Skip to content

Comments

fix: remove references to autoGenerated secrets and add RDBMS secret in table#8022

Open
jessesimpson36 wants to merge 1 commit intomainfrom
secret-management-rdbms
Open

fix: remove references to autoGenerated secrets and add RDBMS secret in table#8022
jessesimpson36 wants to merge 1 commit intomainfrom
secret-management-rdbms

Conversation

@jessesimpson36
Copy link
Contributor

@jessesimpson36 jessesimpson36 commented Feb 20, 2026

Description

We recently dropped the global.secrets.autoGenerated flag in our helm values.yaml , and we've also added a secret in the RDBMS set of options for the 8.9 version. This PR is updating the Secrets Management documentation page to reflect those two changes.

When should this change go live?

  • This is a bug fix, security concern, or something that needs urgent release support. (add bug or support label)
  • This is already available but undocumented and should be released within a week. (add available & undocumented label)
  • This is on a specific schedule and the assignee will coordinate a release with the Documentation team. (create draft PR and/or add hold label)
  • This is part of a scheduled alpha or minor. (add alpha or minor label)
  • There is no urgency with this change (add low prio label)

PR Checklist

  • My changes are for an upcoming minor release and are in the /docs directory (version 8.9).
  • My changes are for an already released minor and are in a /versioned_docs directory.

@jessesimpson36 jessesimpson36 changed the title fix: remove references to autoGenerated secrets and add RDBMS secret … fix: remove references to autoGenerated secrets and add RDBMS secret in table Feb 20, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 20, 2026

👋 🤖 🤔 Hello, @bkenez! Did you make your changes in all the right places?

These files were changed only in docs/. You might want to duplicate these changes in versioned_docs/version-8.8/.

  • docs/self-managed/deployment/helm/configure/secret-management.md

You may have done this intentionally, but we wanted to point it out in case you didn't. You can read more about the versioning within our docs in our documentation guidelines.

@jessesimpson36 jessesimpson36 requested review from a team and bkenez and removed request for a team February 20, 2026 16:16
@camunda-docs-pr-automation camunda-docs-pr-automation bot moved this to 👀 In Review in Documentation Team Feb 20, 2026
@jessesimpson36 jessesimpson36 marked this pull request as ready for review February 20, 2026 16:17
@bkenez
Copy link
Member

bkenez commented Feb 23, 2026

I have a PR for autogenerated secrets removal already, it's mentioned in more places too: #8016

Lets put these two PRs together I suppose 🤔

…in table

Signed-off-by: Jesse Simpson <jesse.simpson@camunda.com>
@bkenez bkenez force-pushed the secret-management-rdbms branch from 01eea65 to 9274134 Compare February 23, 2026 19:08
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[prettier] reported by reviewdog 🐶

| **Secret** | **Chart values key** | **Type** | **Purpose** |
| ----------------------------------------- | --------------------------------------------------- | ---------- | ------------------------------------------------------------------------ |
| **Enterprise License Key** | `global.license.secret` | Internal | Camunda Enterprise license key |
| **Identity First User Password** | `identity.firstUser.secret` | Internal | Default user password (`demo/demo`) |
| **OAuth Client Secret (Admin)** | `global.identity.auth.admin.secret` | Internal | OAuth admin client secret for administrative operations |
| **OAuth Client Secret (Connectors)** | `connectors.security.authentication.oidc.secret` | Internal | OAuth client secret for connectors |
| **OAuth Client Secret (Orchestration)** | `orchestration.security.authentication.oidc.secret` | Internal | OAuth client secret for Orchestration Cluster |
| **OAuth Client Secret (Optimize)** | `global.identity.auth.optimize.secret` | Internal | OAuth client secret for Optimize |
| **Identity External Database Password** | `identity.externalDatabase.secret` | External | Password for external PostgreSQL if using an external DB for Identity |
| **WebModeler External Database Password** | `webModeler.restapi.externalDatabase.secret` | External | Password for external PostgreSQL if using an external DB for Web Modeler |
| **SMTP Password** | `webModeler.restapi.mail.secret` | External | SMTP credentials for sending email notifications |
| **External Elasticsearch Auth** | `global.elasticsearch.auth.secret` | External | Password for external Elasticsearch authentication (basic auth) |
| **External OpenSearch Auth** | `global.opensearch.auth.secret` | External | Password for external OpenSearch authentication (basic auth) |
| **RDBMS Auth** | `orchestration.data.secondaryStorage.rdbms.secret` | External | Password for external RDBMS authentication (basic auth) |

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

Status: 👀 In Review

Development

Successfully merging this pull request may close these issues.

2 participants