From f651465b403a89bf34cde9af973d318cfd11cffb Mon Sep 17 00:00:00 2001 From: Dmitry Morozovsky <27895587+icemachined@users.noreply.github.com> Date: Tue, 12 Nov 2024 13:59:38 +0300 Subject: [PATCH] Updated information about secrets (#2995) --- save-cloud-charts/save-cloud/README.md | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/save-cloud-charts/save-cloud/README.md b/save-cloud-charts/save-cloud/README.md index a80c3b8b1d..b2ea337c70 100644 --- a/save-cloud-charts/save-cloud/README.md +++ b/save-cloud-charts/save-cloud/README.md @@ -14,7 +14,7 @@ api-gateway acts as an entrypoint and svc/gateway is actually a LoadBalancer. These secrets are then mounted under the path specified as `DATABASE_SECRETS_PATH` environment variable. For example, for minikube and dev profile run `kubectl --context=minikube --namespace=save-cloud create secret generic db-secrets --from_literal=spring.datasource.username=<...> <...>` -* **save-backend** and **save-demo** expects the following secrets to be set under the secret `s3-secrets` (`kubectl create secret generic s3-secrets <...>`) +* **save-backend** , **cosv-backend** and **save-demo** expects the following secrets to be set under the secret `s3-secrets` (`kubectl create secret generic s3-secrets <...>`) * `s3-storage.endpoint` * `s3-storage.bucketName` * `s3-storage.credentials.accessKeyId` @@ -25,6 +25,11 @@ api-gateway acts as an entrypoint and svc/gateway is actually a LoadBalancer. For example, for minikube and dev profile run `kubectl --context=minikube --namespace=save-cloud create secret generic s3-secrets --from_literal== <...>` * `kubectl create secret generic oauth-credentials ...` this secret should contain properties recognizable by spring security OAuth; it's used by api-gateway. +* **ca-certs** is required for gateway it contains CA Roots certificates for Huawei +* **ca-pemstore** configmap contains ca-certificates.crt which is crt storage containing both ca root huawei certificates. +it is used both backend and cosv-backend +* **ingress-certificate** is required by ingress cluster configuration for incoming requests +* **oauth-credentials** is required for external authentication services like gitgub ## Versions of the chart On each commit that contains changes in the directory with save-cloud chart, the chart is packaged and published to