odpi#179 add option to set password for jupyter

Signed-off-by: Nigel Jones <nigel.l.jones+git@gmail.com>

charts/odpi-egeria-lab/Chart.yaml

@@ -4,7 +4,7 @@
 name: odpi-egeria-lab
 description: Egeria lab environment
 apiVersion: v2
-version: 3.11.0
+version: 3.11.1
 appVersion: "3.11"
 icon: https://raw.githubusercontent.com/odpi/egeria/99016e77167fa30dcfade809b061358a92a59973/assets/img/egeria.png
 keywords:

charts/odpi-egeria-lab/templates/jupyter.yaml

@@ -87,6 +87,18 @@ spec:
               value: "YES"
             - name: DOCKER_STACKS_JUPYTER_CMD
               value: "lab --notebook-dir=/home/jovyan/work"
+            # If value not passed, a password will be generated, otherwise get from configmap (and must exist)
+            {{ if .Values.jupyter.tokenSecret }}
+            - name: JUPYTER_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.jupyter.tokenSecret }}
+                  key: password
+                  optional: false
+            {{ else if .Values.jupyter.tokenPlain }}
+            - name: JUPYTER_TOKEN
+              value: {{ .Values.jupyter.tokenPlain }}
+            {{ end }}
             # Contains the truststore from Egeria self-signed certs, in .pem format
             #- name: REQUESTS_CA_BUNDLE
             #  value: "/home/jovyan/ssl/truststore.pem"

charts/odpi-egeria-lab/values.yaml

@@ -50,6 +50,11 @@ jupyter:
   scriptSleepAfter: "0"
   # Size for jupyter work
   storageSize: "1Gi"
+  # If assigned, will use the 'password' entry as the name of the secret to seed the Jupyter password
+  # to create: kubectl create secret generic jupyter-lab-secret --from-literal=password='s3cr3t!'
+  # tokenSecret:
+  # If passwordSecret not set, but passwordPlain is, we use this as cleartext **INSECURE**
+  # tokenPlain:
 
 debug:
   egeriaJVM: false