aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-02-20 21:29:45 +0100
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-02-21 00:42:24 +0100
commitb9d50c917cc9eb507483be32587f42d567c827dd (patch)
treee439c93c6c80a74ea2c23c2ac977e3c140547648 /kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
parent62cb98b8def94cd365d2f19b5daac596e546f5bb (diff)
[SDNC] Use common secret template in ansible-server
Whole SDNC strongly depends on the assumption that it is using a common mariadb-galera instance and that root password is secret password. Also user and password to sdnc DB is hardcoded. Let's start working on removing this assumption and component by component add support for local and shared mariadb instance without hardcoding any passwords to the database. In this patch all passwords are still hardcoded in the helm chart to not break other parts of SDNC. Those values will be removed in a final patch. Issue-ID: OOM-2309 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Idb460e72301dd63082d7890d34fea923df3ac426
Diffstat (limited to 'kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config')
-rw-r--r--kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config36
1 files changed, 18 insertions, 18 deletions
diff --git a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
index eb88d7236b..7dc5c19e12 100644
--- a/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
+++ b/kubernetes/sdnc/charts/sdnc-ansible-server/resources/config/RestServer_config
@@ -13,33 +13,33 @@
# limitations under the License.
# Host definition
-ip: 0.0.0.0
-port: {{.Values.service.internalPort}}
+ip: 0.0.0.0
+port: {{.Values.service.internalPort}}
# Security (controls use of TLS encrypton and RestServer authentication)
-tls: no
-auth: no
+tls: no
+auth: no
# TLS certificates (must be built on application host)
-priv: provide_privated_key.pem
-pub: provide_public_key.pem
+priv: provide_privated_key.pem
+pub: provide_public_key.pem
# RestServer authentication
-id: sdnc
-psswd: sdnc
+id: ${REST_USER}
+psswd: ${REST_PASSWORD}
# Mysql
-host: {{.Values.config.mariadbGalera.serviceName}}
-user: sdnc
-passwd: sdnc
-db: ansible
+host: {{ include "common.mariadbService" $ }}
+user: ${DB_USER}
+passwd: ${DB_PASSWORD}
+db: {{ index .Values "mariadb-galera" "config" "mysqlDatabase" }}
# Playbooks
-from_files: yes
-ansible_path: /opt/onap/sdnc/Playbooks
-ansible_inv: Ansible_inventory
-ansible_temp: PlaybooksTemp
-timeout_seconds: 60
+from_files: yes
+ansible_path: /opt/onap/sdnc/Playbooks
+ansible_inv: Ansible_inventory
+ansible_temp: PlaybooksTemp
+timeout_seconds: 60
# Blocking on GetResults
-getresults_block: yes
+getresults_block: yes