Hi team,
We want to deploy SonarQube on Kubernetes with settings encryption, so the goal is to remove clear passwords from settings (database or SCM credentials for instance). We have deployed the server without encryption which is up and running. But when configuring the generated secret key to the value.yml, we are getting persistent volume claim errors which leads the pod to a pending state. So can anyone explain where we made the mistake?
NAME READY STATUS RESTARTS AGE
sonarqube-postgresql-0 1/1 Running 0 2h
sonarqube-sonarqube-0 0/1 Pending 0 2h
value.yaml file:
Secret created:
Interested in hearing how this is done. Thanks!
Hello @bijin.benny and welcome to the community!
I’m not sure if this is the cause of your error, but I think there is some confusions between sonarSecretProperties
and sonarSecretKey
, which are two different entities:
- You can load additional secret properties with the property
sonarSecretProperties
- You can set the encryption with
sonarSecretKey
In your case, since you want to set the encryption, you should only use sonarSecretKey
property, and the key in the secret should be sonar-secret.txt
(and not sonar-secret
as per your screenshot).
Here is an example of a command to generate the secret from a file:
kubectl create secret generic my-secret --from-file=sonar-secret.txt
You can refer to this SonarQube to implement this
Hi @leo.geoffroy,
Thank you for your quick reply.
We will try it out