postee
postee copied to clipboard
Create secret file for PosteeUI - user and password
Description
PostUI user and password are sensitive data, because of that secret.yaml has to be created for the Postee UI creds inside the helm chart. There are no default values set for them as well. Also we need a strategy how to use this secret with GitOps (FluxCD etc.) if you wanna store the creds into git/bitbucket repo is good practice to encrypt this secret - for example with Sealed Secret.
Agreed we can make it better and welcome to ideas.
We also have this existing issue that we should also think of when tackling this: https://github.com/aquasecurity/postee/issues/120
Welcome to ideas and suggestions.
@simar7 please review it https://github.com/aquasecurity/postee/pull/474 . already tested with FluxCD. for example - if posteUi.existingSecret is false, it will create a secret with username & password defined into values.yaml if posteUi.existingSecret is true, you need to create a separate secret file, (you may seal it by Sealed secret for additional encryption as well if the secret file is stored in git/bitbucket):
posteUi:
existingSecret:
enabled: true
secretName: posteeui-creds # secret name
usernameKey: postee-ui-user # the key defined into the secret name for the user
passwordKey: postee-ui-password # the key defined into the secret name for the password
Fixed with #474