Closed dbadham-fr closed 1 year ago
Hey team! Please add your planning poker estimate with Zenhub @dbadham-fr @shaunharrisonFR
In this issue we will move the secrets out of the configmap and into secrets manifests.
From a customer perspective, we will document that certain secrets are required but will not be opinionated about how this is done.
A separate issue has been raised to review how we manage secrets required for our deployments, and provide a mechanism for generating random secrets where applicable. https://github.com/SecureApiGateway/SecureApiGateway/issues/775
https://github.com/SecureApiGateway/sapig-openbanking-uk-developer-envs/blob/master/kustomize/overlay/7.1.0/securebanking/defaults/configmap.yaml#L19-L24
Secrets: IG_CLIENT_SECRET IG_IDM_PASSWORD IG_AGENT_PASSWORD
These secrets are used by both IG and the Initializer.
The initializer is configuring things in AM and IDM with these passwords, IG is then using these passwords at runtime to authenticate when doing different actions.,
The secrets should be moved to k8s secrets.