[Proposition] Use the vault kv2 key to store all the parameters #298
Labels
Comments
|
This is a great improvement over what you already have there. So clearly +1. Is there any chance you might need multiple accounts for a service? |
|
+1 Too |
Yes certainly as a Service is never installed to be used by one user ;-) |
aureamunoz
added a commit
to aureamunoz/servicebox-poc
that referenced
this issue
May 4, 2023
cmoulliard
added a commit
that referenced
this issue
May 9, 2023
* Adding the crossplane helm release CRD to the list of the urls to be converted to java classes Signed-off-by: Charles Moulliard <[email protected]> * Create a release-postgresql.yml to install the postgresql Helm chart. Updating the documentation of crossplane.md Signed-off-by: Charles Moulliard <[email protected]> * WIP. Add a methof to generate the crossplane Release Signed-off-by: Charles Moulliard <[email protected]> * WIP. Instantiate the different builders needed Signed-off-by: Charles Moulliard <[email protected]> * WIP. Top be improved as code looks horrible suing builders Signed-off-by: Charles Moulliard <[email protected]> * Refactored the code of the Crossplane Release Builder Signed-off-by: Charles Moulliard <[email protected]> * Format the code. change the name of the Services from Register to Services catalog. Set the missing properties Signed-off-by: Charles Moulliard <[email protected]> * Reviewed the wording of the home page Signed-off-by: Charles Moulliard <[email protected]> * WIP. Adding a second column to the form. Still have issue with the fields validation Signed-off-by: Charles Moulliard <[email protected]> * Added missing fields of the ServiceRequest form Signed-off-by: Charles Moulliard <[email protected]> * Rename <div to <form to fix the issue. Fix #309 Signed-off-by: Charles Moulliard <[email protected]> * Add a TODO about how to get for a Service the cluster object which is needed to create the kubernetesClient Signed-off-by: Charles Moulliard <[email protected]> * Implementing the call to the method to deploy the service if installable is true. To be tested with crossplane Signed-off-by: Charles Moulliard <[email protected]> * Including the source generated dir Signed-off-by: Charles Moulliard <[email protected]> * Add usage to primaza.sh script. Removing the function to install kind. Remove the hardcoded registry name Signed-off-by: Charles Moulliard <[email protected]> * Updating the instructions to install crossplane Signed-off-by: Charles Moulliard <[email protected]> * Reformat the exception Signed-off-by: Charles Moulliard <[email protected]> * Removing non needed module Signed-off-by: Charles Moulliard <[email protected]> * Removing the 2 builder classes that we dont use anymore Signed-off-by: Charles Moulliard <[email protected]> * remove not needed * Rename usage to primazaUsage Signed-off-by: Charles Moulliard <[email protected]> * Renamed the label from installable to To be provisioned. Fix some errors with primaza script and update README Signed-off-by: Charles Moulliard <[email protected]> * Change the column size from 2 to 5 Signed-off-by: Charles Moulliard <[email protected]> * Deploy atomic fruits using its helm chart * Add the non neded namespace. Pass the env vars to configure the VAUKT URL for localdeploy Signed-off-by: Charles Moulliard <[email protected]> * Set the Release Chart fields using the Service object Signed-off-by: Charles Moulliard <[email protected]> * store secret data in form of key, value Related to #298 * Fixing differnt issues to install crossplane and helm provider Signed-off-by: Charles Moulliard <[email protected]> * Changing order to delete resources Signed-off-by: Charles Moulliard <[email protected]> * Format java class Signed-off-by: Charles Moulliard <[email protected]> * Enable the debug for helm provider Signed-off-by: Charles Moulliard <[email protected]> * Created a new project to play with crossplane composite/composition Signed-off-by: Charles Moulliard <[email protected]> * Updated the script to also install the kubernetes provider Signed-off-by: Charles Moulliard <[email protected]> * Renaming the name from postgresql-db to postgresql Signed-off-by: Charles Moulliard <[email protected]> * Removing the Kubernetest providerconfig as this is not needed Signed-off-by: Charles Moulliard <[email protected]> * Renaming the resource from password to secret like also the providerConfigref of kubernetes as non needed * Still no luck to base64 the fields Signed-off-by: Charles Moulliard <[email protected]> * Set the value to selected if the service.installable is true Signed-off-by: Charles Moulliard <[email protected]> * Fixing the issue as the boolean of the request was not saved due to uncorrect type used: boolan -> string Signed-off-by: Charles Moulliard <[email protected]> * Added helm information to the service to be deployed Signed-off-by: Charles Moulliard <[email protected]> * Adding the missing space Signed-off-by: Charles Moulliard <[email protected]> * Add new namespaces to be excluded by default for the cluster Signed-off-by: Charles Moulliard <[email protected]> * Moving the code before to test if service is null, passing th namespace which is required to the Helm Release CR Signed-off-by: Charles Moulliard <[email protected]> * Removing the command to install the DB as we will provision it using crossplane. Disable the quarkus fruits helm chart to install also th DB. * Use the cluster coming from the Service or Application * Remove the step to upload to kind the docker image as it is uploaded to the docker registry Signed-off-by: Charles Moulliard <[email protected]> * Adding more logging as binding is failing as url is null ! * Fixing with hard coded valued the binding Signed-off-by: Charles Moulliard <[email protected]> * Use the same chart version as tested whn we install manually the chart Signed-off-by: Charles Moulliard <[email protected]> * Increase vault slep time to let vault to be started. Implement the code to delete the Relasewhen we unbind. Fix the issue as the Helm chart values were not set properly. Rename the tile of the claim UI Signed-off-by: Charles Moulliard <[email protected]> * Review the wording about the service available Signed-off-by: Charles Moulliard <[email protected]> * Updatd the code to support to create a claim before to claim and to use the modal window Signed-off-by: Charles Moulliard <[email protected]> * Add if check to delete the Release only if the service installable is true. Be more verbose about what we log to scan/find services. Test within the listDiscoveredTable.html if the service.cluster exists like service.cluster.name Signed-off-by: Charles Moulliard <[email protected]> * Creating a new class to collect the discovered services Signed-off-by: Charles Moulliard <[email protected]> * Fixing wrong findAll call Signed-off-by: Charles Moulliard <[email protected]> * Mapping the kubernetes svc discovered withlistdiscoveredTable - HTML Signed-off-by: Charles Moulliard <[email protected]> * Add a test to chck if claim.service.installable is not null Signed-off-by: Charles Moulliard <[email protected]> * Reformat the code Signed-off-by: Charles Moulliard <[email protected]> --------- Signed-off-by: Charles Moulliard <[email protected]> Co-authored-by: Auri Munoz <[email protected]> Co-authored-by: Aurea Muñoz Hernández <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Proposition
Until now, we use the following kv key to store the username/password. Primaza, when it will read the content of the key assumes that the first parameter corresponds to the username and the second as the password
Remark: While this approach is minimalist and simplistic, it do not guarantee that the first parameter is well the username like alse the second the password
I would like to propose that we store under the secret path the different parameters such as username, password, database, ...
This way of working is currently supported by the kv2 storing engine
One immediate benefit of this approach will be that Primaza can control if the expected keys are well present.
WDYT ? @aureamunoz @Sgitario @iocanel @dperaza4dustbit @filariow
The text was updated successfully, but these errors were encountered: