Use secret manager instead of mysql environment variables

Dhanabal2710 · October 4, 2022, 6:12pm

We have configured temporal in GKE with workload identity enabled we are using cloudsql proxy mysql.

In order connect to database temporal needs mysql DB name, MYSQL_USERNAME, MYSQL_PASSWORD. We don’t want to keep environment variables directly read secret from manager.

Is there any way to ise temporal cluster without DB environment variables?

What is the best best practice to work temporal along with Google secret manager?

tihomir · October 5, 2022, 5:11am

Are you deploying via helm chart? If so you should be able to set up your secrets and then reference them via existingSecret in config.

Topic		Replies	Views
Issue with temporal-sql-tool command on GKE Community Support mysql	2	588	September 30, 2022
Schema setup and update jobs for MySQL Community Support mysql	1	1139	August 11, 2022
How to provide DB credentials to Temporal from a file Community Support helm , database , security	2	801	September 20, 2022
How to provide DB credentials to temporal in production? Community Support mysql , helm , database	2	1231	September 19, 2022
Deploy on GKE with CloudSQL (& CloudProxy as Sidecar) Community Support	2	1518	December 14, 2020

Use secret manager instead of mysql environment variables

Related Topics