Creating a secret

A secret is used for setting sensitive information for creating SIPEnvironment through IBM® Sterling Intelligent Promising Operator.

1. Create a <sample_secret_file>.yaml file as illustrated in the following example:
   Note: truststore_password is mandatory.

   apiVersion: v1
   kind: Secret
   metadata:
     name: <Release-name>-sip-secret
   type: Opaque
   stringData:
     truststore_password: <password for TrustStore>  # This password is used to create a truststore.

   • If your Cassandra instance is not installed by the operator, add the following property to the <sample_secret_file>.yaml file. For more information, see Configuring cassandra parameter.

     cassandra_username: <username for cassandra>
     cassandra_password: <password for cassandra>
     

   • If your Elasticsearch instance is not installed by the operator, add the following property to the <sample_secret_file>.yaml file. For more information, see Configuring elasticsearch parameter.

     elasticsearch_username: <username for elasticsearch>
     elasticsearch_password: <password for elasticsearch>
     

   • If your Kafka instance is not installed by the Operator, add the following properties to the <sample_secret_file>.yaml file. For more information, see Configuring the kafka parameter.

     # Required secret
     kafka_security_protocol: <security protocol for kafka>

     # Optional secret
     kafka_sasl_jaas_config: <sasl jaas cofing for kafka>
     kafka_user: <username for kafka>
     kafka_password: <password for kafka >
     kafka_sasl_mechanism: <sasl mechanism for kafka>
     

   • If your log channel is KAFKA and specifying loggingContactPoints, then add the same Kafka properties to the <sample_secret_file>.yaml with log_ prefix. For more information, see loggingContactPoints in Configuring the kafka parameter and Configuring log parameter.

     #Required secret
     log_kafka_security_protocol: <security protocol for kafka - logging>

     # Optional secret
     log_kafka_sasl_jaas_config: <sasl jaas cofing for kafka>
     log_kafka_ user: <username for kafka>
     log_kafka_password: <password for kafka >
     log_kafka_sasl_mechanism: <sasl mechanism for kafka>
     

   Note: Ensure to set the values based on your external instance configurations.
2. Pass the name of the secret as a value to the secret parameter of SIPEnvironment spec.
3. Run the following command.

   oc create -f <sample_secret_file>.yaml  -n <namespace>
   

   A secret based on the values added in the <sample_secret_file>.yaml file is created and encoded.