From be9aa6c2f30cf311b5eb162fe24b7aa0f4ca6ca3 Mon Sep 17 00:00:00 2001 From: Tal Shor Date: Sun, 3 Sep 2023 08:34:52 +0300 Subject: [PATCH 01/13] add secret formats to readme --- README.md | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) diff --git a/README.md b/README.md index 0eb3117b..42a5ada3 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,7 @@ The SAP BTP service operator is based on the [Kubernetes Operator pattern](https * [Credentials Rotation](#credentials-rotation) * [Multitenancy](#multitenancy) * [Troubleshooting and Support](#troubleshooting-and-support) +* [Secret Formats](#secret-formats) * [Uninstalling the Operator](#uninstalling-the-operator) ## Architecture @@ -517,6 +518,71 @@ The SAP BTP service operator project maintainers will respond to the best of the [Back to top](#sap-business-technology-platform-sap-btp-service-operator-for-kubernetes) +## Secret Formats + +### Default +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data + +clientsecret: 81 bytes +instance_guid: 36 bytes +plan: 16 bytes +url: 75 bytes +clientid: 65 bytes +instance_external_name: 17 bytes +instance_name: 17 bytes +label: 15 bytes +sm_url: 63 bytes +type: 15 bytes +xsappname: 62 bytes +.metadata: 406 bytes +``` +### SecretKey +Done by adding in the binding spec: **secretKey: my-secret-key** +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data +==== +instance_guid: 36 bytes +instance_name: 17 bytes +label: 15 bytes +my-secret-key: 415 bytes +plan: 16 bytes +type: 15 bytes +.metadata: 286 bytes +instance_external_name: 17 bytes +``` + +### SecretRootKey +Done by adding in the binding spec: **SecretRootKey: my-secret-root-key** +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data +==== +my-secret-root-key: 628 bytes +``` + +[Back to top](#sap-business-technology-platform-sap-btp-service-operator-for-kubernetes) + ## Uninstalling the Operator Before you uninstall the operator, we recommend you manually delete all associated service instances and bindings. This way, you'll ensure all data stored with service instances and bindings are properly taken care of. Instances and bindings that were not manually deleted will be automatically deleted once you start the uninstallation process. From 8efe8c69839e5bc87f9b60b5db73a128f358acd8 Mon Sep 17 00:00:00 2001 From: Tal Shor Date: Sun, 3 Sep 2023 08:34:52 +0300 Subject: [PATCH 02/13] add secret formats to readme --- README.md | 94 ++++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 80 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 0eb3117b..ef2b3fee 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,7 @@ The SAP BTP service operator is based on the [Kubernetes Operator pattern](https * [Credentials Rotation](#credentials-rotation) * [Multitenancy](#multitenancy) * [Troubleshooting and Support](#troubleshooting-and-support) +* [Secret Formats](#secret-formats) * [Uninstalling the Operator](#uninstalling-the-operator) ## Architecture @@ -258,20 +259,20 @@ Review the supported Kubernetes API versions for the following SAP BTP Service O ### Service Binding #### Spec -| Parameter | Type | Description | -|:-----------------|:---------|:-----------------------------------------------------------------------------------------------------------| -| serviceInstanceName`*` | `string` | The Kubernetes name of the service instance to bind, should be in the namespace of the binding. | -| externalName | `string` | The name for the service binding in SAP BTP, defaults to the binding `metadata.name` if not specified. | -| secretName | `string` | The name of the secret where the credentials are stored, defaults to the binding `metadata.name` if not specified. | -| secretKey | `string` | The key inside the binding secret to store the credentials returned by the broker encoded as json to support complex data structures. | -| secretRootKey | `string` | The key inside the secret to store all binding data including credentials returned by the broker and additional info under single key.
Convenient way to store whole binding data in single file when using `volumeMounts`. | -| parameters | `[]object` | Some services support the provisioning of additional configuration parameters during the bind request.
For the list of supported parameters, check the documentation of the particular service offering.| -| parametersFrom | `[]object` | List of sources to populate parameters. | -| userInfo | `object` | Contains information about the user that last modified this service binding. | -| credentialsRotationPolicy | `object` | Holds automatic credentials rotation configuration. | -| credentialsRotationPolicy.enabled | `boolean` | Indicates whether automatic credentials rotation are enabled. | -| credentialsRotationPolicy.rotationFrequency | `duration` | Specifies the frequency at which the binding rotation is performed. | -| credentialsRotationPolicy.rotatedBindingTTL | `duration` | Specifies the time period for which to keep the rotated binding. | +| Parameter | Type | Description | +|:-----------------|:---------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| serviceInstanceName`*` | `string` | The Kubernetes name of the service instance to bind, should be in the namespace of the binding. | +| externalName | `string` | The name for the service binding in SAP BTP, defaults to the binding `metadata.name` if not specified. | +| secretName | `string` | The name of the secret where the credentials are stored, defaults to the binding `metadata.name` if not specified. | +| secretKey | `string` | The key inside the binding secret to store the credentials returned by the broker encoded as json to support complex data structures. [Example](#secret-formats) | +| secretRootKey | `string` | The key inside the secret to store all binding data including credentials returned by the broker and additional info under single key.
Convenient way to store whole binding data in single file when using `volumeMounts`. [Example](#secret-formats) | +| parameters | `[]object` | Some services support the provisioning of additional configuration parameters during the bind request.
For the list of supported parameters, check the documentation of the particular service offering. | +| parametersFrom | `[]object` | List of sources to populate parameters. | +| userInfo | `object` | Contains information about the user that last modified this service binding. | +| credentialsRotationPolicy | `object` | Holds automatic credentials rotation configuration. | +| credentialsRotationPolicy.enabled | `boolean` | Indicates whether automatic credentials rotation are enabled. | +| credentialsRotationPolicy.rotationFrequency | `duration` | Specifies the frequency at which the binding rotation is performed. | +| credentialsRotationPolicy.rotatedBindingTTL | `duration` | Specifies the time period for which to keep the rotated binding. | @@ -517,6 +518,71 @@ The SAP BTP service operator project maintainers will respond to the best of the [Back to top](#sap-business-technology-platform-sap-btp-service-operator-for-kubernetes) +## Secret Formats + +### Default +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data + +clientsecret: 81 bytes +instance_guid: 36 bytes +plan: 16 bytes +url: 75 bytes +clientid: 65 bytes +instance_external_name: 17 bytes +instance_name: 17 bytes +label: 15 bytes +sm_url: 63 bytes +type: 15 bytes +xsappname: 62 bytes +.metadata: 406 bytes +``` +### SecretKey +Done by adding in the binding spec: **secretKey: my-secret-key** +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data +==== +instance_guid: 36 bytes +instance_name: 17 bytes +label: 15 bytes +my-secret-key: 415 bytes +plan: 16 bytes +type: 15 bytes +.metadata: 286 bytes +instance_external_name: 17 bytes +``` + +### SecretRootKey +Done by adding in the binding spec: **SecretRootKey: my-secret-root-key** +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data +==== +my-secret-root-key: 628 bytes +``` + +[Back to top](#sap-business-technology-platform-sap-btp-service-operator-for-kubernetes) + ## Uninstalling the Operator Before you uninstall the operator, we recommend you manually delete all associated service instances and bindings. This way, you'll ensure all data stored with service instances and bindings are properly taken care of. Instances and bindings that were not manually deleted will be automatically deleted once you start the uninstallation process. From 4c0108b58ee74c09356caa108d23dc1ffe580404 Mon Sep 17 00:00:00 2001 From: Tal Shor Date: Sun, 3 Sep 2023 08:34:52 +0300 Subject: [PATCH 03/13] add secret formats to readme --- README.md | 94 ++++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 80 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 0eb3117b..ef2b3fee 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,7 @@ The SAP BTP service operator is based on the [Kubernetes Operator pattern](https * [Credentials Rotation](#credentials-rotation) * [Multitenancy](#multitenancy) * [Troubleshooting and Support](#troubleshooting-and-support) +* [Secret Formats](#secret-formats) * [Uninstalling the Operator](#uninstalling-the-operator) ## Architecture @@ -258,20 +259,20 @@ Review the supported Kubernetes API versions for the following SAP BTP Service O ### Service Binding #### Spec -| Parameter | Type | Description | -|:-----------------|:---------|:-----------------------------------------------------------------------------------------------------------| -| serviceInstanceName`*` | `string` | The Kubernetes name of the service instance to bind, should be in the namespace of the binding. | -| externalName | `string` | The name for the service binding in SAP BTP, defaults to the binding `metadata.name` if not specified. | -| secretName | `string` | The name of the secret where the credentials are stored, defaults to the binding `metadata.name` if not specified. | -| secretKey | `string` | The key inside the binding secret to store the credentials returned by the broker encoded as json to support complex data structures. | -| secretRootKey | `string` | The key inside the secret to store all binding data including credentials returned by the broker and additional info under single key.
Convenient way to store whole binding data in single file when using `volumeMounts`. | -| parameters | `[]object` | Some services support the provisioning of additional configuration parameters during the bind request.
For the list of supported parameters, check the documentation of the particular service offering.| -| parametersFrom | `[]object` | List of sources to populate parameters. | -| userInfo | `object` | Contains information about the user that last modified this service binding. | -| credentialsRotationPolicy | `object` | Holds automatic credentials rotation configuration. | -| credentialsRotationPolicy.enabled | `boolean` | Indicates whether automatic credentials rotation are enabled. | -| credentialsRotationPolicy.rotationFrequency | `duration` | Specifies the frequency at which the binding rotation is performed. | -| credentialsRotationPolicy.rotatedBindingTTL | `duration` | Specifies the time period for which to keep the rotated binding. | +| Parameter | Type | Description | +|:-----------------|:---------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| serviceInstanceName`*` | `string` | The Kubernetes name of the service instance to bind, should be in the namespace of the binding. | +| externalName | `string` | The name for the service binding in SAP BTP, defaults to the binding `metadata.name` if not specified. | +| secretName | `string` | The name of the secret where the credentials are stored, defaults to the binding `metadata.name` if not specified. | +| secretKey | `string` | The key inside the binding secret to store the credentials returned by the broker encoded as json to support complex data structures. [Example](#secret-formats) | +| secretRootKey | `string` | The key inside the secret to store all binding data including credentials returned by the broker and additional info under single key.
Convenient way to store whole binding data in single file when using `volumeMounts`. [Example](#secret-formats) | +| parameters | `[]object` | Some services support the provisioning of additional configuration parameters during the bind request.
For the list of supported parameters, check the documentation of the particular service offering. | +| parametersFrom | `[]object` | List of sources to populate parameters. | +| userInfo | `object` | Contains information about the user that last modified this service binding. | +| credentialsRotationPolicy | `object` | Holds automatic credentials rotation configuration. | +| credentialsRotationPolicy.enabled | `boolean` | Indicates whether automatic credentials rotation are enabled. | +| credentialsRotationPolicy.rotationFrequency | `duration` | Specifies the frequency at which the binding rotation is performed. | +| credentialsRotationPolicy.rotatedBindingTTL | `duration` | Specifies the time period for which to keep the rotated binding. | @@ -517,6 +518,71 @@ The SAP BTP service operator project maintainers will respond to the best of the [Back to top](#sap-business-technology-platform-sap-btp-service-operator-for-kubernetes) +## Secret Formats + +### Default +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data + +clientsecret: 81 bytes +instance_guid: 36 bytes +plan: 16 bytes +url: 75 bytes +clientid: 65 bytes +instance_external_name: 17 bytes +instance_name: 17 bytes +label: 15 bytes +sm_url: 63 bytes +type: 15 bytes +xsappname: 62 bytes +.metadata: 406 bytes +``` +### SecretKey +Done by adding in the binding spec: **secretKey: my-secret-key** +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data +==== +instance_guid: 36 bytes +instance_name: 17 bytes +label: 15 bytes +my-secret-key: 415 bytes +plan: 16 bytes +type: 15 bytes +.metadata: 286 bytes +instance_external_name: 17 bytes +``` + +### SecretRootKey +Done by adding in the binding spec: **SecretRootKey: my-secret-root-key** +```bash +Name: sample-binding-1 +Namespace: default +Labels: +Annotations: binding: sample-binding-1 + +Type: Opaque + +Data +==== +my-secret-root-key: 628 bytes +``` + +[Back to top](#sap-business-technology-platform-sap-btp-service-operator-for-kubernetes) + ## Uninstalling the Operator Before you uninstall the operator, we recommend you manually delete all associated service instances and bindings. This way, you'll ensure all data stored with service instances and bindings are properly taken care of. Instances and bindings that were not manually deleted will be automatically deleted once you start the uninstallation process. From 2d88bbe1af5364470e144905e1467bafe2dda287 Mon Sep 17 00:00:00 2001 From: Daniel Korac <99260961+danielforsap@users.noreply.github.com> Date: Thu, 14 Sep 2023 15:06:32 +0300 Subject: [PATCH 04/13] Update README.md Changed the credentials format descriptions --- README.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 0a080c1b..e52a5841 100644 --- a/README.md +++ b/README.md @@ -520,7 +520,8 @@ The SAP BTP service operator project maintainers will respond to the best of the ## Formats of Secret Objects -### Default +### Credentials as Key-Value Pairs (default) +Credentials are returned from the broker as key-value pairs. ```bash #Credentials section uri: https://feature-flags.cfapps.stagingaws.hanavlab.ondemand.com @@ -534,7 +535,8 @@ plan: lite type: feature-flags // The service offering name ``` -### SecretKey +### Credentials as a JSON Object +Credentials are returned from the broker as a JSON object. To use SecretKey, add 'secretKey: your-secret-value' to the spec. ```bash #Credentials section @@ -552,7 +554,8 @@ plan: lite type: feature-flags // The service offering name ``` -### SecretRootKey +### Credentials and Binding Info as One JSON Object +Credentials and binding info are returned from the broker as a JSON object. To use SecretRootKey, add 'secretRootKey: your-secret-value' to the spec. ```bash your-secret-value: From a8783ca6439c47973a60b4effd3497d06b65c114 Mon Sep 17 00:00:00 2001 From: Daniel Korac <99260961+danielforsap@users.noreply.github.com> Date: Thu, 14 Sep 2023 15:58:49 +0300 Subject: [PATCH 05/13] Update README.md --- README.md | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 97845eb7..20d8c32b 100644 --- a/README.md +++ b/README.md @@ -520,23 +520,25 @@ The SAP BTP service operator project maintainers will respond to the best of the ## Formats of Secret Objects -### Key value pairs - default +### Key- Value Pairs (default) +The binding object includes credentials returned from the broker and service instance info presented as key-value pairs. ```bash #Credentials uri: https://my-service.authentication.eu10.hana.ondemand.com username: admin password: ******** -#Service info -instance_guid: // The service instance id +#Service instance info +instance_guid: // The service instance ID instance_name: my-service-btp-name // Taken from the service instance external_name field if set or metadata.name else plan: sample-plan // The service plan name type: sample-service // The service offering name ``` -### Credentials as json object -Credentials are returned from the broker as a JSON object. -To use SecretKey, add 'secretKey: your-secret-value' to the spec. +### Credentials as JSON Object +To show credentials returned from the broker as a JSON object, add 'secretKey: your-secret-value' to the binding spec. + +your-secret-vaue will become a JSON object that contains credentials and service instance info remains presented as key-value pairs. ```bash #Credentials your-secret-value: @@ -546,16 +548,18 @@ your-secret-value: password: ******** } -#Service info -instance_guid: // The service instance id +#Service Instance info +instance_guid: // The service instance ID instance_name: my-service-btp-name // Taken from the service instance external_name field if set or metadata.name else plan: sample-plan // The service plan name type: sample-service // The service offering name ``` ## Credentials and Binding Info as One JSON Object -Credentials and binding info are returned from the broker as a JSON object. -To use SecretRootKey, add 'secretRootKey: your-secret-value' to the spec. +To show both credentials returned from the broker and service instance info as a JSON object, add 'secretRootKey: your-secret-value' to the binding spec. + +your-secret-value becomes a JSON object that contains all the info. + ```bash your-secret-value: { From 2a2bb0a280409ddfdec010bd9c40c2e3ad043b62 Mon Sep 17 00:00:00 2001 From: Daniel Korac <99260961+danielforsap@users.noreply.github.com> Date: Mon, 18 Sep 2023 12:37:40 +0300 Subject: [PATCH 06/13] Update README.md UA changes --- README.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index ae70e50e..f225896a 100644 --- a/README.md +++ b/README.md @@ -520,7 +520,7 @@ The SAP BTP service operator project maintainers will respond to the best of the ## Formats of Secret Objects -### Key- Value Pairs (default) +### Key- Value Pairs (Default) The binding object includes credentials returned from the broker and service instance info presented as key-value pairs. ```bash #Credentials @@ -530,7 +530,7 @@ password: ******** #Service instance info instance_guid: // The service instance ID -instance_name: my-service-btp-name // Taken from the service instance external_name field if set or metadata.name else +instance_name: my-service-btp-name // Taken from the service instance external_name field if set. Otherwise from metadata.name plan: sample-plan // The service plan name type: sample-service // The service offering name ``` @@ -538,7 +538,7 @@ type: sample-service // The service offering name ### Credentials as JSON Object To show credentials returned from the broker as a JSON object, add 'secretKey: your-secret-value' to the binding spec. -your-secret-vaue will become a JSON object that contains credentials and service instance info remains presented as key-value pairs. +your-secret-vaue will be a key for a value in JSON format that contains credentials while service instance info remains presented in key-value pairs. ```bash #Credentials your-secret-value: @@ -550,7 +550,7 @@ your-secret-value: #Service Instance info instance_guid: // The service instance ID -instance_name: my-service-btp-name // Taken from the service instance external_name field if set or metadata.name else +instance_name: my-service-btp-name // Taken from the service instance external_name field if set. Otherwise from metadata.name plan: sample-plan // The service plan name type: sample-service // The service offering name ``` @@ -558,7 +558,7 @@ type: sample-service // The service offering name ## Credentials and Binding Info as One JSON Object To show both credentials returned from the broker and service instance info as a JSON object, add 'secretRootKey: your-secret-value' to the binding spec. -your-secret-value becomes a JSON object that contains all the info. +your-secret-value becomes a key that contains credentials and service instance info in a JSON format. ```bash your-secret-value: @@ -570,7 +570,7 @@ your-secret-value: #Service info instance_guid: // The service instance id - instance_name: my-service-btp-name // Taken from the service instance external_name field if set or metadata.name else + instance_name: my-service-btp-name // Taken from the service instance external_name field if set. Otherwise from metadata.name plan: sample-plan // The service plan name type: sample-service // The service offering name } From b268120563b411cd72bd51eda3b5f8f7ec6d92a0 Mon Sep 17 00:00:00 2001 From: TalShorSap <108805932+TalShorSap@users.noreply.github.com> Date: Mon, 18 Sep 2023 13:30:21 +0300 Subject: [PATCH 07/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f225896a..3328520c 100644 --- a/README.md +++ b/README.md @@ -568,7 +568,7 @@ your-secret-value: username: admin password: ******** - #Service info + #Service Instance info instance_guid: // The service instance id instance_name: my-service-btp-name // Taken from the service instance external_name field if set. Otherwise from metadata.name plan: sample-plan // The service plan name From 9ce5e9238ddda587db100a9a17f51903debc2f2c Mon Sep 17 00:00:00 2001 From: TalShorSap <108805932+TalShorSap@users.noreply.github.com> Date: Mon, 18 Sep 2023 17:38:27 +0300 Subject: [PATCH 08/13] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 3328520c..931b5000 100644 --- a/README.md +++ b/README.md @@ -264,8 +264,8 @@ spec: | serviceInstanceName`*` | `string` | The Kubernetes name of the service instance to bind, should be in the namespace of the binding. | | externalName | `string` | The name for the service binding in SAP BTP, defaults to the binding `metadata.name` if not specified. | | secretName | `string` | The name of the secret where the credentials are stored, defaults to the binding `metadata.name` if not specified. | -| secretKey | `string` | Property of the Secret object that stores service binding data (credentials) returned from the broker. It is encoded as a JSON object to support complex data structures. [Example](#formats-of-secret-objects) | -| secretRootKey | `string` | The root key is a part of the Secret object, which stores service binding data (credentials) received from the broker, as well as additional information. When the root key is used, all data is stored under a single key. This makes it a convenient way to store data in one file when using volumeMounts. [Example](#formats-of-secret-objects) | +| secretKey | `string` | The secret key is a part of the Secret object, which stores service binding data (credentials) received from the broker. When the secret key is used, all the credentials are stored under a single key. This makes it a convenient way to store credentials data in one file when using volumeMounts. [Example](#formats-of-secret-objects) | +| secretRootKey | `string` | The root key is a part of the Secret object, which stores service binding data (credentials) received from the broker, as well as additional service instance information. When the root key is used, all data is stored under a single key. This makes it a convenient way to store data in one file when using volumeMounts. [Example](#formats-of-secret-objects) | | parameters | `[]object` | Some services support the provisioning of additional configuration parameters during the bind request.
For the list of supported parameters, check the documentation of the particular service offering. | | parametersFrom | `[]object` | List of sources to populate parameters. | | userInfo | `object` | Contains information about the user that last modified this service binding. | From 45f8fc279a2f92fbb0a0edb0b57e961c4bf3e8ce Mon Sep 17 00:00:00 2001 From: TalShorSap <108805932+TalShorSap@users.noreply.github.com> Date: Mon, 18 Sep 2023 23:48:55 +0300 Subject: [PATCH 09/13] Update README.md --- README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 931b5000..aaa6251b 100644 --- a/README.md +++ b/README.md @@ -192,6 +192,7 @@ kind: ServiceBinding metadata: name: my-binding spec: + secretKey: my-key-value serviceInstanceName: my-service-instance externalName: my-binding-external secretName: my-secret @@ -536,12 +537,12 @@ type: sample-service // The service offering name ``` ### Credentials as JSON Object -To show credentials returned from the broker as a JSON object, add 'secretKey: your-secret-value' to the binding spec. +To show credentials returned from the broker as a JSON object, add 'secretKey: my-key-value' to the binding spec. -your-secret-vaue will be a key for a value in JSON format that contains credentials while service instance info remains presented in key-value pairs. +my-key-value will be a key for a value in JSON format that contains credentials while service instance info remains presented in key-value pairs. ```bash #Credentials -your-secret-value: +my-key-value: { uri: https://my-service.authentication.eu10.hana.ondemand.com username: admin @@ -555,13 +556,13 @@ plan: sample-plan // The service plan name type: sample-service // The service offering name ``` -## Credentials and Binding Info as One JSON Object -To show both credentials returned from the broker and service instance info as a JSON object, add 'secretRootKey: your-secret-value' to the binding spec. +## Credentials and service info as One JSON Object +To show both credentials returned from the broker and service instance info as a JSON object, add 'secretRootKey: my-key-value' to the binding spec. -your-secret-value becomes a key that contains credentials and service instance info in a JSON format. +my-key-value becomes a key that contains credentials and service instance info in a JSON format. ```bash -your-secret-value: +my-key-value: { #Credentials uri: https://my-service.authentication.eu10.hana.ondemand.com From 390a3a454df8da3605b02e509d9a1e202da398d1 Mon Sep 17 00:00:00 2001 From: TalShorSap <108805932+TalShorSap@users.noreply.github.com> Date: Tue, 19 Sep 2023 10:20:25 +0300 Subject: [PATCH 10/13] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index aaa6251b..eac70c9b 100644 --- a/README.md +++ b/README.md @@ -437,7 +437,7 @@ There are two options to maintain namespace-specific credentials, and they diffe ### Default Access Credentials - Define a secret named `sap-btp-service-operator` in the namespace. `ServiceInstance` and `ServiceBinding` that are applied in the namespace will belong to the subaccount from which the credentials were issued. -- Define different secrets for different namespaces in a [centrally managed namespace](./sapbtp-operator-charts/templates/configmap.yml), following the secret naming convention: `sap-btp-service-operator-`. +- Define different secrets for different namespaces in a [centrally managed namespace](./sapbtp-operator-charts/templates/configmap.yml), following the secret naming convention: `-sap-btp-service-operator`. #### Namespace Secret Structure ```yaml apiVersion: v1 From 0d738064a700208803bdd507fca24906d621134f Mon Sep 17 00:00:00 2001 From: TalShorSap <108805932+TalShorSap@users.noreply.github.com> Date: Wed, 20 Sep 2023 11:51:08 +0300 Subject: [PATCH 11/13] Update README.md --- README.md | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index eac70c9b..922ba076 100644 --- a/README.md +++ b/README.md @@ -537,12 +537,13 @@ type: sample-service // The service offering name ``` ### Credentials as JSON Object -To show credentials returned from the broker as a JSON object, add 'secretKey: my-key-value' to the binding spec. +To show credentials returned from the broker as a JSON object, use the 'secretKey' attribute in the service binding spec. + +The value of 'secretKey' will be the name of the key that stores the credentials in a JSON format. -my-key-value will be a key for a value in JSON format that contains credentials while service instance info remains presented in key-value pairs. ```bash #Credentials -my-key-value: +your-secretKey-value: { uri: https://my-service.authentication.eu10.hana.ondemand.com username: admin @@ -556,13 +557,13 @@ plan: sample-plan // The service plan name type: sample-service // The service offering name ``` -## Credentials and service info as One JSON Object -To show both credentials returned from the broker and service instance info as a JSON object, add 'secretRootKey: my-key-value' to the binding spec. +### Credentials and Service Info as One JSON Object +To show both credentials returned from the broker and service instance info as a JSON object, use the 'secretRootKey' attribute in the service binding spec. -my-key-value becomes a key that contains credentials and service instance info in a JSON format. +The value of 'secretRootKey' will be the name of the key that stores both credentials and serivce instance info in a JSON format. ```bash -my-key-value: +your-secretRootKey-value: { #Credentials uri: https://my-service.authentication.eu10.hana.ondemand.com From 6a42be477e13e141f9036d0103de9ac6f82aaf08 Mon Sep 17 00:00:00 2001 From: TalShorSap <108805932+TalShorSap@users.noreply.github.com> Date: Wed, 20 Sep 2023 11:51:28 +0300 Subject: [PATCH 12/13] Update README.md --- README.md | 1 - 1 file changed, 1 deletion(-) diff --git a/README.md b/README.md index 922ba076..b04f1d3b 100644 --- a/README.md +++ b/README.md @@ -192,7 +192,6 @@ kind: ServiceBinding metadata: name: my-binding spec: - secretKey: my-key-value serviceInstanceName: my-service-instance externalName: my-binding-external secretName: my-secret From 763d75bc012f47c6822ec311dd4ccf82f7d3e42e Mon Sep 17 00:00:00 2001 From: Daniel Korac <99260961+danielforsap@users.noreply.github.com> Date: Wed, 20 Sep 2023 11:57:33 +0300 Subject: [PATCH 13/13] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index b04f1d3b..f0f8ac62 100644 --- a/README.md +++ b/README.md @@ -538,7 +538,7 @@ type: sample-service // The service offering name ### Credentials as JSON Object To show credentials returned from the broker as a JSON object, use the 'secretKey' attribute in the service binding spec. -The value of 'secretKey' will be the name of the key that stores the credentials in a JSON format. +The value of 'secretKey' is the name of the key that stores the credentials in JSON format. ```bash #Credentials @@ -559,7 +559,7 @@ type: sample-service // The service offering name ### Credentials and Service Info as One JSON Object To show both credentials returned from the broker and service instance info as a JSON object, use the 'secretRootKey' attribute in the service binding spec. -The value of 'secretRootKey' will be the name of the key that stores both credentials and serivce instance info in a JSON format. +The value of 'secretRootKey' is the name of the key that stores both credentials and serivce instance info in JSON format. ```bash your-secretRootKey-value: