From 45d25836c9abe87f6d10338b67f213ca679b4dd4 Mon Sep 17 00:00:00 2001 From: jmlrt <8582351+jmlrt@users.noreply.github.com> Date: Tue, 12 Oct 2021 13:34:30 +0200 Subject: [PATCH] [kibana] use new elasticsearch credentials This commit updates kibana values to use the new Elasticsearch credentials from #1384. Relates to #1375 --- kibana/examples/default/test/goss.yaml | 6 ++++ kibana/examples/security/values.yaml | 19 ++++++------ kibana/examples/upgrade/values.yaml | 12 ++++++++ kibana/values.yaml | 42 ++++++++++++++++---------- 4 files changed, 53 insertions(+), 26 deletions(-) diff --git a/kibana/examples/default/test/goss.yaml b/kibana/examples/default/test/goss.yaml index 5621c0718..76b6ffeb6 100644 --- a/kibana/examples/default/test/goss.yaml +++ b/kibana/examples/default/test/goss.yaml @@ -2,13 +2,19 @@ http: http://localhost:5601/api/status: status: 200 timeout: 2000 + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" body: - '"number":"8.0.0"' http://localhost:5601/app/kibana: status: 200 timeout: 2000 + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" http://helm-kibana-default-kibana:5601/app/kibana: status: 200 timeout: 2000 + username: "{{ .Env.ELASTICSEARCH_USERNAME }}" + password: "{{ .Env.ELASTICSEARCH_PASSWORD }}" diff --git a/kibana/examples/security/values.yaml b/kibana/examples/security/values.yaml index dfc9d5d13..3bd4468e1 100644 --- a/kibana/examples/security/values.yaml +++ b/kibana/examples/security/values.yaml @@ -1,23 +1,22 @@ --- - elasticsearchHosts: "https://security-master:9200" extraEnvs: - - name: 'ELASTICSEARCH_USERNAME' + - name: "KIBANA_ENCRYPTION_KEY" valueFrom: secretKeyRef: - name: elastic-credentials - key: username - - name: 'ELASTICSEARCH_PASSWORD' + name: kibana + key: encryptionkey + - name: "ELASTICSEARCH_USERNAME" valueFrom: secretKeyRef: - name: elastic-credentials - key: password - - name: 'KIBANA_ENCRYPTION_KEY' + name: security-master-credentials + key: username + - name: "ELASTICSEARCH_PASSWORD" valueFrom: secretKeyRef: - name: kibana - key: encryptionkey + name: security-master-credentials + key: password kibanaConfig: kibana.yml: | diff --git a/kibana/examples/upgrade/values.yaml b/kibana/examples/upgrade/values.yaml index 01d99c838..59b23350c 100644 --- a/kibana/examples/upgrade/values.yaml +++ b/kibana/examples/upgrade/values.yaml @@ -1,2 +1,14 @@ --- elasticsearchHosts: "http://upgrade-master:9200" + +extraEnvs: + - name: "ELASTICSEARCH_USERNAME" + valueFrom: + secretKeyRef: + name: upgrade-master-credentials + key: username + - name: "ELASTICSEARCH_PASSWORD" + valueFrom: + secretKeyRef: + name: upgrade-master-credentials + key: password diff --git a/kibana/values.yaml b/kibana/values.yaml index f62775654..fc6b93fcf 100755 --- a/kibana/values.yaml +++ b/kibana/values.yaml @@ -9,6 +9,16 @@ replicas: 1 extraEnvs: - name: "NODE_OPTIONS" value: "--max-old-space-size=1800" + - name: "ELASTICSEARCH_USERNAME" + valueFrom: + secretKeyRef: + name: elasticsearch-master-credentials + key: username + - name: "ELASTICSEARCH_PASSWORD" + valueFrom: + secretKeyRef: + name: elasticsearch-master-credentials + key: password # - name: MY_ENVIRONMENT_VAR # value: the_value_goes_here @@ -42,7 +52,7 @@ imagePullPolicy: "IfNotPresent" labels: {} podAnnotations: {} - # iam.amazonaws.com/role: es-cluster +# iam.amazonaws.com/role: es-cluster resources: requests: @@ -73,7 +83,7 @@ podSecurityContext: securityContext: capabilities: drop: - - ALL + - ALL # readOnlyRootFilesystem: true runAsNonRoot: true runAsUser: 1000 @@ -117,20 +127,20 @@ service: nodePort: "" labels: {} annotations: {} - # cloud.google.com/load-balancer-type: "Internal" - # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 - # service.beta.kubernetes.io/azure-load-balancer-internal: "true" - # service.beta.kubernetes.io/openstack-internal-load-balancer: "true" - # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true" + # cloud.google.com/load-balancer-type: "Internal" + # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 + # service.beta.kubernetes.io/azure-load-balancer-internal: "true" + # service.beta.kubernetes.io/openstack-internal-load-balancer: "true" + # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true" loadBalancerSourceRanges: [] - # 0.0.0.0/0 + # 0.0.0.0/0 httpPortName: http ingress: enabled: false annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" hosts: - host: chart-example.local paths: @@ -156,12 +166,12 @@ nameOverride: "" fullnameOverride: "" lifecycle: {} - # preStop: - # exec: - # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] - # postStart: - # exec: - # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] +# preStop: +# exec: +# command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] +# postStart: +# exec: +# command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] # Deprecated - use only with versions < 6.6 elasticsearchURL: "" # "http://elasticsearch-master:9200"