[
https://issues.redhat.com/browse/TEIIDSB-157?page=com.atlassian.jira.plug...
]
Steven Hawkins commented on TEIIDSB-157:
----------------------------------------
Does this mean we are going need our own JDG cluster, instead of
using an existing one?
For the purposes of the example, we'll own/create the DataGrid cluster.
I prefer we use an existing one, it will be better in terms of
management aspects of it.
That's why I'm still leaving this open. At some point, probably soon, we'll
want to use their credentials. It's probably worth reaching out to the infinispan
folks to see how they expect OpenShift clients to utilize their secret in a more automated
way. Their docs show using oc and some extraction logic, but of course that's not how
we'd expect this to work.
Support loading password credential from infinispan secret
----------------------------------------------------------
Key: TEIIDSB-157
URL:
https://issues.redhat.com/browse/TEIIDSB-157
Project: Teiid Spring Boot
Issue Type: Sub-task
Components: datasource
Reporter: Steven Hawkins
Priority: Major
Fix For: 1.4.0
Original Estimate: 5 hours
Time Spent: 2 hours
Remaining Estimate: 3 hours
The infinispan operator generates a secret that contains a yaml file, which is where the
developer password is stored.
There three approaches:
1. for materialization assume that we will "own" the DataGrid instance such
that we'll create and pass our own secret file for infinispan to use. In this case
we'll know the password and can provide that to the connection factory via an env
property.
2. add logic to the connection factory to specify a "credential file" such that
we'll parse the yaml from the given location (a mount of the secret) and find the
appropriate credential for the given username (typically developer).
3. ask the infinispan team to allow for easier consumption of the secret (a secret per
user?)
To get things working with the example, I can take the first approach - but it will look
a little convoluted.
In general 2 or 3 will be needed in scenarios where we expect to simply pick up existing
credentials.
--
This message was sent by Atlassian Jira
(v7.13.8#713008)