mirror of
https://github.com/dat515-2025/Group-8.git
synced 2026-03-22 06:57:47 +01:00
feat(database): add encryption key
This commit is contained in:
3
.github/workflows/deploy-pr.yaml
vendored
3
.github/workflows/deploy-pr.yaml
vendored
@@ -118,7 +118,8 @@ jobs:
|
|||||||
--set frontend_domain_scheme="$FRONTEND_DOMAIN_SCHEME" \
|
--set frontend_domain_scheme="$FRONTEND_DOMAIN_SCHEME" \
|
||||||
--set image.digest="$DIGEST" \
|
--set image.digest="$DIGEST" \
|
||||||
--set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
|
--set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
|
||||||
--set-string database.password="$DB_PASSWORD"
|
--set-string database.password="$DB_PASSWORD" \
|
||||||
|
--set-string database.encryptionSecret="$PR"
|
||||||
|
|
||||||
- name: Post preview URLs as PR comment
|
- name: Post preview URLs as PR comment
|
||||||
uses: actions/github-script@v7
|
uses: actions/github-script@v7
|
||||||
|
|||||||
1
.github/workflows/deploy-prod.yaml
vendored
1
.github/workflows/deploy-prod.yaml
vendored
@@ -130,3 +130,4 @@ jobs:
|
|||||||
--set-string oauth.csas.clientId="$CSAS_CLIENT_ID" \
|
--set-string oauth.csas.clientId="$CSAS_CLIENT_ID" \
|
||||||
--set-string oauth.csas.clientSecret="$CSAS_CLIENT_SECRET" \
|
--set-string oauth.csas.clientSecret="$CSAS_CLIENT_SECRET" \
|
||||||
--set-string sentry_dsn="$SENTRY_DSN" \
|
--set-string sentry_dsn="$SENTRY_DSN" \
|
||||||
|
--set-string database.encryptionSecret="${{ secrets.PROD_DB_ENCRYPTION_KEY }}"
|
||||||
@@ -101,6 +101,11 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: prod
|
name: prod
|
||||||
key: SENTRY_DSN
|
key: SENTRY_DSN
|
||||||
|
- name: DB_ENCRYPTION_KEY
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: prod
|
||||||
|
key: DB_ENCRYPTION_KEY
|
||||||
livenessProbe:
|
livenessProbe:
|
||||||
httpGet:
|
httpGet:
|
||||||
path: /
|
path: /
|
||||||
|
|||||||
@@ -18,3 +18,4 @@ stringData:
|
|||||||
RABBITMQ_PASSWORD: {{ .Values.rabbitmq.password | default "" | quote }}
|
RABBITMQ_PASSWORD: {{ .Values.rabbitmq.password | default "" | quote }}
|
||||||
RABBITMQ_USERNAME: {{ .Values.rabbitmq.username | quote }}
|
RABBITMQ_USERNAME: {{ .Values.rabbitmq.username | quote }}
|
||||||
SENTRY_DSN: {{ .Values.sentry_dsn | quote }}
|
SENTRY_DSN: {{ .Values.sentry_dsn | quote }}
|
||||||
|
DB_ENCRYPTION_KEY: {{ required "Set .Values.database.encryptionSecret" .Values.database.encryptionSecret | quote }}
|
||||||
|
|||||||
@@ -80,3 +80,8 @@ spec:
|
|||||||
secretKeyRef:
|
secretKeyRef:
|
||||||
name: prod
|
name: prod
|
||||||
key: CSAS_CLIENT_SECRET
|
key: CSAS_CLIENT_SECRET
|
||||||
|
- name: DB_ENCRYPTION_KEY
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: prod
|
||||||
|
key: DB_ENCRYPTION_KEY
|
||||||
|
|||||||
@@ -75,3 +75,4 @@ database:
|
|||||||
userName: app-demo-user
|
userName: app-demo-user
|
||||||
secretName: app-demo-database-secret
|
secretName: app-demo-database-secret
|
||||||
password: ""
|
password: ""
|
||||||
|
encryptionSecret: ""
|
||||||
|
|||||||
Reference in New Issue
Block a user