-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(helm): allow configuring security section of management api conf… #4941
base: master
Are you sure you want to change the base?
Conversation
…ig via Helm values AM-4057
Quality Gate passedIssues Measures |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please add unit test and add an entry in the change log (chart.yaml) ?
security: | ||
defaultAdmin: {{ .Values.api.security.defaultAdmin | default true }} | ||
accountAccessTokens: | ||
encoder: | ||
settings: | ||
rounds: {{ .Values.api.security.accountTokenBcryptRounds | default 10 }} | ||
{{- if .Values.api.security.providers }} | ||
providers: | ||
{{- toYaml .Values.api.security.providers | nindent 8 }} | ||
{{- end}} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
suggestion: I would do a test on the security section as you did for .Values.api.security.providers
line 405. In that way we are expecting the same structure as the one in the gravitee.yaml. And in future if new entries in the security section are added, they will be taken into account automatically. wdyt ?
security: | ||
defaultAdmin: true | ||
accountTokenBcryptRounds: 10 | ||
providers: | ||
- type: memory | ||
enabled: false | ||
## Name of IdentityProvider | ||
## If missing the type will be used to create a generic name (ex: Memory users) | ||
#name: | ||
## password encoding/hashing algorithm. One of: | ||
## - BCrypt : passwords are hashed with bcrypt (supports only $2a$ algorithm) | ||
## - none : passwords are not hashed/encrypted | ||
#default value is BCrypt | ||
password-encoding-algo: BCrypt | ||
users: | ||
- user: | ||
username: admin | ||
#email: | ||
firstname: Administrator | ||
lastname: Administrator | ||
## Passwords are encoded using BCrypt | ||
## Password value: adminadmin | ||
password: $2a$10$NG5WLbspq8V1yJDzUKfUK.oum94qL/Ne3B5fQCgekw/Y4aOEaoFZq | ||
role: ORGANIZATION_OWNER |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if you accept the comment made for the api-configmap.yalm this section will have to be updated for the accountToken.
…ig via Helm values
AM-4057