diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-20 21:29:45 +0100 |
|---|---|---|
| committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-02-21 00:42:24 +0100 |
| commit | b9d50c917cc9eb507483be32587f42d567c827dd (patch) | |
| tree | e439c93c6c80a74ea2c23c2ac977e3c140547648 /kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config | |
| parent | 62cb98b8def94cd365d2f19b5daac596e546f5bb (diff) | |
[SDNC] Use common secret template in ansible-server
Whole SDNC strongly depends on the assumption that it is using a
common mariadb-galera instance and that root password is secret
password. Also user and password to sdnc DB is hardcoded.
Let's start working on removing this assumption and component by
component add support for local and shared mariadb instance without
hardcoding any passwords to the database.
In this patch all passwords are still hardcoded in the helm chart to
not break other parts of SDNC. Those values will be removed in a final patch.
Issue-ID: OOM-2309
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Idb460e72301dd63082d7890d34fea923df3ac426
Diffstat (limited to 'kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config')
| -rw-r--r-- | kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config index eb88d7236b..7dc5c19e12 100644 --- a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config +++ b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config @@ -13,33 +13,33 @@ # limitations under the License. # Host definition -ip: 0.0.0.0 -port: {{.Values.service.internalPort}} +ip: 0.0.0.0 +port: {{.Values.service.internalPort}} # Security (controls use of TLS encrypton and RestServer authentication) -tls: no -auth: no +tls: no +auth: no # TLS certificates (must be built on application host) -priv: provide_privated_key.pem -pub: provide_public_key.pem +priv: provide_privated_key.pem +pub: provide_public_key.pem # RestServer authentication -id: sdnc -psswd: sdnc +id: ${REST_USER} +psswd: ${REST_PASSWORD} # Mysql -host: {{.Values.config.mariadbGalera.serviceName}} -user: sdnc -passwd: sdnc -db: ansible +host: {{ include "common.mariadbService" $ }} +user: ${DB_USER} +passwd: ${DB_PASSWORD} +db: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }} # Playbooks -from_files: yes -ansible_path: /opt/onap/sdnc/Playbooks -ansible_inv: Ansible_inventory -ansible_temp: PlaybooksTemp -timeout_seconds: 60 +from_files: yes +ansible_path: /opt/onap/sdnc/Playbooks +ansible_inv: Ansible_inventory +ansible_temp: PlaybooksTemp +timeout_seconds: 60 # Blocking on GetResults -getresults_block: yes +getresults_block: yes |