Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue 280: Read InfluxDB credentials from a secret #563

Merged
merged 6 commits into from
Jul 26, 2021
Merged

Issue 280: Read InfluxDB credentials from a secret #563

merged 6 commits into from
Jul 26, 2021

Conversation

anishakj
Copy link
Contributor

Signed-off-by: anishakj [email protected]

Change log description

Added a new field InfluxDBSecret in Pravega spec, so that users can mention the secret names rather than passing username/password as plain text.

Purpose of the change

Fixes #280

What the code does

It will read the secret from the user, and if it is mentioned secret is mounted in controller and segment store pods at /etc/influxdb-secret-volume/

How to verify it

Verified that secret is mounted at controller and segment store pods.

@codecov-commenter
Copy link

codecov-commenter commented Jul 14, 2021
edited
Loading

Codecov Report

Merging #563 (36f6608) into master (8d45948) will increase coverage by 1.26%.
The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #563      +/-   ##
==========================================
+ Coverage   73.29%   74.56%   +1.26%     
==========================================
  Files          15       15              
  Lines        4093     4144      +51     
==========================================
+ Hits         3000     3090      +90     
+ Misses        967      932      -35     
+ Partials      126      122       -4
Impacted Files Coverage Δ
pkg/apis/pravega/v1beta1/pravega.go 98.34% <100.00%> (+0.14%) ⬆️
pkg/apis/pravega/v1beta1/zz_generated.deepcopy.go 99.43% <100.00%> (+0.60%) ⬆️
pkg/controller/pravega/pravega_controller.go 100.00% <100.00%> (ø)
pkg/controller/pravega/pravega_segmentstore.go 100.00% <100.00%> (+8.66%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8d45948...36f6608. Read the comment docs.

@anishakj anishakj requested review from SrishT and jkhalack July 14, 2021 13:47
@anishakj anishakj marked this pull request as ready for review July 14, 2021 13:48
@anishakj anishakj requested a review from gaddamas July 21, 2021 14:35
@medvedevigorek medvedevigorek added this to the Pravega Operator 0.5.5 milestone Jul 21, 2021
SrishT
SrishT requested changes Jul 21, 2021
View reviewed changes
pkg/apis/pravega/v1beta1/pravega.go Outdated
@@ -228,6 +228,9 @@ type PravegaSpec struct {

// Details of authplugin to be copied into pravega controller
AuthImplementations *AuthImplementationSpec `json:"authImplementations,omitempty"`

// Name of Secret containing Password based Authentication Parameters like username, password
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

description should specify that this secret is specific to the influxdb credentials

pkg/controller/pravega/pravega_controller.go Outdated
@@ -276,6 +277,20 @@ func configureControllerAuthSecrets(podSpec *corev1.PodSpec, p *api.PravegaClust
}
}

func configureControllerInfluxDBSecrets(podSpec *corev1.PodSpec, p *api.PravegaCluster) {
if p.Spec.Pravega.InfluxDBSecret != "" {
addSecretVolumeWithMount(podSpec, p, influxDBSecretVolumeName, p.Spec.Pravega.InfluxDBSecret,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could we consider accepting the mount path as a property from the user instead of hardcoding its value in a constant?

SrishT
SrishT approved these changes Jul 26, 2021
View reviewed changes
Copy link
Contributor

@SrishT SrishT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@anishakj anishakj merged commit d712947 into master Jul 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SrishT SrishT SrishT approved these changes

@jkhalack jkhalack Awaiting requested review from jkhalack

@gaddamas gaddamas Awaiting requested review from gaddamas

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Pravega Operator 0.5.5
Development

Successfully merging this pull request may close these issues.

Read InfluxDB credentials from a secret
4 participants
@anishakj @codecov-commenter @SrishT @medvedevigorek