...
Secret purpose | default secret name | Secret type | name of property to override default secret name | secret data property name | content (All contens have to be base64 encoded!) | Secret necessary when … |
|---|---|---|---|---|---|---|
TLS certificates for ingresses | smartfacts-certs | kubernets.io/tls | global.cert.crtFullChain | tls.crt | The Server cetificate | Ingress is terminating tls |
global.cert.key | tls.key | The key for the server certificate | ||||
Username and Password of the Administration user in Keycloak | smartfacts-keycloak-admin-secret | Opaque | KEYCLOAK_PASSWORD | The password for the keycloak administrator | Keycloak.enabled is set to true in values file | |
KEYCLOAK_USER | The username of the keycloak administrator. By default this is “keycloak-admin”. | |||||
Data for connecting to the OIDC provider | smartfacts-oidc-secrets | Opaque | global.secrets.oidcSecretName | campId | ID of camp client in OIDC issuer | Connecting to an OIDC provider |
camSecret | Secret of camp client in OIDC issuer | |||||
smartfactsId | ID of smartfacts client in OIDC issuer | |||||
smartfactsSecret | Secret of smartfacts client in OIDC issuer | |||||
Username and password of the postgresql database used for Keycloak | smartfacts-postgresql | Opaque | password | Keycloak.enabled is set to true in values file | ||
postgres-password | ||||||
The Java truststore used by the Smartfacts platform and genoslc toolservice | smartfacts-truststore | Opaque | server.key | property is set in values file or if the property is not present (default is “true”) | ||
truststore.jks | ||||||
ca.crt | ||||||
ca.key | ||||||
certtool.log | ||||||
head.crt | ||||||
server.crt | ||||||
server.jks | ||||||
smartfacts-truststore-password | Opaque | password | The password of the truststore. | |||
regcred | kubernetes.io/dockerconfigjson | .dockerconfigjson | Docker Image Registry needs a login | |||
smartfacts-mongodb-connection-secret | Opaque | connection-string | The Connection string to the mongodb in the format for Java drivers. The Connection string will contain the username and password of the mongodb user. | Always | ||
smartfacts-oauth10a-encryption-key-secret | Opaque | ENCRYPTION_KEY | A random string, that should never change again. It is used as secret to encrypt and decrypt the oauth10a configuration data in the mongodb. | Always | ||
smartfacts-oslc-technical-user-secret | Opaque | env.tool. | adaptedToolTechnicalUserAuthorizationHeader | “Basic <credentials as base64>”, with the placeholder <credentials as base64> replaced with the base64 encoded string of “username:password” of the user. (Yes, at the end username:password is twice encoded with base64) | if OSLC Connectors are used |