From d189f0f0d3cdcf38cc23ac13ebd16ed26d3cfca9 Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Tue, 16 Mar 2021 18:19:51 +0100 Subject: [PATCH] [VID] Use obfuscated password for truststore VID expects truststore password to be obfuscated using jetty-util. Issue-ID: OOM-1 Change-Id: I3d44524f7e89f026dfa27ac7d247028ccd598850 Signed-off-by: Krzysztof Opasiak --- kubernetes/vid/values.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 4510dc6908..5e4a0ecc78 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -64,7 +64,7 @@ certInitializer: else echo "*** changing them into shell safe ones" export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + export TRUSTORE_PASSWD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U cd {{ .Values.credsPath }} keytool -storepasswd -new "${KEYSTORE_PASSWD}" \ -storepass "${cadi_keystore_password_jks}" \ @@ -79,7 +79,7 @@ certInitializer: -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }} echo "*** save the generated passwords" echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop - echo "VID_TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop + echo "VID_TRUSTSTORE_PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp" >> mycreds.prop echo "*** change ownership of certificates to targeted user" chown -R 1000 . fi @@ -114,7 +114,6 @@ config: mariadb-galera: db: - user: sdnctl # password: externalSecret: *dbUserSecretName name: &mysqlDbName vid_openecomp_epsdk -- 2.16.6