Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: randomly generate admin password #167

Merged
merged 4 commits into from
May 29, 2024
Merged

feat: randomly generate admin password #167

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e26f235
feat: randomly generate admin password
adityathebe Apr 16, 2024
384967c
chore: fix comment spacing
adityathebe Apr 16, 2024
5b88302
fix: use existing secret
adityathebe Apr 22, 2024
00f199b
fix: admin password
adityathebe Apr 22, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion chart/templates/deployment.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,10 @@ spec:
name: {{ .Values.db.jwtSecretKeyRef.name }}
key: {{ .Values.db.jwtSecretKeyRef.key }}
- name: ADMIN_PASSWORD
value: {{ .Values.adminPassword }}
valueFrom:
secretKeyRef:
name: {{ .Values.adminPassword.secretKeyRef.name }}
key: {{ .Values.adminPassword.secretKeyRef.key }}
envFrom:
- secretRef:
name: {{ .Values.smtp.secretRef.name }}
Expand Down
22 changes: 21 additions & 1 deletion chart/templates/secrets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,16 @@
{{- $kratosSecret := ((lookup "v1" "Secret" .Release.Namespace (include "kratos-im.secretname" .)).data | default dict) -}}
{{- $kratosDSN := (print "postgres://" $user ":" $password "@" $host "/" $database) -}}

## Admin Password
{{- $adminPasswordSecretInj := ( lookup "v1" "Secret" .Release.Namespace "mission-control-password" ) | default dict}}
{{- $adminpasswordSecretInjData := ( get $adminPasswordSecretInj "data" ) | default dict }}
adityathebe marked this conversation as resolved.
Show resolved Hide resolved

{{- $adminPasswordSecret := ( lookup "v1" "Secret" .Release.Namespace .Values.adminPassword.secretKeyRef.name ) | default dict}}
{{- $adminpasswordSecretData := ( get $adminPasswordSecret "data" ) | default dict }}

{{- $adminPassword := (( get $adminpasswordSecretInjData "password") | b64dec ) | default (( get $adminpasswordSecretData "password") | b64dec ) | default ( randAlphaNum 12 ) }}
adityathebe marked this conversation as resolved.
Show resolved Hide resolved
###

{{- if .Values.db.create }}
---
apiVersion: v1
Expand All @@ -44,9 +54,19 @@ stringData:
SSLMODE: {{ $sslmode | quote }}
DB_URL: {{ (print "postgres://" $user ":" $password "@" $postgresHost "/" $database "?sslmode=" $sslmode ) | quote }}
DATABASE: {{ $database | quote }}

{{- end }}

{{- if .Values.adminPassword.secretKeyRef.create }}
---
apiVersion: v1
kind: Secret
metadata:
name: {{ .Values.adminPassword.secretKeyRef.name }}
type: Opaque
stringData:
password: {{$adminPassword | quote}}
{{- end}}

{{- if eq .Values.authProvider "kratos" }}
---
apiVersion: v1
Expand Down
7 changes: 6 additions & 1 deletion chart/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,24 +90,24 @@
work_mem: 10MB
max_wal_size: 4GB
log_autovacuum_min_duration: 0
log_connections: on

Check warning on line 93 in chart/values.yaml

View workflow job for this annotation

GitHub Actions / lint 

93:22 [truthy] truthy value should be one of [false, true]
log_destination: "stderr"
log_directory: "/var/log/postgresql"
log_file_mode: 0644
log_filename: "postgresql.log"
log_line_prefix: "%m [%p] %q[user=%u,db=%d,app=%a] "
log_lock_waits: on

Check warning on line 99 in chart/values.yaml

View workflow job for this annotation

GitHub Actions / lint 

99:21 [truthy] truthy value should be one of [false, true]
log_min_duration_statement: "1s"
log_rotation_age: 0
log_rotation_size: 0
log_statement: "all"
log_temp_files: 0
log_timezone: "UTC"
logging_collector: on

Check warning on line 106 in chart/values.yaml

View workflow job for this annotation

GitHub Actions / lint 

106:24 [truthy] truthy value should be one of [false, true]
ssl: off

Check warning on line 107 in chart/values.yaml

View workflow job for this annotation

GitHub Actions / lint 

107:10 [truthy] truthy value should be one of [false, true]
timezone: "UTC"
password_encryption: scram-sha-256
db_user_namespace: off

Check warning on line 110 in chart/values.yaml

View workflow job for this annotation

GitHub Actions / lint 

110:24 [truthy] truthy value should be one of [false, true]
extra_float_digits: 0
secretKeyRef:
name: incident-commander-postgres
Expand All @@ -133,7 +133,12 @@
# SMTP_PORT: <port>
# SMTP_USER: <user>
# SMTP_PASSWORD: <password>
adminPassword: admin
adminPassword:
secretKeyRef:
# set to false if you want to pass in an existing secret
create: true
name: mission-control-admin-password
key: password
canary-checker:
image:
type: full
Expand Down
Loading