Use common secret template in drools module instead of putting db
credentials in a single secret file to allow usage of external secret
mechanism.
For now db creds are hardcoded but will be remove in further commits.
Issue-ID: OOM-2342
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I377b71d76b0b37e919ea841586bb6d5c22107952
REPOSITORY_USERNAME={{.Values.nexus.user}}
REPOSITORY_PASSWORD={{.Values.nexus.password}}
REPOSITORY_USERNAME={{.Values.nexus.user}}
REPOSITORY_PASSWORD={{.Values.nexus.password}}
-SQL_USER={{.Values.db.user}}
-SQL_PASSWORD={{.Values.db.password}}
-
PDPD_CONFIGURATION_API_KEY={{.Values.dmaap.brmsgw.key}}
PDPD_CONFIGURATION_API_SECRET={{.Values.dmaap.brmsgw.secret}}
PDPD_CONFIGURATION_API_KEY={{.Values.dmaap.brmsgw.key}}
PDPD_CONFIGURATION_API_SECRET={{.Values.dmaap.brmsgw.secret}}
# See the License for the specific language governing permissions and
# limitations under the License.
# See the License for the specific language governing permissions and
# limitations under the License.
+{{ include "common.secret" . }}
+---
apiVersion: v1
kind: Secret
metadata:
apiVersion: v1
kind: Secret
metadata:
env:
- name: REPLICAS
value: "{{ .Values.replicaCount }}"
env:
- name: REPLICAS
value: "{{ .Values.replicaCount }}"
+ - name: SQL_USER
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+ - name: SQL_PASSWORD
+ {{- include "common.secret.envFromSecret" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
volumeMounts:
- mountPath: /etc/localtime
name: localtime
volumeMounts:
- mountPath: /etc/localtime
name: localtime
loggingImage: beats/filebeat:5.5.0
ubuntuImage: ubuntu:16.04
loggingImage: beats/filebeat:5.5.0
ubuntuImage: ubuntu:16.04
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-secret
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
+ login: '{{ .Values.db.user }}'
+ password: '{{ .Values.db.password }}'
+ passwordPolicy: required
+
#################################################################
# Application configuration defaults.
#################################################################
#################################################################
# Application configuration defaults.
#################################################################