You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@openwhisk.apache.org by ra...@apache.org on 2018/08/10 20:54:12 UTC

[incubator-openwhisk-deploy-kube] branch master updated: Use whisk.auth from secrets instead of the default auths in the git repo (#273)

This is an automated email from the ASF dual-hosted git repository.

rabbah pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git


The following commit(s) were added to refs/heads/master by this push:
     new 65928e4  Use whisk.auth from secrets instead of the default auths in the git repo (#273)
65928e4 is described below

commit 65928e49b66274c19b8957d1468390c3bb6193a5
Author: David Grove <dg...@users.noreply.github.com>
AuthorDate: Fri Aug 10 16:54:10 2018 -0400

    Use whisk.auth from secrets instead of the default auths in the git repo (#273)
    
    A modification of the fix suggested in PR#271 that mounts the whisk.auth
    secrets in a volume instead of putting them environment variables.
---
 helm/openwhisk/configMapFiles/initCouchDB/initdb.sh | 5 +++++
 helm/openwhisk/templates/initCouchDBJob.yaml        | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh b/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh
index 976d6b0..181239f 100755
--- a/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh
+++ b/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh
@@ -4,6 +4,11 @@
 # Clone OpenWhisk to get the ansible playbooks needed to initialize CouchDB
 git clone https://github.com/apache/incubator-openwhisk /openwhisk
 
+# Copy the secrets whisk.auth.guest and whisk.auth.system into the cloned tree
+# overwriting the default values we cloned from git
+cp -f /etc/whisk-auth/guest /openwhisk/ansible/files/auth.guest
+cp -f /etc/whisk-auth/system /openwhisk/ansible/files/auth.whisk.system
+
 # generate db_local.ini so the ansible jobs know how to access the database
 pushd /openwhisk/ansible
     ansible-playbook -i environments/local setup.yml
diff --git a/helm/openwhisk/templates/initCouchDBJob.yaml b/helm/openwhisk/templates/initCouchDBJob.yaml
index dc7506c..0856b07 100644
--- a/helm/openwhisk/templates/initCouchDBJob.yaml
+++ b/helm/openwhisk/templates/initCouchDBJob.yaml
@@ -19,6 +19,9 @@ spec:
       - name: task-dir
         configMap:
           name: init-couchdb
+      - name: whisk-auth
+        secret:
+          secretName: whisk.auth
       containers:
       - name: init-couchdb
         image: openwhisk/kube-whisk-ansible-runner
@@ -28,6 +31,8 @@ spec:
         - name: task-dir
           mountPath: "/task/initdb.sh"
           subPath: "initdb.sh"
+        - name: whisk-auth
+          mountPath: "/etc/whisk-auth"
         env:
         - name: "DB_PROTOCOL"
           valueFrom: