diff --git a/src/main/helm/templates/deployment.yaml b/src/main/helm/templates/deployment.yaml
index 3d41cc11124d5142f8a7395b2d984a08156d1e6b..e58f5afb0111cafcf5b1f5e5cf14368e4903e9ed 100644
--- a/src/main/helm/templates/deployment.yaml
+++ b/src/main/helm/templates/deployment.yaml
@@ -191,10 +191,18 @@ spec:
- name: ozgcloud_muk_server
value: {{ quote (required "ozgcloud.muk.server must be set if ozgcloud.muk is enabled" ((.Values.ozgcloud).muk).server) }}
{{- if ((.Values.ozgcloud).muk).authEnabled }}
- - name: ozgcloud_muk_userName
- value: {{ quote (required "ozgcloud.muk.userName must be set if ozgcloud.muk auth is enabled" ((.Values.ozgcloud).muk).userName) }}
- name: ozgcloud_muk_password
- value: {{ quote (required "ozgcloud.muk.password must be set if ozgcloud.muk auth is enabled" ((.Values.ozgcloud).muk).password) }}
+ valueFrom:
+ secretKeyRef:
+ name: muk-user-secret
+ key: passwordHash
+ optional: false
+ - name: ozgcloud_muk_userName
+ valueFrom:
+ secretKeyRef:
+ name: muk-user-secret
+ key: login
+ optional: false
{{- end }}
{{- end }}
diff --git a/src/main/helm/templates/elstertransfer_user_cr.yaml b/src/main/helm/templates/elstertransfer_user_cr.yaml
index 7e4a0aa9a1b5bea0eeddaf6d9858a1339672df4e..4ce8c09acab431ea971b8aba0b9fb9038d430115 100644
--- a/src/main/helm/templates/elstertransfer_user_cr.yaml
+++ b/src/main/helm/templates/elstertransfer_user_cr.yaml
@@ -33,6 +33,5 @@ spec:
keep_after_delete: {{ (.Values.etr_user).keep_after_delete | default false }}
login: {{ required ".Values.ozgcloud.muk.userName must be set if muk and auth is enabled" (.Values.ozgcloud).muk.userName }}
role: {{ (.Values.etr_user).role | default "USER" }}
- credentials: {{ required ".Values.ozgcloud.muk.password must be set if muk and auth is enabled" (.Values.ozgcloud).muk.password }}
group: {{ (.Values.etr_user).group | default "Administratoren" }}
{{- end -}}
\ No newline at end of file
diff --git a/src/test/helm/deployment_muk_test.yaml b/src/test/helm/deployment_muk_test.yaml
index 74584662355eeb245f2cc5d6679247a9110f0b11..4926f4aa3ccc33235f2aecbb9d7bd04520bf6a23 100644
--- a/src/test/helm/deployment_muk_test.yaml
+++ b/src/test/helm/deployment_muk_test.yaml
@@ -41,8 +41,6 @@ tests:
authEnabled: true
server: muk.test.ozg.de
sender: "name"
- userName: user
- password: psw
asserts:
- contains:
path: spec.template.spec.containers[0].env
@@ -58,12 +56,20 @@ tests:
path: spec.template.spec.containers[0].env
content:
name: ozgcloud_muk_userName
- value: "user"
+ valueFrom:
+ secretKeyRef:
+ name: muk-user-secret
+ key: login
+ optional: false
- contains:
path: spec.template.spec.containers[0].env
content:
name: ozgcloud_muk_password
- value: "psw"
+ valueFrom:
+ secretKeyRef:
+ name: muk-user-secret
+ key: passwordHash
+ optional: false
- it: should not by default set muk values
asserts:
@@ -108,30 +114,7 @@ tests:
asserts:
- failedTemplate:
errorMessage: "ozgcloud.muk.server must be set if ozgcloud.muk is enabled"
- - it: should fail if muk user is not set when muk enabled and auth enabled
- set:
- ozgcloud:
- muk:
- enabled: true
- authEnabled: true
- sender: "name"
- server: muk.test.ozg.de
- password: psw
- asserts:
- - failedTemplate:
- errorMessage: "ozgcloud.muk.userName must be set if ozgcloud.muk auth is enabled"
- - it: should fail if muk password is not set when muk enabled and auth enabled
- set:
- ozgcloud:
- muk:
- enabled: true
- authEnabled: true
- sender: "name"
- server: muk.test.ozg.de
- userName: user
- asserts:
- - failedTemplate:
- errorMessage: "ozgcloud.muk.password must be set if ozgcloud.muk auth is enabled"
+