This patch remove hardcoded healthcheck credentials from pap.
Issue-ID: OOM-2342
Change-Id: I8dc2a1b0a84a18215403aabc8ae9b2a25387c3d7
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
"restServerParameters":{
"host":"0.0.0.0",
"port":6969,
- "userName":"healthcheck",
- "password":"zb!XztG34",
+ "userName":"${RESTSERVER_USER}",
+ "password":"${RESTSERVER_PASSWORD}",
"https": true,
"aaf": false
},
"clientName": "api",
"hostname": "policy-api",
"port": 6969,
- "userName": "healthcheck",
- "password": "zb!XztG34",
+ "userName": "${API_USER}",
+ "password": "${API_PASSWORD}",
"useHttps": true,
"basePath": "policy/api/v1/healthcheck"
},
"clientName": "distribution",
"hostname": "policy-distribution",
"port": 6969,
- "userName": "healthcheck",
- "password": "zb!XztG34",
+ "userName": "${DISTRIBUTION_USER}",
+ "password": "${DISTRIBUTION_PASSWORD}",
"useHttps": true,
"basePath": "healthcheck"
}]
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
- name: SQL_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+ - name: RESTSERVER_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "login") | indent 10 }}
+ - name: RESTSERVER_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-secret" "key" "password") | indent 10 }}
+ - name: API_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-secret" "key" "login") | indent 10 }}
+ - name: API_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-secret" "key" "password") | indent 10 }}
+ - name: DISTRIBUTION_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "login") | indent 10 }}
+ - name: DISTRIBUTION_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "password") | indent 10 }}
volumeMounts:
- mountPath: /config-input
name: papconfig
login: '{{ .Values.db.user }}'
password: '{{ .Values.db.password }}'
passwordPolicy: required
+ - uid: restserver-secret
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
+ login: '{{ .Values.restServer.user }}'
+ password: '{{ .Values.restServer.password }}'
+ passwordPolicy: required
+ - uid: api-secret
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.healthCheckRestClient.api.credsExternalSecret) . }}'
+ login: '{{ .Values.healthCheckRestClient.api.user }}'
+ password: '{{ .Values.healthCheckRestClient.api.password }}'
+ passwordPolicy: required
+ - uid: distribution-secret
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.healthCheckRestClient.distribution.credsExternalSecret) . }}'
+ login: '{{ .Values.healthCheckRestClient.distribution.user }}'
+ password: '{{ .Values.healthCheckRestClient.distribution.password }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
db:
user: policy_user
password: policy_user
+restServer:
+ user: healthcheck
+ password: zb!XztG34
+healthCheckRestClient:
+ api:
+ user: healthcheck
+ password: zb!XztG34
+ distribution:
+ user: healthcheck
+ password: zb!XztG34
# default number of instances
replicaCount: 1