chicco785
commented
5 years ago not yet deployed in infrastructure ;) we will protect pgadmin ui with oauth endpoint; purpose is to facilitate the current migration work
Closed chicco785 closed 5 years ago
chicco785
commented
5 years ago not yet deployed in infrastructure ;) we will protect pgadmin ui with oauth endpoint; purpose is to facilitate the current migration work
taliaga
commented
5 years ago Mystery solved, only reviews from reviewers with write access count towards mergeability. GH tool-tips are quite useful! :) Let's fix permissions today
Just had a glance at the
pgadminchart docs andvalues.yaml. The default is to have an unsecured connection (tls: false) and the default login credentials specified there will have to be overwritten before making the service accessible from an external IP. I couldn't find avalues.yamlin the infrastructure repo to override those values though so I'm wondering how we actually deploy this. Also, it seems that to use TLS we'll need cert-manager.While this may be fine for dev deployments, it's kind of a no-go for prod where we should have TLS and strong passwords specified securely. Also to consider: do we really need to expose this service? If we don't, then we're just widening our attack surface...