Skip to content

Commit

Permalink
add secret and username handling
Browse files Browse the repository at this point in the history
  • Loading branch information
pmacius committed Oct 17, 2024
1 parent 82dee7e commit 0539a97
Show file tree
Hide file tree
Showing 3 changed files with 30 additions and 3 deletions.
8 changes: 7 additions & 1 deletion helm/alfresco-content-services/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -246,6 +246,12 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b
| elasticsearchAudit.clusterHealthCheckParams | string | `"wait_for_status=yellow&timeout=1s"` | |
| elasticsearchAudit.clusterName | string | `"elasticsearch-aas"` | |
| elasticsearchAudit.enabled | bool | `true` | Enables the embedded elasticsearch cluster for alfresco-audit-storage |
| elasticsearchAudit.extraEnvs[0].name | string | `"ELASTIC_USERNAME"` | |
| elasticsearchAudit.extraEnvs[0].valueFrom.secretKeyRef.key | string | `"AUDIT_ELASTICSEARCH_USERNAME"` | |
| elasticsearchAudit.extraEnvs[0].valueFrom.secretKeyRef.name | string | `"alfresco-aas-elasticsearch-secret"` | |
| elasticsearchAudit.extraEnvs[1].name | string | `"ELASTIC_PASSWORD"` | |
| elasticsearchAudit.extraEnvs[1].valueFrom.secretKeyRef.key | string | `"AUDIT_ELASTICSEARCH_PASSWORD"` | |
| elasticsearchAudit.extraEnvs[1].valueFrom.secretKeyRef.name | string | `"alfresco-aas-elasticsearch-secret"` | |
| elasticsearchAudit.ingress.annotations."nginx.ingress.kubernetes.io/rewrite-target" | string | `"/$2"` | |
| elasticsearchAudit.ingress.enabled | bool | `true` | |
| elasticsearchAudit.ingress.hosts[0].paths[0].path | string | `"/elasticsearch(/|$)(.*)"` | |
Expand Down Expand Up @@ -278,7 +284,7 @@ Please refer to the [documentation](https://github.com/Alfresco/acs-deployment/b
| keda.components | list | `[]` | The list of components that will be scaled by KEDA (chart names) |
| kibana.elasticsearchHosts | string | `""` | Makes sure there is no default elasticsearch hosts defined |
| kibana.enabled | bool | `true` | |
| kibana.extraEnvs | list | `[{"name":"SERVER_BASEPATH","value":"/kibana"},{"name":"SERVER_REWRITEBASEPATH","value":"true"},{"name":"ELASTICSEARCH_HOSTS","valueFrom":{"configMapKeyRef":{"key":"AUDIT_ELASTICSEARCH_URL","name":"alfresco-infrastructure"}}},{"name":"SERVER_PUBLICBASEURL","valueFrom":{"configMapKeyRef":{"key":"AUDIT_SERVER_PUBLICBASEURL","name":"alfresco-infrastructure"}}}]` | All of the values has to be set there to escape the issue with overriding the values |
| kibana.extraEnvs | list | `[{"name":"SERVER_BASEPATH","value":"/kibana"},{"name":"SERVER_REWRITEBASEPATH","value":"true"},{"name":"ELASTICSEARCH_HOSTS","valueFrom":{"configMapKeyRef":{"key":"AUDIT_ELASTICSEARCH_URL","name":"alfresco-infrastructure"}}},{"name":"SERVER_PUBLICBASEURL","valueFrom":{"configMapKeyRef":{"key":"AUDIT_SERVER_PUBLICBASEURL","name":"alfresco-infrastructure"}}},{"name":"ELASTICSEARCH_USERNAME","valueFrom":{"secretKeyRef":{"key":"AUDIT_ELASTICSEARCH_USERNAME","name":"alfresco-aas-elasticsearch-secret"}}},{"name":"ELASTICSEARCH_PASSWORD","valueFrom":{"secretKeyRef":{"key":"AUDIT_ELASTICSEARCH_PASSWORD","name":"alfresco-aas-elasticsearch-secret"}}}]` | All of the values has to be set there to escape the issue with overriding the values |
| kibana.healthCheckPath | string | `"/kibana/app/kibana"` | |
| kibana.ingress.enabled | bool | `true` | |
| kibana.ingress.hosts[0].paths[0].path | string | `"/kibana"` | |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ metadata:
{{- include "alfresco-content-services.labels" $ | nindent 4 }}
type: Opaque
data:
AUDIT_ELASTICSEARCH_USERNAME: {{ .username | default "" | b64enc | quote }}
AUDIT_ELASTICSEARCH_PASSWORD: {{ .password | default "" | b64enc | quote }}
AUDIT_ELASTICSEARCH_USERNAME: {{ .username | default "elastic" | b64enc | quote }}
AUDIT_ELASTICSEARCH_PASSWORD: {{ .password | default "elastic" | b64enc | quote }}
{{- end }}
{{- end }}
21 changes: 21 additions & 0 deletions helm/alfresco-content-services/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -558,6 +558,17 @@ elasticsearchAudit:
replicas: 1
clusterHealthCheckParams: "wait_for_status=yellow&timeout=1s"
clusterName: elasticsearch-aas
extraEnvs:
- name: ELASTIC_USERNAME
valueFrom:
secretKeyRef:
name: *aas_elasticsearch_secretName
key: AUDIT_ELASTICSEARCH_USERNAME
- name: ELASTIC_PASSWORD
valueFrom:
secretKeyRef:
name: *aas_elasticsearch_secretName
key: AUDIT_ELASTICSEARCH_PASSWORD
ingress:
enabled: true
annotations:
Expand Down Expand Up @@ -609,6 +620,16 @@ kibana:
configMapKeyRef:
name: *infrastructure_cmName
key: AUDIT_SERVER_PUBLICBASEURL
- name: ELASTICSEARCH_USERNAME
valueFrom:
secretKeyRef:
name: *aas_elasticsearch_secretName
key: AUDIT_ELASTICSEARCH_USERNAME
- name: ELASTICSEARCH_PASSWORD
valueFrom:
secretKeyRef:
name: *aas_elasticsearch_secretName
key: AUDIT_ELASTICSEARCH_PASSWORD
ingress:
enabled: true
hosts:
Expand Down

0 comments on commit 0539a97

Please sign in to comment.