From: Krzysztof Opasiak Date: Tue, 27 Oct 2020 18:02:50 +0000 (+0000) Subject: Merge "[PORTAL ] Non-root user DB access from WMS" X-Git-Tag: 7.0.0~67 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=69fbda4273773cf91b6c5770d37ea271105302fa;hp=-c;p=oom.git Merge "[PORTAL ] Non-root user DB access from WMS" --- 69fbda4273773cf91b6c5770d37ea271105302fa diff --combined kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml index 08a9714506,3d7f9a8056..f3da66f882 --- a/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml +++ b/kubernetes/portal/components/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml @@@ -1,4 -1,3 +1,4 @@@ +{{/* # Copyright © 2018 Amdocs, Bell Canada, AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); @@@ -12,8 -11,7 +12,8 @@@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} jasypt: encryptor: - password: EncryptionKey + password: ${JASYPT_ENC_KEY} diff --combined kubernetes/portal/components/portal-widget/templates/deployment.yaml index 9d345d909b,44d7fc467e..eb6fc9eeee --- a/kubernetes/portal/components/portal-widget/templates/deployment.yaml +++ b/kubernetes/portal/components/portal-widget/templates/deployment.yaml @@@ -1,4 -1,3 +1,4 @@@ +{{/* # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018 AT&T # @@@ -13,7 -12,6 +13,7 @@@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +*/}} apiVersion: apps/v1 kind: Deployment @@@ -51,6 -49,40 +51,40 @@@ spec fieldRef: apiVersion: v1 fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-portal-widget-config + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - "-c" + - | + cd /config-input && \ + for PFILE in `ls -1 *.*` + do + envsubst <${PFILE} >/config/${PFILE} + chmod 0755 /config/${PFILE} + done + env: + - name: PORTAL_DB_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "login") | indent 12 }} + - name: PORTAL_DB_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-backend-db" "key" "password") | indent 12 }} + - name: WIDGET_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-widget" "key" "login") | indent 12 }} + - name: WIDGET_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-widget" "key" "password") | indent 12 }} + - name: ACC_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-account" "key" "login") | indent 12 }} + - name: ACC_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "portal-account" "key" "password") | indent 12 }} + - name: JASYPT_ENC_KEY + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "jasypt-enc-key" "key" "password") | indent 12 }} + volumeMounts: + - mountPath: /config-input + name: properties-onapwidgetms-scrubbed + - mountPath: /config + name: properties-onapwidgetms containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@@ -96,6 -128,9 +130,9 @@@ hostPath: path: /etc/localtime - name: properties-onapwidgetms + emptyDir: + medium: Memory + - name: properties-onapwidgetms-scrubbed configMap: name: {{ include "common.fullname" . }}-onapwidgetms defaultMode: 0755