From 8a356987be3563a96c7e59c7bdcbccea97959d91 Mon Sep 17 00:00:00 2001 From: Judit Novak Date: Mon, 11 Sep 2023 17:25:45 +0200 Subject: [PATCH] Extra secrets --- interfaces/opensearch_client/v0/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/interfaces/opensearch_client/v0/README.md b/interfaces/opensearch_client/v0/README.md index bc3457b7..51e7fbe8 100644 --- a/interfaces/opensearch_client/v0/README.md +++ b/interfaces/opensearch_client/v0/README.md @@ -35,10 +35,11 @@ Passing sensitive information goes via Juju secrets. Corresponding pieces of inf - Is expected to provide the `endpoints` field containing all cluster endpoint addresses in a comma-separated list. - Is expected to provide the `version` field describing the installed version number of opensearch. - If the charm has TLS enabled (such as using the [TLS Certificates Operator](https://github.com/canonical/tls-certificates-operator)), it is expected to provide the CA chain as of the `tls-ca` field published within a Juju Secret. The secret itself is shared via the `secret-tls` field of the databag. +- If the Requirer asked for other than the default secrets, Provider is expected to define a `secret-extra` field holding the URI of the particular Juju Secret containing all additional secret values. ### Requirer -- Is expected to provide a list of field names, that are not to be exposed on the relation databag, but handled within Juju Secrets. List members should be separated by ' ' (space character), and correspond to valid Juju Secret keys (i.e. alphanumerical characters with a potential '-' (dash) character) +- Is expected to provide a list of field names, that are not to be exposed on the relation databag, but handled within Juju Secrets. List members should be separated by ' ' (space character), and correspond to valid Juju Secret keys (i.e. alphanumerical characters with a potential '-' (dash) character). Secret fields must contain `username` and `password` (and `tls-ca` in case TLS is enabled). - Is expected to provide an index name in the `index` field. - Is expected to manage its own index. - Indices are not created on the provider application when the relation is created. The `index` field exists to grant the correct permissions for the relation user, which the requirer charm uses to control its index.