ability to self-manage db creds #67
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
This is reasonable and is an improvement from a security and configuration flexibility perspective. Internally filed HUB-32210 to backlog for prioritization. |
|
What is the priority on this? I am also looking for this. This seems like a small change, so any reason not to merge this as is? |
|
Can I assume this will not be implemented? |
|
This is a requirement for a more mature setup. Also, make the deployment possible without in-house customization as we are forced to do atm. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
For those who deploy blackduck via helm, and maintain their helm charts and values.yaml files in source control, currently the database passwords are maintained in values.yaml.
For security best practices the postgres passwords should not be checked into source control.
This PR allows you to mark the creation of secrets as false - which will allow consumers to maintain their own
<RELEASE>-blackduck-db-credssecrets using their own process and secrets management solution.Ex.