Using External Keystore for Gerrit Helm Deployment Secrets (LDAP & PKCS12)
Umebyoshi88
Hi all,
I'm currently deploying Gerrit using the k8s-gerrit Helm charts and looking for a clean way to handle secrets like:
The pkcs12 keystore file and its password
The LDAP bind username and password
Right now, these values would end up in plain text in gerrit.config when rendered with Helm, which is obviously not ideal. I'd like to pull them dynamically at runtime from an external keystore or K8s Secret (mounted or otherwise), rather than hardcoding them into the chart values.
Has anyone found a pattern or approach for referencing secrets like these in a secure way during Helm rendering or at runtime? Ideally without maintaining a fork of the chart.
Appreciate any tips or pointers!
Best,
Basim
Thomas Dräbing
Hi all,
I'm currently deploying Gerrit using the k8s-gerrit Helm charts and looking for a clean way to handle secrets like:
The pkcs12 keystore file and its password
The LDAP bind username and password
Right now, these values would end up in plain text in gerrit.config when rendered with Helm, which is obviously not ideal. I'd like to pull them dynamically at runtime from an external keystore or K8s Secret (mounted or otherwise), rather than hardcoding them into the chart values.
Has anyone found a pattern or approach for referencing secrets like these in a secure way during Helm rendering or at runtime? Ideally without maintaining a fork of the chart.
Appreciate any tips or pointers!
Best,Basim
--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en
---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/repo-discuss/5c13ca5c-3b1e-4ad8-96be-a23619f3c73cn%40googlegroups.com.