platform/manifests
1
0
Fork 0
Code Issues 7 Pull Requests 5 Actions Packages Projects Releases Wiki Activity

fix: update openfga secret policy

Browse Source
This commit is contained in:
Jonas Juselius
2025-01-01 12:05:54 +01:00
parent f2bfd484b4
commit fa552169bc
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
policies/oceanbox/kyverno/add-openfga-secret.yaml
+4 -4
View File
@@ -16,8 +16,8 @@ spec:
kinds: kinds:
- Secret - Secret
names: names:
- prod-openfga-superuser - prod-openfga-db-superuser
- staging-openfga-superuser - staging-openfga-db-superuser
mutate: mutate:
targets: targets:
- apiVersion: v1 - apiVersion: v1
@@ -25,8 +25,8 @@ spec:
name: "{{ request.object.metadata.name }}" name: "{{ request.object.metadata.name }}"
patchStrategicMerge: patchStrategicMerge:
stringData: stringData:
postgres-password: '{{ request.object.data."password" | base64_decode(@) }}' postgres-password: '{{ request.object.data.password | base64_decode(@) }}'
uri: postgres://postgres:{{ request.object.data."password" | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }} uri: 'postgres://{{ request.object.data.username | base64_decode(@) }}:{{ request.object.data.password | base64_decode(@) }}@{{ request.object.metadata.labels."cnpg.io/cluster" }}-rw/app?sslmode=disable'
skipBackgroundRequests: true skipBackgroundRequests: true
validationFailureAction: Audit validationFailureAction: Audit