + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: backend-db-user + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: backend-db-password + - name: PORTAL_DB_TABLES + value: {{ .Values.config.backend_portal_tables }} volumeMounts: - mountPath: /var/lib/mysql name: mariadb-data diff --git a/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml b/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml index ad1db77298..4415c5ebd0 100644 --- a/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml +++ b/kubernetes/portal/components/portal-mariadb/templates/secrets.yaml @@ -26,3 +26,6 @@ metadata: type: Opaque data: db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} +stringData: + backend-db-user: {{ .Values.config.backendDbUser }} + backend-db-password: {{ .Values.config.backendDbPassword }} |