Add custom storageClass per database #590
Conversation
…rypted storage class can be selected at any time by the user
| @@ -301,7 +301,7 @@ func main() { | |||
| viper.SetDefault(enableLBSourceRangesFlg, true) | |||
| enableLBSourceRanges = viper.GetBool(enableLBSourceRangesFlg) | |||
|
|
|||
| viper.SetDefault(enableRandomStorageEncryptionSecretFlg, false) | |||
| viper.SetDefault(enableRandomStorageEncryptionSecretFlg, true) | |||
There was a problem hiding this comment.
This could break backward compatibility i think. So i hope you know what you are doing here (tbh: i don't know the impacts of this default inversion).
There was a problem hiding this comment.
I hope so too :-)
Bute jokes aside: This simply does what it says, it creates a secret with a specific name and generates a random key inside it (once). When using certain encrypted storageClasses this is already enabled anyway, and other storageClasses will simply ignore it.
Should be safe.
This way, we can globally allow encrypted storage classes without having to remember to enable this flag for all environments.
Alternatively, we could simply globally enable it in the deployment. All the same to me, let's discuss this in the next meeting.
No description provided.