Skip to content

Commit

Permalink
use openshift/kubernetes secrets for storing keys (don't forget to ba…
Browse files Browse the repository at this point in the history 
…se64 encode the values!)
  • Loading branch information
@willemvd
willemvd committed Dec 19, 2016
1 parent 21286b7 commit dcfb3da
Showing 1 changed file with 39 additions and 6 deletions.
45 changes: 39 additions & 6 deletions openshift-postgresql-s3-backup-scheduledJob.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,21 @@
apiVersion: v1
kind: List
items:
- apiVersion: "v1"
kind: "Secret"
metadata:
name: "aws-s3-secret"
data:
# don't forget to base64 encode your values
aws-access-key-id: ""
aws-secret-access-key: ""
- apiVersion: "v1"
kind: "Secret"
metadata:
name: "openssl-encryption-secret"
data:
# don't forget to base64 encode your values
encryption-pass-phrase: ""
- apiVersion: batch/v2alpha1
kind: ScheduledJob
metadata:
Expand Down Expand Up @@ -29,13 +44,22 @@ items:
- name: PGPASSWORD
value:
- name: ENCRYPTION_PASS_PHRASE
value:
valueFrom:
secretKeyRef:
name: openssl-encryption-secret
key: encryption-pass-phrase
- name: OPENSSL_CIPHER_TYPE
value: aes-256-cbc
- name: AWS_ACCESS_KEY_ID
value:
valueFrom:
secretKeyRef:
name: aws-s3-secret
key: aws-access-key-id
- name: AWS_SECRET_ACCESS_KEY
value:
valueFrom:
secretKeyRef:
name: aws-s3-secret
key: aws-secret-access-key
- name: AWS_DEFAULT_REGION
value:
- name: S3_BUCKET_NAME
Expand Down Expand Up @@ -71,13 +95,22 @@ items:
- name: PGPASSWORD
value:
- name: ENCRYPTION_PASS_PHRASE
value:
valueFrom:
secretKeyRef:
name: openssl-encryption-secret
key: encryption-pass-phrase
- name: OPENSSL_CIPHER_TYPE
value: aes-256-cbc
- name: AWS_ACCESS_KEY_ID
value:
valueFrom:
secretKeyRef:
name: aws-s3-secret
key: aws-access-key-id
- name: AWS_SECRET_ACCESS_KEY
value:
valueFrom:
secretKeyRef:
name: aws-s3-secret
key: aws-secret-access-key
- name: AWS_DEFAULT_REGION
value:
- name: S3_BUCKET_NAME
Expand Down

0 comments on commit dcfb3da

Please sign in to comment.