Skip to content

Commit 505d262

Browse files
bpareesbparees
authored
Merge pull request sclorg#48 from jupierce/migrate-passwords-to-secrets
Moving credentials into secrets
2 parents fbf2cfe + 0894147 commit 505d262

File tree

3 files changed

+74
-53
lines changed

3 files changed

+74
-53
lines changed

Diff for: openshift/templates/cakephp-mysql-persistent.json

+37-6
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,17 @@
1515
"template": "cakephp-mysql-persistent"
1616
},
1717
"objects": [
18+
{
19+
"kind": "Secret",
20+
"apiVersion": "v1",
21+
"metadata": {
22+
"name": "${NAME}"
23+
},
24+
"stringData" : {
25+
"databaseUser" : "${DATABASE_USER}",
26+
"databasePassword" : "${DATABASE_PASSWORD}"
27+
}
28+
},
1829
{
1930
"kind": "Service",
2031
"apiVersion": "v1",
@@ -212,11 +223,21 @@
212223
},
213224
{
214225
"name": "DATABASE_USER",
215-
"value": "${DATABASE_USER}"
226+
"valueFrom": {
227+
"secretKeyRef" : {
228+
"name" : "${NAME}",
229+
"key" : "databaseUser"
230+
}
231+
}
216232
},
217233
{
218234
"name": "DATABASE_PASSWORD",
219-
"value": "${DATABASE_PASSWORD}"
235+
"valueFrom": {
236+
"secretKeyRef" : {
237+
"name" : "${NAME}",
238+
"key" : "databasePassword"
239+
}
240+
}
220241
},
221242
{
222243
"name": "CAKEPHP_SECRET_TOKEN",
@@ -368,12 +389,22 @@
368389
},
369390
"env": [
370391
{
371-
"name": "MYSQL_USER",
372-
"value": "${DATABASE_USER}"
392+
"name": "MYSQL_USER",
393+
"valueFrom": {
394+
"secretKeyRef" : {
395+
"name" : "${NAME}",
396+
"key" : "databaseUser"
397+
}
398+
}
373399
},
374400
{
375-
"name": "MYSQL_PASSWORD",
376-
"value": "${DATABASE_PASSWORD}"
401+
"name": "MYSQL_PASSWORD",
402+
"valueFrom": {
403+
"secretKeyRef" : {
404+
"name" : "${NAME}",
405+
"key" : "databasePassword"
406+
}
407+
}
377408
},
378409
{
379410
"name": "MYSQL_DATABASE",

Diff for: openshift/templates/cakephp-mysql.json

+37-6
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,17 @@
1515
"template": "cakephp-mysql-example"
1616
},
1717
"objects": [
18+
{
19+
"kind": "Secret",
20+
"apiVersion": "v1",
21+
"metadata": {
22+
"name": "${NAME}"
23+
},
24+
"stringData" : {
25+
"databaseUser" : "${DATABASE_USER}",
26+
"databasePassword" : "${DATABASE_PASSWORD}"
27+
}
28+
},
1829
{
1930
"kind": "Service",
2031
"apiVersion": "v1",
@@ -212,11 +223,21 @@
212223
},
213224
{
214225
"name": "DATABASE_USER",
215-
"value": "${DATABASE_USER}"
226+
"valueFrom": {
227+
"secretKeyRef" : {
228+
"name" : "${NAME}",
229+
"key" : "databaseUser"
230+
}
231+
}
216232
},
217233
{
218234
"name": "DATABASE_PASSWORD",
219-
"value": "${DATABASE_PASSWORD}"
235+
"valueFrom": {
236+
"secretKeyRef" : {
237+
"name" : "${NAME}",
238+
"key" : "databasePassword"
239+
}
240+
}
220241
},
221242
{
222243
"name": "CAKEPHP_SECRET_TOKEN",
@@ -349,12 +370,22 @@
349370
},
350371
"env": [
351372
{
352-
"name": "MYSQL_USER",
353-
"value": "${DATABASE_USER}"
373+
"name": "MYSQL_USER",
374+
"valueFrom": {
375+
"secretKeyRef" : {
376+
"name" : "${NAME}",
377+
"key" : "databaseUser"
378+
}
379+
}
354380
},
355381
{
356-
"name": "MYSQL_PASSWORD",
357-
"value": "${DATABASE_PASSWORD}"
382+
"name": "MYSQL_PASSWORD",
383+
"valueFrom": {
384+
"secretKeyRef" : {
385+
"name" : "${NAME}",
386+
"key" : "databasePassword"
387+
}
388+
}
358389
},
359390
{
360391
"name": "MYSQL_DATABASE",

Diff for: openshift/templates/cakephp.json

-41
Original file line numberDiff line numberDiff line change
@@ -186,26 +186,6 @@
186186
}
187187
},
188188
"env": [
189-
{
190-
"name": "DATABASE_SERVICE_NAME",
191-
"value": "${DATABASE_SERVICE_NAME}"
192-
},
193-
{
194-
"name": "DATABASE_ENGINE",
195-
"value": "${DATABASE_ENGINE}"
196-
},
197-
{
198-
"name": "DATABASE_NAME",
199-
"value": "${DATABASE_NAME}"
200-
},
201-
{
202-
"name": "DATABASE_USER",
203-
"value": "${DATABASE_USER}"
204-
},
205-
{
206-
"name": "DATABASE_PASSWORD",
207-
"value": "${DATABASE_PASSWORD}"
208-
},
209189
{
210190
"name": "CAKEPHP_SECRET_TOKEN",
211191
"value": "${CAKEPHP_SECRET_TOKEN}"
@@ -287,27 +267,6 @@
287267
"generate": "expression",
288268
"from": "[a-zA-Z0-9]{40}"
289269
},
290-
{
291-
"name": "DATABASE_SERVICE_NAME",
292-
"displayName": "Database Service Name"
293-
},
294-
{
295-
"name": "DATABASE_ENGINE",
296-
"displayName": "Database Engine",
297-
"description": "Database engine: postgresql, mysql or sqlite (default)."
298-
},
299-
{
300-
"name": "DATABASE_NAME",
301-
"displayName": "Database Name"
302-
},
303-
{
304-
"name": "DATABASE_USER",
305-
"displayName": "Database User"
306-
},
307-
{
308-
"name": "DATABASE_PASSWORD",
309-
"displayName": "Database Password"
310-
},
311270
{
312271
"name": "CAKEPHP_SECRET_TOKEN",
313272
"displayName": "CakePHP Secret Token",

0 commit comments

Comments
 (0)