Three Kafka nodes + Three ZooKeeper nodes
Can tolerate 1 node failure
3 replicas distributed across different nodes
Use Azure Disk SSD SCRAM-SHA-512 + ACLs
- Add FreeleapsSecret configuration for Azure Key Vault integration
- Move sensitive data (mongodbUri, jwtSecretKey, stripeApiKey, etc.) from config to secrets
- Update deployment template to read from both config and FreeleapsSecret
- Comment out sensitive fields in chat-config.yaml
- Create freeleapssecret.yaml template for secret management
- Update both alpha and prod environment configurations
- Removed hardcoded sensitive configurations (Gitea token, MongoDB URI, RabbitMQ password, and default Git password) from the values.yaml file.
- Introduced a structured secrets section to reference these sensitive values from FreeleapsSecretStore, improving security and maintainability.
- This change continues the effort to centralize and secure sensitive information management across the application.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
- Add FreeleapsSecret configuration for Azure Key Vault integration
- Move sensitive data (mongodbUri, azureStorageDocumentApiKey, azureStorageDocumentApiEndpoint) from config to secrets
- Update deployment template to read from both config and FreeleapsSecret
- Comment out sensitive fields in central-storage-config.yaml
- Create freeleapssecret.yaml template for secret management
- Eliminated the default Git password from the configuration file to enhance security and align with the secret management strategy.
- This change continues the effort to manage sensitive information more securely across the application.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
- Removed direct references to sensitive data (e.g., MongoDB URI, Gitea token, RabbitMQ password) in values files and replaced them with a structured secrets section.
- Updated deployment and configuration templates to inject secrets from FreeleapsSecretStore, enhancing security and maintainability.
- This change aligns with the new secret management strategy across the application.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
- Changed the JWT and MongoDB URI secret key references to include the 'alpha' prefix for better environment differentiation.
- This update aligns with the recent changes in secret management for the authentication module.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
- Changed the key reference from 'key' to 'secretKey' in freeleapssecret.yaml to improve clarity and consistency in secret management.
- This adjustment aligns with the recent updates to the secret management structure within the authentication module.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
- Introduced a variable for the target secret name to improve readability and maintainability of the secret injection logic.
- This change enhances the clarity of the deployment configuration for the authentication module.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
- Changed references from .Values.secrets to .Values.authentication.secrets in deployment.yaml and freeleapssecret.yaml to align with the new secret management structure.
- This update enhances the clarity and organization of secret management within the authentication module.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
- Added a secrets section in values.alpha.yaml to reference JWT secret key and MongoDB URI from a FreeleapsSecretStore.
- Updated deployment.yaml to inject these secrets as environment variables, enhancing security and configuration management.
Signed-off-by: zhenyus <zhenyus@mathmast.com>
