Skip to content

WPB:18722: Remove Postgres and smtp hard coded passwords #817

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Nov 3, 2025
Merged

WPB:18722: Remove Postgres and smtp hard coded passwords #817

merged 9 commits into from
Nov 3, 2025

Conversation

@sghosh23
Copy link
Contributor

@sghosh23 sghosh23 commented Oct 8, 2025
edited
Loading

Change type

  • Fix
  • Feature
  • Documentation
  • Security / Upgrade

Basic information

  • THIS CHANGE REQUIRES A DEPLOYMENT PACKAGE RELEASE
  • THIS CHANGE REQUIRES A WIRE-DOCS RELEASE

Testing

  • I ran/applied the changes myself, in a test environment.
  • The CI job attached to this repo will test it for me.

Tracking

  • I added a new entry in an appropriate subdirectory of changelog.d
  • I mentioned this PR in Jira, OR I mentioned the Jira ticket in this PR.
  • I mentioned this PR in one of the issues attached to one of our repositories.

Knowledge Transfer

  • An Asciinema session is attached to the Jira ticket.

Motivation

Objective

Reason

Use case

@sghosh23 sghosh23 marked this pull request as ready for review October 9, 2025 14:33
@sghosh23 sghosh23 requested review from a team and julialongtin as code owners October 9, 2025 14:33
@sghosh23
Copy link
Contributor Author

sghosh23 commented Oct 13, 2025

The PR has a dependent chart update: wireapp/helm-charts#44

julialongtin
julialongtin reviewed Oct 17, 2025
View reviewed changes
bin/demo-setup.sh
echo "⚠️ Warning: PostgreSQL secret exists but password is empty"
fi
else
echo "⚠️ Warning: PostgreSQL secret 'wire-postgresql-secret' not found in namespace '${NAMESPACE}'"
Copy link
Member

@julialongtin julialongtin Oct 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no failthrough to the values in the values file?

Copy link
Contributor Author

@sghosh23 sghosh23 Oct 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well, I was thinking if I should use the sync-k8s-secret-to-wire-secrets.sh here instead of setting the values as a flag and adding a default value for pgPassword in the secrets.yaml.

Copy link
Contributor Author

@sghosh23 sghosh23 Oct 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Switched to sync script so both demo and production are aligned now

@sghosh23 sghosh23 force-pushed the wpb-18722-hardcoded-pass branch from 4736b29 to 2b0ab14 Compare October 17, 2025 13:41
@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 17, 2025

Quality Gate Passed Quality Gate passed

Issues
5 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@julialongtin julialongtin merged commit ce3506f into master Nov 3, 2025
12 checks passed
@julialongtin julialongtin deleted the wpb-18722-hardcoded-pass branch November 3, 2025 13:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@julialongtin julialongtin julialongtin approved these changes

Assignees

No one assigned

Labels

demo-only

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@sghosh23 @julialongtin