Single password

Out of the box, SUSE Observability is configured with a single password configuration, . This authenticates users with a single, randomly generated password created by the suse-observability-values chart. The password value can be found as comment in the generated suse-observability-values/templates/baseConfig_values.yaml.

This setup provisions an admin user with the generated password

This method for providing a password is suited to get started out-of-the-box, but for production one of the other is recommended.

Setting the single password through the values chart

To set an alternative password , add the following line to the values generation command during installation:

helm template \
  ...
  --set adminPassword='<password>' \
  ...
  suse-observability-values \
  suse-observability/suse-observability-values --output-dir $VALUES_DIR

Setting the single password in the helm chart

It is also possible to set the single password directly in the helm install invocation. This is done by creating a bcrypted string of the required password, using htpasswd -bnBC 10 "" <password> | tr -d ':\n' or using an online tool. The fill it into the helm invocation or separate values.yaml.

helm install \
  ...
  --set stackstate.authentication.adminPassword='<bcrypted_password>' \
  ...
  suse-observability \
  suse-observability/suse-observability --output-dir $VALUES_DIR

Using an external secret

kind: Secret
metadata:
   name: "<custom-secret-name>"
type: Opaque
data:
  default_password: <base64 of bcrypted password>

Creating a bcrypted version of a password can be done using htpasswd -bnBC 10 "" <password> | tr -d ':\n'.

See also