From ef568eb94a2fb61babae3c38a71bf9028dcd9071 Mon Sep 17 00:00:00 2001
From: Tony Davidson <tdavidso@redhat.com>
Date: Mon, 1 Jul 2024 13:20:50 +0100
Subject: [PATCH] Update db test secrets (#86)

This commit will allow the test credentials for the postgress and mysql databases to pass prodsec scanning

Signed-off-by: tonyxrmdavidson <tonyxrmdavidson@yahoo.co.uk>
---
 .gitleaks.toml                                       | 12 ++++++++++++
 .../resources/model-registry-operator/mysql-db.yaml  |  4 ++--
 openshift-ci/resources/samples/mysql/mysql-db.yaml   |  4 ++--
 .../resources/samples/postgres/postgres-db.yaml      |  4 ++--
 .../samples/samples/postgres/postgres-db.yaml        |  4 ++--
 5 files changed, 20 insertions(+), 8 deletions(-)
 create mode 100644 .gitleaks.toml

diff --git a/.gitleaks.toml b/.gitleaks.toml
new file mode 100644
index 00000000..11e0a3d9
--- /dev/null
+++ b/.gitleaks.toml
@@ -0,0 +1,12 @@
+[allowlist]
+  description = "Global Allowlist"
+        
+  # Ignore based on any subset of the line
+  regexes = [
+    
+    # Ignore specific database password
+    '''database-password\s*:\s*"The BlurstOfTimes"''',
+
+    # Ignore specific database user
+    '''database-user\s*:\s*"mlmduser"'''
+  ]
\ No newline at end of file
diff --git a/openshift-ci/resources/model-registry-operator/mysql-db.yaml b/openshift-ci/resources/model-registry-operator/mysql-db.yaml
index 3fda2ef4..a1a741f6 100644
--- a/openshift-ci/resources/model-registry-operator/mysql-db.yaml
+++ b/openshift-ci/resources/model-registry-operator/mysql-db.yaml
@@ -120,7 +120,7 @@ items:
     name: model-registry-db
   stringData:
     database-name: "model_registry"
-    database-password: "TheBlurstOfTimes"
-    database-user: "mlmduser"
+    database-password: "TheBlurstOfTimes" # notsecret
+    database-user: "mlmduser" # notsecret
 kind: List
 metadata: {}
diff --git a/openshift-ci/resources/samples/mysql/mysql-db.yaml b/openshift-ci/resources/samples/mysql/mysql-db.yaml
index 65e60b13..14296dac 100644
--- a/openshift-ci/resources/samples/mysql/mysql-db.yaml
+++ b/openshift-ci/resources/samples/mysql/mysql-db.yaml
@@ -120,7 +120,7 @@ items:
     name: model-registry-db
   stringData:
     database-name: "model_registry"
-    database-password: "TheBlurstOfTimes"
-    database-user: "mlmduser"
+    database-password: "TheBlurstOfTimes" # notsecret
+    database-user: "mlmduser" # notsecret
 kind: List
 metadata: {}
diff --git a/openshift-ci/resources/samples/postgres/postgres-db.yaml b/openshift-ci/resources/samples/postgres/postgres-db.yaml
index 63e6dff6..7877bdd2 100644
--- a/openshift-ci/resources/samples/postgres/postgres-db.yaml
+++ b/openshift-ci/resources/samples/postgres/postgres-db.yaml
@@ -112,7 +112,7 @@ items:
     name: model-registry-db
   stringData:
     database-name: "model-registry"
-    database-password: "TheBlurstOfTimes"
-    database-user: "mlmduser"
+    database-password: "TheBlurstOfTimes" # notsecret
+    database-user: "mlmduser" # notsecret
 kind: List
 metadata: {}
diff --git a/openshift-ci/resources/samples/samples/postgres/postgres-db.yaml b/openshift-ci/resources/samples/samples/postgres/postgres-db.yaml
index 63e6dff6..7877bdd2 100644
--- a/openshift-ci/resources/samples/samples/postgres/postgres-db.yaml
+++ b/openshift-ci/resources/samples/samples/postgres/postgres-db.yaml
@@ -112,7 +112,7 @@ items:
     name: model-registry-db
   stringData:
     database-name: "model-registry"
-    database-password: "TheBlurstOfTimes"
-    database-user: "mlmduser"
+    database-password: "TheBlurstOfTimes" # notsecret
+    database-user: "mlmduser" # notsecret
 kind: List
 metadata: {}