-
Story
-
Resolution: Done
-
Highest
-
None
-
None
-
DCAE Frankfurt Sprint 5 (M4), DCAE Frankfurt Sprint 6 (RC0)
As a pre-requisite to support DCAEGEN2-1972, PH pod needs to be enhanced to source the password from k8s secrets or environment variable. Following change is necessary for PH.
- Source username, password as separate parameter and used that for Authorization in header. Currently "Authorization": "Basic aGVhbHRoY2hlY2s6emIhWHp0RzM0" is stored in directly on KV (from https://git.onap.org/oom/tree/kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json). The username/password (healthcheck/zb!XztG34) should be sourced as separate parameter and Authorization header constructed from it.
- Source password from environment variable when available - this should take precedence over consul KV parameter. However if environment variable is not set, consul KV parameter should be used as currently done
---
implementation:
policy-handler is enhanced to get user/password from env vars for PDP and DMaaP MR clients and overwriting the Authorization field in https headers received from the discoverable config
- to override the Authorization value on policy_engine, set the environment vars $PDP_USER and $PDP_PWD in policy-handler
container - to override the Authorization value on dmaap_mr if using https and user-password authentication, set the environment vars $DMAAP_MR_USER and $DMAAP_MR_PWD in policy-handler container