Uploaded image for project: 'OpenShift GitOps'
  1. OpenShift GitOps
  2. GITOPS-7368

Support Redis credentials via volume mounts in the Operator

XMLWordPrintable

    • Support Redis credentials via volume mounts in the Operator
    • M
    • False
    • Hide

      None

      Show
      None
    • False
    • RFE-7563Prefer using secrets as files over secrets as environment variables
    • To Do
    • 67% To Do, 33% In Progress, 0% Done

      This requires Argo CD 3.3

      Epic Goal

      GITOPS-7167 enhances upstream Argo CD to configure Redis credentials using volume mounts instead of environment variables. Similarly, the operator should support mounting Redis credentials via volumes as well, rather than using environment variables.

      Why is this important?

      See GITOPS-7167

      Scenarios

      1. As an Argo CD admin using operator, I want Argo CD components and Redis to be provided with the generated password through volume, rather than an environment variable or a command line argument.

      TODO

      • Every time redis-cli a "${AUTH}" --no-auth-warning is used, replace -a and -no-auth-warning with REDISCLI_AUTH envvar.
      • In Argo CD components, replace *-redis-initial-password ref mounted as REDIS_PASSWORD envvar with a volume mounted to /app/config/redis/auth/, and have the Redis config and init scripts read it from there instead.
      • Consider renaming/duplicating keys in *-redis-initial-password secret so they match the expected filename from admin.password to auth (as expected by https://github.com/argoproj/argo-cd/pull/24597/)

      Definition of Ready

      • The epic has been broken down into stories.
      • Stories have been scoped.
      • The epic has been stack ranked.

      Definition of Done

      • Code Complete:
        • All code has been written, reviewed, and approved.
      • Tested:
        • Unit tests have been written and passed.
        • Integration tests have been completed.
        • System tests have been conducted, and all critical bugs have been fixed.
        • Tested on OpenShift either upstream or downstream on a local build.
      • Documentation:
        • User documentation or release notes have been written.
      • Build:
        • Code has been successfully built and integrated into the main repository / project.
      • Review:
        • Code has been peer-reviewed and meets coding standards.
        • All acceptance criteria defined in the user story have been met.
        • Tested by reviewer on OpenShift.
      • Deployment:
        • The feature has been deployed on OpenShift cluster for testing.
      • Acceptance:
        • Product Manager or stakeholder has reviewed and accepted the work.

              ogondza@redhat.com Oliver Gondza
              rh-ee-sghadi Siddhesh Ghadi
              Tangerine
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: