hub icon indicating copy to clipboard operation
hub copied to clipboard
verified publisher icon blackducksoftware

ability to self-manage db creds

Open smcavallo opened this issue 5 years ago • 4 comments

For those who deploy blackduck via helm, and maintain their helm charts and values.yaml files in source control, currently the database passwords are maintained in values.yaml. For security best practices the postgres passwords should not be checked into source control. This PR allows you to mark the creation of secrets as false - which will allow consumers to maintain their own <RELEASE>-blackduck-db-creds secrets using their own process and secrets management solution. Ex.

postgres:
  createSecret: false

smcavallo avatar Jun 12 '20 19:06 smcavallo

This is reasonable and is an improvement from a security and configuration flexibility perspective.

Internally filed HUB-32210 to backlog for prioritization.

skatzman-synopsys avatar Dec 14 '21 15:12 skatzman-synopsys

What is the priority on this? I am also looking for this. This seems like a small change, so any reason not to merge this as is?

Chumper avatar Oct 09 '23 16:10 Chumper

Can I assume this will not be implemented?

Chumper avatar Oct 23 '23 13:10 Chumper

This is a requirement for a more mature setup. Also, make the deployment possible without in-house customization as we are forced to do atm. Can you prioritize, please?

m-zare avatar Mar 04 '24 13:03 m-zare