lukas/uis-cloud-computing
1
0
Fork 0
mirror of https://github.com/dat515-2025/Group-8.git synced 2026-03-22 06:57:47 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat(database): add encryption key

Browse Source
This commit is contained in:
Lukáš Trkan
2025-10-29 14:23:14 +01:00
parent 3348e0a035
commit 7d2e94e683
6 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/deploy-pr.yaml vendored
View File

@@ -118,7 +118,8 @@ jobs:
--set frontend_domain_scheme="$FRONTEND_DOMAIN_SCHEME" \
--set image.digest="$DIGEST" \
--set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
--set-string database.password="$DB_PASSWORD"
--set-string database.password="$DB_PASSWORD" \
--set-string database.encryptionSecret="$PR"
- name: Post preview URLs as PR comment
uses: actions/github-script@v7

3
.github/workflows/deploy-prod.yaml vendored
View File

@@ -129,4 +129,5 @@ jobs:
--set-string oauth.mojeid.clientSecret="$MOJEID_CLIENT_SECRET" \
--set-string oauth.csas.clientId="$CSAS_CLIENT_ID" \
--set-string oauth.csas.clientSecret="$CSAS_CLIENT_SECRET" \
--set-string sentry_dsn="$SENTRY_DSN" \
--set-string sentry_dsn="$SENTRY_DSN" \
--set-string database.encryptionSecret="${{ secrets.PROD_DB_ENCRYPTION_KEY }}"

5
7project/charts/myapp-chart/templates/app-deployment.yaml
View File

@@ -101,6 +101,11 @@ spec:
secretKeyRef:
name: prod
key: SENTRY_DSN
- name: DB_ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: prod
key: DB_ENCRYPTION_KEY
livenessProbe:
httpGet:
path: /

1
7project/charts/myapp-chart/templates/prod.yaml
View File

@@ -18,3 +18,4 @@ stringData:
RABBITMQ_PASSWORD: {{ .Values.rabbitmq.password | default "" | quote }}
RABBITMQ_USERNAME: {{ .Values.rabbitmq.username | quote }}
SENTRY_DSN: {{ .Values.sentry_dsn | quote }}
DB_ENCRYPTION_KEY: {{ required "Set .Values.database.encryptionSecret" .Values.database.encryptionSecret | quote }}

7
7project/charts/myapp-chart/templates/worker-deployment.yaml
View File

@@ -20,7 +20,7 @@ spec:
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop: ["ALL"]
drop: [ "ALL" ]
command:
- celery
- -A
@@ -80,3 +80,8 @@ spec:
secretKeyRef:
name: prod
key: CSAS_CLIENT_SECRET
- name: DB_ENCRYPTION_KEY
valueFrom:
secretKeyRef:
name: prod
key: DB_ENCRYPTION_KEY

1
7project/charts/myapp-chart/values.yaml
View File

@@ -75,3 +75,4 @@ database:
userName: app-demo-user
secretName: app-demo-database-secret
password: ""
encryptionSecret: ""