...
Secret purpose | default secret name | Secret type | name of property to override default secret name | secret data property name | content (All contens have to be base64 encoded!) | Secret necessary when … | |||
|---|---|---|---|---|---|---|---|---|---|
TLS certificates for ingresses | smartfacts-certs | kubernets.io/tls | global.cert.crtFullChain | tls.crt | The Server cetificate | Ingress is terminating tls | |||
global.cert.key | tls.key | The key for the server certificate | |||||||
Username and Password of the Administration user in Keycloak | smartfacts-keycloak-admin-secret | Opaque | KEYCLOAK_PASSWORD | The password for the keycloak administrator | Keycloak.enabled is set to true in values file | ||||
KEYCLOAK_USER | The username of the keycloak administrator. By default this is “keycloak-admin”. | ||||||||
Data for connecting to the OIDC provider | smartfacts-oidc-secrets | Opaque | global.secrets.oidcSecretName | campId | ID of camp client in OIDC issuer | Connecting to an OIDC provider | |||
camSecret | Secret of camp client in OIDC issuer | ||||||||
smartfactsId | ID of smartfacts client in OIDC issuer | ||||||||
smartfactsSecret | Secret of smartfacts client in OIDC issuer | ||||||||
Username and password of the postgresql database used for Keycloak | smartfacts-postgresql | Opaque | password | Keycloak.enabled is set to true in values file | |||||
postgres-password | |||||||||
The Java truststore used by the Smartfacts platform and genoslc toolservice | smartfacts-truststore | Opaque | servertruststore.keyjks | property is set in values file or if the property is not present (default is “true”) | truststore.jks | ca.crt | ca.key|||
certtool.log | head.crt | server.crt | server.jks | smartfacts-truststore-password | Opaque | password | The password of the truststore. | ||
regcred | kubernetes.io/dockerconfigjson | global.imagePullSecrets[] | .dockerconfigjson | Docker Image Registry needs a login | |||||
smartfacts-mongodb-connection-secret | Opaque | connection-string | The Connection string to the mongodb in the format for Java drivers. The Connection string will contain the username and password of the mongodb user. | Always | |||||
smartfacts-oauth10a-encryption-key-secret | Opaque | ENCRYPTION_KEY | A random string, that should never change again. It is used as secret to encrypt and decrypt the oauth10a configuration data in the mongodb. | Always | |||||
smartfacts-oslc-technical-user-secret | Opaque | env.tool. | adaptedToolTechnicalUserAuthorizationHeader | “Basic <credentials as base64>”, with the placeholder <credentials as base64> replaced with the base64 encoded string of “username:password” of the user. (Yes, at the end username:password is twice encoded with base64) | if OSLC Connectors are used |