Page MenuHomePhabricator

[Helm] Retrieve PG password from environment vs. hard-coding it
ClosedPublic

Authored by nate on Fri, Feb 14, 11:19 PM.

Details

Test Plan

manual: helm install, check kubectl, execute optional outputs pipeline in dagit

Diff Detail

Repository
R1 dagster
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

nate created this revision.Fri, Feb 14, 11:19 PM
nate retitled this revision from Retrieve PG password from environment vs. hard-coding it to [Helm] Retrieve PG password from environment vs. hard-coding it.Fri, Feb 14, 11:27 PM
max added a comment.Sat, Feb 15, 12:02 AM

if i were concerned about this, i would also probably be using a username and db name that i didn't want anywhere -- we consider perhaps reading those in in the same way

nate added a comment.Sun, Feb 16, 3:08 AM
In D2053#52380, @max wrote:

if i were concerned about this, i would also probably be using a username and db name that i didn't want anywhere -- we consider perhaps reading those in in the same way

Yeah, I started with all 3, but I'm taking a cue from the PG helm chart: https://github.com/helm/charts/blob/master/stable/postgresql/templates/secrets.yaml which is password only

alangenfeld accepted this revision.Mon, Feb 17, 4:38 PM

we can add the others in a follow if we decide to

This revision is now accepted and ready to land.Mon, Feb 17, 4:38 PM