From 9cb8203749334feff087412a6903b719514b5fb0 Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Tue, 5 May 2020 12:04:31 +0200 Subject: [DCAEGEN2][bootstrap] Use common secret template for postgres credentials Even through we use common secret template both passwords are still hardcoded in common postgres chart but this will be removed as a final step just like we did for mariadb-galera. Issue-ID: OOM-2250 Signed-off-by: Krzysztof Opasiak Change-Id: Icaa5334d6ebad4fbce23ed4f59b74448c02783cf --- .../dcaegen2/components/dcae-bootstrap/values.yaml | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) (limited to 'kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml') diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml index a5bd69af02..5fcd916989 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml @@ -28,6 +28,15 @@ global: loggingImage: beats/filebeat:5.5.0 tlsRepository: nexus3.onap.org:10001 tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 + envsubstImage: dibi/envsubst + +secrets: + - uid: pg-root-pass + name: &pgRootPassSecretName '{{ include "common.release" . }}-dcae-bootstrap-pg-root-pass' + type: password + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "dcae-bootstrap-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' + password: '{{ .Values.postgres.config.pgRootpassword }}' + policy: generate config: logstashServiceName: log-ls @@ -77,21 +86,10 @@ postgres: primary: dcae-pg-primary replica: dcae-pg-replica config: - pgPrimaryPassword: onapdemodb - pgRootPassword: onapdemodb + pgRootPasswordExternalSecret: *pgRootPassSecretName persistence: mountSubPath: dcae/data mountInitPath: dcae - pgpool: - nameOverride: dcae-pgpool - service: - name: dcae-pgpool - credentials: - pgpassword: onapdemodb - container: - name: - primary: dcae-pgpool-primary - replica: dcae-pgpool-replica mongo: nameOverride: dcae-mongo -- cgit 1.2.3-korg