Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Autogenerate random API Key with helm install if not passed #740

Open
wants to merge 6 commits into
base: master
Choose a base branch
from

Conversation

Revolyssup
Copy link
Contributor

This PR is part of the proposal which removes hardcoding of sensitive API keys by autogenerating them at either application level(APISIX) or deployment level(like helm chart.)

@@ -326,6 +326,8 @@ data:
- name: "admin"
{{- if .Values.apisix.admin.credentials.secretName }}
key: ${{"{{"}}APISIX_ADMIN_KEY{{"}}"}}
{{- else if eq .Values.apisix.admin.credentials.admin "" }}
key: {{ randAlphaNum 32 }}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How do users know the key? You need to add a prompt output.

Perhaps managing admin-key through a secret would be more appropriate.
What do you think?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this is in the confimap. Users can look at the configmap using kubectl to look at the key. Is there an issue there?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we can write how to get the key in the docs.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it regenerated when upgrading the version?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants