Skip to content

Commit

Permalink
Merge pull request #556 from Smana/fix_remove_hardcoded_zitadel_secret
Browse files Browse the repository at this point in the history 
fix(zitadel): put master key in envvars
  • Loading branch information
@Smana
Smana authored Nov 13, 2024
2 parents 8d43514 + f2f9671 commit 5ddb1ee
Showing 1 changed file with 13 additions and 3 deletions.
16 changes: 13 additions & 3 deletions security/base/zitadel/helmrelease.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,10 +18,8 @@ spec:
values:
replicaCount: 1
initJob:
backoffLimit: 30 # The database (RDS) takes time to initialize
backoffLimit: 30 # Wait for the CNPG database instance to be ready
zitadel:
# reference: https://zitadel.com/docs/self-hosting/manage/configure
masterkey: ApnB2MUlRa63KRIE0iT1WlM4ZNZOvZF6
configmapConfig:
Log:
Formatter:
Expand All @@ -43,6 +41,18 @@ spec:
MaxConnLifetime: 30m
MaxConnIdleTime: 5m

# reference: https://zitadel.com/docs/self-hosting/manage/configure
# All configuration items are loaded from a secret
# These are the keys that are expected in the secret
# ZITADEL_DATABASE_POSTGRES_ADMIN_PASSWORD
# ZITADEL_DATABASE_POSTGRES_ADMIN_SSL_MODE
# ZITADEL_DATABASE_POSTGRES_ADMIN_USERNAME
# ZITADEL_DATABASE_POSTGRES_USER_PASSWORD
# ZITADEL_DATABASE_POSTGRES_USER_SSL_MODE
# ZITADEL_DATABASE_POSTGRES_USER_USERNAME
# ZITADEL_FIRSTINSTANCE_ORG_HUMAN_PASSWORD
# ZITADEL_FIRSTINSTANCE_ORG_HUMAN_USERNAME
# ZITADEL_MASTERKEY
envVarsSecret: "zitadel-envvars"

# Mount certificate generated by cert-manager
Expand Down

0 comments on commit 5ddb1ee

Please sign in to comment.