Skip to content

Commit

Permalink
allowing using custom security.json
Browse files Browse the repository at this point in the history
  • Loading branch information
Pooya Salehi committed Oct 21, 2020
1 parent 4e5ef7b commit 49fdc89
Show file tree
Hide file tree
Showing 5 changed files with 48 additions and 38 deletions.
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ Some of the parameters that can be changed/passed to the helm chart:
|`service.nodePort.create`|`false`|Create a `NodePort` service exposing binary and HTTP port of all instances |
|`tryAvoidingColocation` | `false` | If true, try to spread the OrientDB instances evenly across the cluster nodes |
|`statefulSetName`|`orientdb`|Name of the StatefulSet created|
|`security.customSecurityConfigFile`| |If provided, the content of this file is used for `security.json`|

Other configurations that can be set are:
* Attaching custom labels and annotations to the resources created by the chart.
Expand Down
38 changes: 38 additions & 0 deletions conf/security.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
{
"enabled": {{ .Values.security.enabled }},
"debug": false,
"server": {
"createDefaultUsers": {{ .Values.security.createDefaultUsers }}
},
"authentication": {
"enabled": true,
"allowDefault": true,
"authenticators": [
{
"name": "Password",
"class": "com.orientechnologies.orient.server.security.authenticator.ODefaultPasswordAuthenticator",
"enabled": true,
"users": [
{
"username": "guest",
"resources": "server.listDatabases,server.dblist"
}
]
},
{
"name": "ServerConfig",
"class": "com.orientechnologies.orient.server.security.authenticator.OServerConfigAuthenticator",
"enabled": true
},
{
"name": "SystemAuthenticator",
"class": "com.orientechnologies.orient.server.security.authenticator.OSystemUserAuthenticator",
"enabled": true
}
]
},
"auditing": {
"class": "com.orientechnologies.security.auditing.ODefaultAuditing",
"enabled": {{ .Values.security.auditing.enabled }}
}
}
7 changes: 7 additions & 0 deletions templates/_helpers.tpl
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,10 @@ app: {{ .Values.labelValue }}
{{- end }}
{{- end }}

{{- define "orientdb-helm.security-config" -}}
{{- if .Values.security.customSecurityConfigFile }}
{{- .Files.Get .Values.security.customSecurityConfigFile }}
{{- else }}
{{- tpl (.Files.Get "conf/security.json") . }}
{{- end }}
{{- end }}
39 changes: 1 addition & 38 deletions templates/configmap.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -241,41 +241,4 @@ data:
"bufferSize": 1048576
}
security.json: |
{
"enabled": {{ .Values.security.enabled }},
"debug": false,
"server": {
"createDefaultUsers": {{ .Values.security.createDefaultUsers }}
},
"authentication": {
"enabled": true,
"allowDefault": true,
"authenticators": [
{
"name": "Password",
"class": "com.orientechnologies.orient.server.security.authenticator.ODefaultPasswordAuthenticator",
"enabled": true,
"users": [
{
"username": "guest",
"resources": "server.listDatabases,server.dblist"
}
]
},
{
"name": "ServerConfig",
"class": "com.orientechnologies.orient.server.security.authenticator.OServerConfigAuthenticator",
"enabled": true
},
{
"name": "SystemAuthenticator",
"class": "com.orientechnologies.orient.server.security.authenticator.OSystemUserAuthenticator",
"enabled": true
}
]
},
"auditing": {
"class": "com.orientechnologies.security.auditing.ODefaultAuditing",
"enabled": {{ .Values.security.auditing.enabled }}
}
}
{{- include "orientdb-helm.security-config" . | nindent 4 }}
1 change: 1 addition & 0 deletions values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -97,6 +97,7 @@ network:

# security module
security:
customSecurityConfigFile:
enabled: true
createDefaultUsers: true
auditing:
Expand Down

0 comments on commit 49fdc89

Please sign in to comment.