Use an External Secret for the Pipelines Password

JFrog Installation & Setup Documentation

Content Type
Installation & Setup
ft:sourceType
Paligo

The best practice for passwords is to use external secrets instead of storing passwords in the values.yaml file.

  1. Fill in the passwords, masterKey and joinKey in values-ingress-passwords.yaml and then create and install the external secret.

    ## Generate pipelines-system-yaml secret
    helm template --name-template pipelines pipelines/ -s templates/pipelines-system-yaml.yaml \
        -f pipelines/values-ingress-external-secret.yaml -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
    
    ## Generate pipelines-database secret
    helm template --name-template pipelines pipelines/ -s templates/database-secret.yaml \
        -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
    
    ## Generate pipelines-rabbitmq-secret secret
    helm template --name-template pipelines pipelines/ -s templates/rabbitmq-secret.yaml \
        -f pipelines/values-ingress-passwords.yaml | kubectl apply --namespace pipelines -f -
  2. Install Pipelines.

    helm upgrade --install pipelines --namespace pipelines jfrog/pipelines -f values-ingress-external-secret.yaml