This is an automated email from the ASF dual-hosted git repository. rabbah pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-openwhisk-deploy-kube.git
The following commit(s) were added to refs/heads/master by this push: new 65928e4 Use whisk.auth from secrets instead of the default auths in the git repo (#273) 65928e4 is described below commit 65928e49b66274c19b8957d1468390c3bb6193a5 Author: David Grove <dgrove-...@users.noreply.github.com> AuthorDate: Fri Aug 10 16:54:10 2018 -0400 Use whisk.auth from secrets instead of the default auths in the git repo (#273) A modification of the fix suggested in PR#271 that mounts the whisk.auth secrets in a volume instead of putting them environment variables. --- helm/openwhisk/configMapFiles/initCouchDB/initdb.sh | 5 +++++ helm/openwhisk/templates/initCouchDBJob.yaml | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh b/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh index 976d6b0..181239f 100755 --- a/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh +++ b/helm/openwhisk/configMapFiles/initCouchDB/initdb.sh @@ -4,6 +4,11 @@ # Clone OpenWhisk to get the ansible playbooks needed to initialize CouchDB git clone https://github.com/apache/incubator-openwhisk /openwhisk +# Copy the secrets whisk.auth.guest and whisk.auth.system into the cloned tree +# overwriting the default values we cloned from git +cp -f /etc/whisk-auth/guest /openwhisk/ansible/files/auth.guest +cp -f /etc/whisk-auth/system /openwhisk/ansible/files/auth.whisk.system + # generate db_local.ini so the ansible jobs know how to access the database pushd /openwhisk/ansible ansible-playbook -i environments/local setup.yml diff --git a/helm/openwhisk/templates/initCouchDBJob.yaml b/helm/openwhisk/templates/initCouchDBJob.yaml index dc7506c..0856b07 100644 --- a/helm/openwhisk/templates/initCouchDBJob.yaml +++ b/helm/openwhisk/templates/initCouchDBJob.yaml @@ -19,6 +19,9 @@ spec: - name: task-dir configMap: name: init-couchdb + - name: whisk-auth + secret: + secretName: whisk.auth containers: - name: init-couchdb image: openwhisk/kube-whisk-ansible-runner @@ -28,6 +31,8 @@ spec: - name: task-dir mountPath: "/task/initdb.sh" subPath: "initdb.sh" + - name: whisk-auth + mountPath: "/etc/whisk-auth" env: - name: "DB_PROTOCOL" valueFrom: