You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by ra...@apache.org on 2018/08/10 20:54:12 UTC
[incubator-openwhisk-deploy-kube] branch master updated: Use
whisk.auth from secrets instead of the default auths in the git repo (#273)
This is an automated email from the ASF dual-hosted git repository.
rabbah pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git
The following commit(s) were added to refs/heads/master by this push:
new 65928e4 Use whisk.auth from secrets instead of the default auths in the git repo (#273)
65928e4 is described below
commit 65928e49b66274c19b8957d1468390c3bb6193a5
Author: David Grove <dg...@users.noreply.github.com>
AuthorDate: Fri Aug 10 16:54:10 2018 -0400
Use whisk.auth from secrets instead of the default auths in the git repo (#273)
A modification of the fix suggested in PR#271 that mounts the whisk.auth
secrets in a volume instead of putting them environment variables.
---
helm/openwhisk/configMapFiles/initCouchDB/initdb.sh | 5 +++++
helm/openwhisk/templates/initCouchDBJob.yaml | 5 +++++
2 files changed, 10 insertions(+)
diff --git a/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh b/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh
index 976d6b0..181239f 100755
--- a/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh
+++ b/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh
@@ -4,6 +4,11 @@
# Clone OpenWhisk to get the ansible playbooks needed to initialize CouchDB
git clone https://github.com/apache/incubator-openwhisk /openwhisk
+# Copy the secrets whisk.auth.guest and whisk.auth.system into the cloned tree
+# overwriting the default values we cloned from git
+cp -f /etc/whisk-auth/guest /openwhisk/ansible/files/auth.guest
+cp -f /etc/whisk-auth/system /openwhisk/ansible/files/auth.whisk.system
+
# generate db_local.ini so the ansible jobs know how to access the database
pushd /openwhisk/ansible
ansible-playbook -i environments/local setup.yml
diff --git a/helm/openwhisk/templates/initCouchDBJob.yaml b/helm/openwhisk/templates/initCouchDBJob.yaml
index dc7506c..0856b07 100644
--- a/helm/openwhisk/templates/initCouchDBJob.yaml
+++ b/helm/openwhisk/templates/initCouchDBJob.yaml
@@ -19,6 +19,9 @@ spec:
- name: task-dir
configMap:
name: init-couchdb
+ - name: whisk-auth
+ secret:
+ secretName: whisk.auth
containers:
- name: init-couchdb
image: openwhisk/kube-whisk-ansible-runner
@@ -28,6 +31,8 @@ spec:
- name: task-dir
mountPath: "/task/initdb.sh"
subPath: "initdb.sh"
+ - name: whisk-auth
+ mountPath: "/etc/whisk-auth"
env:
- name: "DB_PROTOCOL"
valueFrom: