From f0d9f1aa141ff6d3866ded1e3e1551ecb3538418 Mon Sep 17 00:00:00 2001
From: "seokyun.ha" <127274415+Seokyun-Ha@users.noreply.github.com>
Date: Fri, 16 Jun 2023 05:26:14 +0900
Subject: [PATCH] feat: Default User Credentials (#321)

Co-authored-by: david-leifker <114954101+david-leifker@users.noreply.github.com>
---
 charts/datahub/Chart.yaml                        |  2 +-
 charts/datahub/quickstart-values-with-neo4j.yaml |  6 ++++++
 .../datahub-frontend/templates/deployment.yaml   | 11 +++++++++++
 .../datahub-frontend/templates/user-secrets.yaml | 16 ++++++++++++++++
 charts/datahub/values.yaml                       |  6 ++++++
 5 files changed, 40 insertions(+), 1 deletion(-)
 create mode 100644 charts/datahub/subcharts/datahub-frontend/templates/user-secrets.yaml

diff --git a/charts/datahub/Chart.yaml b/charts/datahub/Chart.yaml
index 270209c55..519c57c70 100644
--- a/charts/datahub/Chart.yaml
+++ b/charts/datahub/Chart.yaml
@@ -4,7 +4,7 @@ description: A Helm chart for LinkedIn DataHub
 type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
-version: 0.2.173
+version: 0.2.174
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application.
 appVersion: 0.10.4
diff --git a/charts/datahub/quickstart-values-with-neo4j.yaml b/charts/datahub/quickstart-values-with-neo4j.yaml
index 036798cfd..cf033a9c3 100644
--- a/charts/datahub/quickstart-values-with-neo4j.yaml
+++ b/charts/datahub/quickstart-values-with-neo4j.yaml
@@ -16,6 +16,12 @@ datahub-frontend:
   # Set up ingress to expose react front-end
   ingress:
     enabled: false
+  defaultUserCredentials: {}
+  #  randomAdminPassword: true
+  #  # You can also set specific passwords for default users
+  #  # manualValues: |
+  #  #   datahub:manualPassword
+  #  #   initialViewer:manualPassword
 
 acryl-datahub-actions:
   enabled: true
diff --git a/charts/datahub/subcharts/datahub-frontend/templates/deployment.yaml b/charts/datahub/subcharts/datahub-frontend/templates/deployment.yaml
index 2b7345862..914c97f81 100644
--- a/charts/datahub/subcharts/datahub-frontend/templates/deployment.yaml
+++ b/charts/datahub/subcharts/datahub-frontend/templates/deployment.yaml
@@ -42,6 +42,12 @@ spec:
             defaultMode: 0444
             secretName: {{ .name }}
         {{- end }}
+        {{- if .Values.defaultUserCredentials }}
+        - name: datahub-default-users
+          secret:
+            defaultMode: 0444
+            secretName: {{ printf "%s-user-secret" .Release.Name }}
+        {{- end }}
       {{- with .Values.extraVolumes }}
         {{- toYaml . | nindent 8 }}
       {{- end }}
@@ -217,6 +223,11 @@ spec:
             - name: datahub-certs-dir
               mountPath: {{ .path | default "/mnt/certs" }}
           {{- end }}
+          {{- if .Values.defaultUserCredentials }}
+            - name: datahub-default-users
+              mountPath: /datahub-frontend/conf/user.props
+              subPath: user.props
+          {{- end }}
           {{- with .Values.extraVolumeMounts }}
             {{- toYaml . | nindent 12 }}
           {{- end }}
diff --git a/charts/datahub/subcharts/datahub-frontend/templates/user-secrets.yaml b/charts/datahub/subcharts/datahub-frontend/templates/user-secrets.yaml
new file mode 100644
index 000000000..4bb5628a6
--- /dev/null
+++ b/charts/datahub/subcharts/datahub-frontend/templates/user-secrets.yaml
@@ -0,0 +1,16 @@
+{{- if .Values.defaultUserCredentials }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ printf "%s-user-secret" .Release.Name }}
+  labels:
+    {{- include "datahub-frontend.labels" . | nindent 4 }}
+type: Opaque
+data:
+  user.props:
+    {{- if .Values.defaultUserCredentials.randomAdminPassword }}
+      {{ printf "datahub:%s" (randAlphaNum 32) | b64enc | quote }}
+    {{- else if .Values.defaultUserCredentials.manualValues }}
+      {{ .Values.defaultUserCredentials.manualValues | b64enc | quote }}
+    {{- end }}
+{{- end -}}
\ No newline at end of file
diff --git a/charts/datahub/values.yaml b/charts/datahub/values.yaml
index d777bfd7f..35f558475 100644
--- a/charts/datahub/values.yaml
+++ b/charts/datahub/values.yaml
@@ -33,6 +33,12 @@ datahub-frontend:
   # Set up ingress to expose react front-end
   ingress:
     enabled: false
+  defaultUserCredentials: {}
+  #  randomAdminPassword: true
+  #  # You can also set specific passwords for default users
+  #  # manualValues: |
+  #  #   datahub:manualPassword
+  #  #   initialViewer:manualPassword
 
 acryl-datahub-actions:
   enabled: true