platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

fix: update openfga secret policy

Browse Source
This commit is contained in:
Jonas Juselius
2025-01-01 12:05:54 +01:00
parent f2bfd484b4
commit fa552169bc
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
policies/oceanbox/kyverno/add-openfga-secret.yaml
+4 -4
View File
@@ -16,8 +16,8 @@ spec:
kinds:
- Secret
names:
- prod-openfga-superuser
- staging-openfga-superuser
- prod-openfga-db-superuser
- staging-openfga-db-superuser
mutate:
targets:
- apiVersion: v1
@@ -25,8 +25,8 @@ spec:
name: "{{ request.object.metadata.name }}"
patchStrategicMerge:
stringData:
postgres-password: '{{ request.object.data."password" | base64_decode(@) }}'
uri: postgres://postgres:{{ request.object.data."password" | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }}
postgres-password: '{{ request.object.data.password | base64_decode(@) }}'
uri: 'postgres://{{ request.object.data.username | base64_decode(@) }}:{{ request.object.data.password | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }}-rw/app?sslmode=disable'
skipBackgroundRequests: true
validationFailureAction: Audit