Sanju/remove pg password from a2 platform file (#8674)

* Storing password in secret helper Signed-off-by: “SanjuPal01” <[email protected]> * Adding Dex Component Changes Signed-off-by: “SanjuPal01” <[email protected]> * Reading password from secret helper in notification-service Signed-off-by: “SanjuPal01” <[email protected]> --------- Signed-off-by: “SanjuPal01” <[email protected]>
chef · Feb 4, 2025 · 594a5f7 · 594a5f7
1 parent a54a4d0
commit 594a5f7
Show file tree

Hide file tree

Showing 13 changed files with 1,022 additions and 626 deletions.
diff --git a/api/config/pg_gateway/config_request.pb.a2svc.go b/api/config/pg_gateway/config_request.pb.a2svc.go
diff --git a/api/config/shared/global.go b/api/config/shared/global.go
@@ -257,7 +257,7 @@ func (c *GlobalConfig) Validate() error { // nolint gocyclo
 					"show",
 					"userconfig.es_password",
 				}
-				execGetPass := exec.Command(getLatestPlatformToolsPath()+"/bin/secrets-helper", args...)
+				execGetPass := exec.Command(GetLatestPlatformToolsPath()+"/bin/secrets-helper", args...)
 				getPass, err := execGetPass.Output()
 				if err != nil || string(getPass) == "" {
 					cfgErr.AddMissingKey("global.v1.external.elasticsearch.auth.basic_auth.password")
@@ -314,7 +314,7 @@ func (c *GlobalConfig) Validate() error { // nolint gocyclo
 					"show",
 					"userconfig.os_password",
 				}
-				execGetPass := exec.Command(getLatestPlatformToolsPath()+"/bin/secrets-helper", args...)
+				execGetPass := exec.Command(GetLatestPlatformToolsPath()+"/bin/secrets-helper", args...)
 				getPass, err := execGetPass.Output()
 				if err != nil || string(getPass) == "" {
 					cfgErr.AddMissingKey("global.v1.external.opensearch.auth.basic_auth.password")
@@ -348,7 +348,15 @@ func (c *GlobalConfig) Validate() error { // nolint gocyclo
 				cfgErr.AddMissingKey("global.v1.external.postgresql.auth.password.superuser.username")
 			}
 			if sp == "" {
-				cfgErr.AddMissingKey("global.v1.external.postgresql.auth.password.superuser.password")
+				args := []string{
+					"show",
+					"userconfig.pg_superuser_password",
+				}
+				execGetPass := exec.Command(GetLatestPlatformToolsPath()+"/bin/secrets-helper", args...)
+				getPass, err := execGetPass.Output()
+				if err != nil || string(getPass) == "" {
+					cfgErr.AddMissingKey("global.v1.external.postgresql.auth.password.superuser.password")
+				}
 			}
 
 			// dbuser username and password
@@ -358,7 +366,15 @@ func (c *GlobalConfig) Validate() error { // nolint gocyclo
 				cfgErr.AddMissingKey("global.v1.external.postgresql.auth.password.dbuser.username")
 			}
 			if dp == "" {
-				cfgErr.AddMissingKey("global.v1.external.postgresql.auth.password.dbuser.password")
+				args := []string{
+					"show",
+					"userconfig.pg_dbuser_password",
+				}
+				execGetPass := exec.Command(GetLatestPlatformToolsPath()+"/bin/secrets-helper", args...)
+				getPass, err := execGetPass.Output()
+				if err != nil || string(getPass) == "" {
+					cfgErr.AddMissingKey("global.v1.external.postgresql.auth.password.dbuser.password")
+				}
 			}
 		}
 	}
@@ -448,7 +464,7 @@ func (c *GlobalConfig) ValidateReDirectSysLogConfig() error {
 	return nil
 }
 
-func getLatestPlatformToolsPath() string {
+func GetLatestPlatformToolsPath() string {
 	cmd, err := exec.Command("/bin/sh", "-c", habPkgPlatformToolsPath).Output()
 	if err != nil {
 		fmt.Printf("error %s", err)

diff --git a/api/config/shared/global.pb.a2svc.go b/api/config/shared/global.pb.a2svc.go