Skip to content

Feature: Support to show the username or password of packages added: keycloak, etc #491

New issue
New issue
Open
Open
Feature: Support to show the username or password of packages added: keycloak, etc#491
Labels
enhancementNew feature or request
@cmoulliard

Description

@cmoulliard
cmoulliard
opened on Feb 13, 2025

Have you searched for this feature request?

  • I searched but did not find similar requests

Problem Statement

When we install the stack ref-implementation which is able to deploy keycloak, then credentials are generated by keycloak and exposed as as a secret managed by ESO

Unfortunately the admin username to be used cnoe-admin like the admin password is not displayed properly using the command
: idp get secrets as you can see hereafter

❯ idp get secrets NAME NAMESPACE USERNAME PASSWORD TOKEN DATA argocd-initial-admin-secret argocd admin developer gitea-credential gitea giteaAdmin developer 9a6cfb8ba9d9822b4abad046ec75ced3137de3a8 keycloak-config keycloak POSTGRES_DB=keycloak, POSTGRES_PASSWORD=rt8c+fuQ7/9XjGBYdGvF6p+5Cp-cApn-heHO, POSTGRES_USER=keycloak, USER_PASSWORD=ZulQT+9xb-mVRcXV-cmSfv2+5K+Bod0aZBA3, KC_DB_PASSWORD=rt8c+fuQ7/9XjGBYdGvF6p+5Cp-cApn-heHO, KC_DB_USERNAME=keycloak, KEYCLOAK_ADMIN_PASSWORD=zde/4+k-/BTS4n0YvngKZpuZxxHtipS1/Ty4

Possible Solution

As the secret generated includes the cnoe label that idpbuilder is looking for, we could add an additional label to specify the K=V pairs to be used to fetch from the secret the proper keys and apply them under the columns: username and password

Today

kind: Secret
metadata:
  labels:
    cnoe.io/cli-secret: "true"
    cnoe.io/package-name: keycloak
  name: keycloak-config
  namespace: keycloak
 ...

Change proposition

kind: Secret
metadata:
  labels:
    cnoe.io/cli-secret: "true"
    cnoe.io/package-name: keycloak
    cnoe.io/credential-admin-username: cnoe-admin
    cnoe.io/credential-admin-password-key: KEYCLOAK_ADMIN_PASSWORD
    cnoe.io/credential-user-username: "user1, user2"
    cnoe.io/credential-user-password-key: "USER_PASSWORD"
  name: keycloak-config
  namespace: keycloak 
 ...

then we should be able to show:

idp get secrets // to be renamed to => idp get credentials
NAME                          NAMESPACE   USERNAME     PASSWORD                             TOKEN                                      DATA
argocd-initial-admin-secret   argocd      admin        developer
gitea-credential              gitea       giteaAdmin   developer                            9a6cfb8ba9d9822b4abad046ec75ced3137de3a8
keycloak-config               keycloak    cnoe-admin   zde/4+k-/BTS4n0YvngKZpuZxxHtipS1/Ty4                                              POSTGRES_DB=keycloak, POSTGRES_PASSWORD=rt8c+fuQ7/9XjGBYdGvF6p+5Cp-cApn-heHO, POSTGRES_USER=keycloak, USER_PASSWORD=ZulQT+9xb-mVRcXV-cmSfv2+5K+Bod0aZBA3, KC_DB_PASSWORD=rt8c+fuQ7/9XjGBYdGvF6p+5Cp-cApn-heHO, KC_DB_USERNAME=keycloak

Alternatives Considered

n/a

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions