Merge "Update kibana authentication values in endpoints and deployment"

elasticsearch/templates/etc/_elasticsearch-host.conf.tpl

@@ -21,7 +21,7 @@ limitations under the License.
   </Location>
   <Proxy *>
       AuthType Basic
-      AuthName "Authentication Required"
+      AuthName "Authentication Required for Elasticsearch"
       AuthUserFile {{.Values.conf.apache.htpasswd | quote}}
       Require valid-user
   </Proxy>

elasticsearch/templates/secret-elasticsearch.yaml

@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */}}
 
-{{- if .Values.manifests.secret_admin }}
+{{- if .Values.manifests.secret_elasticsearch }}
 {{- $envAll := . }}
 {{- $secretName := index $envAll.Values.secrets.elasticsearch.user }}
 

elasticsearch/values.yaml

@@ -406,7 +406,7 @@ manifests:
   job_snapshot_repository: false
   helm_tests: true
   pvc_snapshots: false
-  secret_admin: true
+  secret_elasticsearch: true
   monitoring:
     prometheus:
       configmap_bin_exporter: true

kibana/templates/deployment.yaml

@@ -16,6 +16,7 @@ limitations under the License.
 
 {{- if .Values.manifests.deployment }}
 {{- $envAll := . }}
+
 {{- $esUserSecret := .Values.secrets.elasticsearch.user }}
 
 {{- $serviceAccountName := "kibana" }}
@@ -59,13 +60,13 @@ spec:
             - name: KIBANA_USERNAME
               valueFrom:
                 secretKeyRef:
-                  name: kibana-admin-creds
-                  key: KIBANA_USERNAME
+                  name: {{ $esUserSecret }}
+                  key: ELASTICSEARCH_USERNAME
             - name: KIBANA_PASSWORD
               valueFrom:
                 secretKeyRef:
-                  name: kibana-admin-creds
-                  key: KIBANA_PASSWORD
+                  name: {{ $esUserSecret }}
+                  key: ELASTICSEARCH_PASSWORD
           volumeMounts:
             - name: kibana-bin
               mountPath: /tmp/apache.sh

kibana/templates/etc/_kibana-host.conf.tpl

@@ -21,7 +21,7 @@ limitations under the License.
   </Location>
   <Proxy *>
       AuthType Basic
-      AuthName "Authentication Required"
+      AuthName "Authentication Required for Kibana"
       AuthUserFile {{.Values.conf.apache.htpasswd | quote}}
       Require valid-user
   </Proxy>

kibana/templates/secret-admin-creds.yaml

@@ -1,29 +0,0 @@
-{{/*
-Copyright 2017 The Openstack-Helm Authors.
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-   http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-*/}}
-
-{{- if .Values.manifests.secret_admin }}
-{{- $envAll := . }}
-{{- $secretName := index $envAll.Values.secrets.kibana.admin }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ $secretName }}
-type: Opaque
-data:
-  KIBANA_USERNAME: {{ .Values.endpoints.kibana.auth.admin.username | b64enc }}
-  KIBANA_PASSWORD: {{ .Values.endpoints.kibana.auth.admin.password | b64enc }}
-{{- end }}

kibana/values.yaml

@@ -71,8 +71,6 @@ pod:
 secrets:
   elasticsearch:
     user: kibana-elasticsearch-user
-  kibana:
-    admin: kibana-admin-creds
 
 dependencies:
   dynamic:
@@ -156,10 +154,6 @@ endpoints:
   kibana:
     name: kibana
     namespace: null
-    auth:
-      admin:
-        username: admin
-        password: changeme
     hosts:
       default: kibana-dash
       public: kibana
@@ -196,6 +190,5 @@ manifests:
   ingress: true
   job_image_repo_sync: true
   secret_elasticsearch: true
-  secret_admin: true
   service: true
   service_ingress: true