Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Secure minio password handling #3866

Merged
merged 2 commits into from May 7, 2019

Conversation

@m00g3n
Copy link
Contributor

commented Apr 25, 2019

Description
Get rid of minio static password

Changes proposed in this pull request:

  • Secure minio password handling

Related issue(s)

See also: #3834

@m00g3n

This comment has been minimized.

Copy link
Contributor Author

commented Apr 26, 2019

/test all

@m00g3n m00g3n force-pushed the m00g3n:rm_minio_static_passwd_#3834 branch from b19fa20 to b28cbe8 Apr 26, 2019

@@ -10,7 +10,7 @@ metadata:
heritage: {{ .Release.Service }}
type: Opaque
data:
accesskey: {{ .Values.accessKey | b64enc }}
secretkey: {{ .Values.secretKey | b64enc }}
accesskey: {{ randAlphaNum 40 | b64enc | quote }}

This comment has been minimized.

Copy link
@michal-hudy

michal-hudy Apr 26, 2019

Member

It should be possible to provide a custom value. So please make it like here:
https://github.com/helm/charts/blob/master/stable/grafana/templates/secret.yaml#L14
or like here:

APP_EXTERNAL_ENDPOINT: {{ if .Values.externalEndpoint }}{{ .Values.externalEndpoint }}{{ else }}'https://minio.{{ .Values.global.ingress.domainName }}'{{ end }}

@m00g3n m00g3n force-pushed the m00g3n:rm_minio_static_passwd_#3834 branch from b28cbe8 to 59adaeb Apr 26, 2019

@michal-hudy

This comment has been minimized.

Copy link
Member

commented Apr 26, 2019

/retest

@@ -10,7 +10,7 @@ metadata:
heritage: {{ .Release.Service }}
type: Opaque
data:
accesskey: {{ .Values.accessKey | b64enc }}
secretkey: {{ .Values.secretKey | b64enc }}
accesskey: {{ if .Values.accessKey }}{{ .Values.accessKey | b64enc }}{{ else }}{{ randAlphaNum 40 | b64enc | quote }}{{ end }}

This comment has been minimized.

Copy link
@michal-hudy

michal-hudy Apr 29, 2019

Member

Sorry, I missed that. Access Key can have at max 20 characters:
https://github.com/helm/charts/tree/master/stable/minio

@pkosiec

pkosiec approved these changes May 6, 2019

Copy link
Member

left a comment

LGTM

@m00g3n m00g3n force-pushed the m00g3n:rm_minio_static_passwd_#3834 branch from 27dd07b to a9fc9f1 May 6, 2019

@m00g3n m00g3n removed the WIP label May 7, 2019

@m00g3n m00g3n merged commit cfc9c59 into kyma-project:master May 7, 2019

100 checks passed

kyma-governance Skipped.
license/cla Contributor License Agreement is signed.
Details
pre-master-kyma-common Skipped.
pre-master-kyma-components-api-controller Skipped.
pre-master-kyma-components-apiserver-proxy Skipped.
pre-master-kyma-components-application-broker Skipped.
pre-master-kyma-components-application-gateway Skipped.
pre-master-kyma-components-application-operator Skipped.
pre-master-kyma-components-application-registry Skipped.
pre-master-kyma-components-asset-metadata-service Skipped.
pre-master-kyma-components-asset-store-controller-manager Skipped.
pre-master-kyma-components-asset-upload-service Skipped.
pre-master-kyma-components-cms-controller-manager Skipped.
pre-master-kyma-components-configurations-generator Skipped.
pre-master-kyma-components-connection-token-handler Skipped.
pre-master-kyma-components-connectivity-certs-controller Skipped.
pre-master-kyma-components-connector-service Skipped.
pre-master-kyma-components-console-backend-service Skipped.
pre-master-kyma-components-etcd-backup-job Skipped.
pre-master-kyma-components-etcd-tls-setup-job Skipped.
pre-master-kyma-components-event-bus Skipped.
pre-master-kyma-components-event-service Skipped.
pre-master-kyma-components-helm-broker Skipped.
pre-master-kyma-components-installer Skipped.
pre-master-kyma-components-istio-kyma-patch Skipped.
pre-master-kyma-components-k8s-dashboard-proxy Skipped.
pre-master-kyma-components-kubeless-images-nodejs Skipped.
pre-master-kyma-components-namespace-controller Skipped.
pre-master-kyma-components-service-binding-usage-controller Skipped.
pre-master-kyma-components-xip-patch Skipped.
pre-master-kyma-development-artifacts Job succeeded.
Details
pre-master-kyma-docs Skipped.
pre-master-kyma-gke-central-connector Job succeeded.
Details
pre-master-kyma-gke-integration Job succeeded.
Details
pre-master-kyma-gke-upgrade Job succeeded.
Details
pre-master-kyma-integration Job succeeded.
Details
pre-master-kyma-tests-acceptance Skipped.
pre-master-kyma-tests-api-controller-acceptance-tests Skipped.
pre-master-kyma-tests-apiserver-proxy-test Skipped.
pre-master-kyma-tests-application-gateway-tests Skipped.
pre-master-kyma-tests-application-operator-tests Skipped.
pre-master-kyma-tests-application-registry-tests Skipped.
pre-master-kyma-tests-asset-store Skipped.
pre-master-kyma-tests-cluster-users-test Skipped.
pre-master-kyma-tests-connection-token-handler-tests Skipped.
pre-master-kyma-tests-connector-service-tests Skipped.
pre-master-kyma-tests-console-backend-service Skipped.
pre-master-kyma-tests-end-to-end-backup-restore-test Skipped.
pre-master-kyma-tests-end-to-end-kubeless-integration Skipped.
pre-master-kyma-tests-end-to-end-upgrade Skipped.
pre-master-kyma-tests-event-bus Skipped.
pre-master-kyma-tests-gateway-tests Skipped.
pre-master-kyma-tests-knative-serving Skipped.
pre-master-kyma-tests-kubeless Skipped.
pre-master-kyma-tests-logging Skipped.
pre-master-kyma-tests-monitoring Skipped.
pre-master-kyma-tests-test-namespace-controller Skipped.
pre-master-kyma-tools-alpine-net Skipped.
pre-master-kyma-tools-ark-plugins Skipped.
pre-master-kyma-tools-docsbuilder Skipped.
pre-master-kyma-tools-failery Skipped.
pre-master-kyma-tools-gcp-broker-provider Skipped.
pre-master-kyma-tools-load-test Skipped.
pre-master-kyma-tools-static-users-generator Skipped.
pre-rel07-kyma-common Skipped.
pre-rel07-kyma-components-api-controller Skipped.
pre-rel07-kyma-components-apiserver-proxy Skipped.
pre-rel07-kyma-components-application-broker Skipped.
pre-rel07-kyma-components-application-operator Skipped.
pre-rel07-kyma-components-application-proxy Skipped.
pre-rel07-kyma-components-application-registry Skipped.
pre-rel07-kyma-components-asset-store-controller-manager Skipped.
pre-rel07-kyma-components-binding-usage-controller Skipped.
pre-rel07-kyma-components-configurations-generator Skipped.
pre-rel07-kyma-components-connection-token-handler Skipped.
pre-rel07-kyma-components-connector-service Skipped.
pre-rel07-kyma-components-console-backend-service Skipped.
pre-rel07-kyma-components-event-bus Skipped.
pre-rel07-kyma-components-event-service Skipped.
pre-rel07-kyma-components-helm-broker Skipped.
pre-rel07-kyma-components-installer Skipped.
pre-rel07-kyma-components-istio-kyma-patch Skipped.
pre-rel07-kyma-components-k8s-dashboard-proxy Skipped.
pre-rel07-kyma-components-kubeless-images-nodejs Skipped.
pre-rel07-kyma-components-namespace-controller Skipped.
pre-rel07-kyma-components-xip-patch Skipped.
pre-rel07-kyma-docs Skipped.
pre-rel07-kyma-tests-acceptance Skipped.
pre-rel07-kyma-tests-api-controller-acceptance-tests Skipped.
pre-rel07-kyma-tests-application-operator-tests Skipped.
pre-rel07-kyma-tests-application-registry-tests Skipped.
pre-rel07-kyma-tests-connector-service-tests Skipped.
pre-rel07-kyma-tests-console-backend-service Skipped.
pre-rel07-kyma-tests-event-bus Skipped.
pre-rel07-kyma-tests-gateway-tests Skipped.
pre-rel07-kyma-tests-knative-serving-acceptance Skipped.
pre-rel07-kyma-tests-kubeless Skipped.
pre-rel07-kyma-tests-kubeless-integration Skipped.
pre-rel07-kyma-tests-logging Skipped.
pre-rel07-kyma-tests-test-logging-monitoring Skipped.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.