volker.raschek/reposilite-charts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(secret): enforce basic auth credentials

Browse Source 
This patch remove generation of a random string for the username and password of
the basic auth credentials.

The problem with the random generated basic auth credentials is, that this leads
to a new shasum of the secret. GitOps tools like ArgoCD detects a drift trigger
a rolling update.

To avoid this must now the basic auth credentials be defined to enable
prometheus metrics.
This commit is contained in:
Markus Pesch
2025-10-22 17:14:53 +02:00
parent d2c329e1be
commit d790cd3ec4
6 changed files with 39 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
unittests/deployment/prometheusPodMonitor.yaml
View File

@@ -13,6 +13,8 @@ tests:
set:
prometheus.metrics.enabled: true
prometheus.metrics.podMonitor.enabled: true
prometheus.metrics.secret.new.basicAuthPassword: "my-password"
prometheus.metrics.secret.new.basicAuthUsername: "my-username"
asserts:
- exists:
path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials