-
Epic
-
Resolution: Done
-
Highest
-
None
-
None
-
Password removal from HELM charts
Updating scope based on Guilin focus
Currently all DCAE component certificates are retrieved dynamically during deploying using a onap/org.onap.dcaegen2.deployments.tls-init-container (which is built of aaf_agent). This container upon retrieval of certificates does some translation to standardize the certificate/format for DCAE service components. Source for init-container - https://git.onap.org/dcaegen2/deployments/tree/tls-init-container
Based on discussion on PTL meeting earlier this week, DCAE impact should be assessed for below
1) CertInitializer integration impact on DCAE-tls init container
2) Impact to K8s plugin
Inaddition following component charts should be updated to remove hardcoded password.
- Cloudify (to be confimed with Cloudify/vendor)
- Cloudify password on Bootstrap, DH, Dashboard helm chart can be changed to use secret (secret may still have to be hardcoded depending on Cloudify feedback on #1)
- relates to
-
OOM-1933 Secure Credentials
- Closed
-
DCAEGEN2-2321 Guilin Release complaince
- Closed
-
OOM-2051 Make all projects use k8s secrets instead of passwords hard coded in resource files
- Closed
-
REQ-361 Continue hardcoded passwords removal
- Done
-
REQ-235 Password removal from OOM HELM charts
- Done