# limitations under the License.
#
+require 'securerandom'
+
doc_url = 'https://hub.docker.com/r/screwdrivercd/screwdriver/'
::Chef::Recipe.send(:include, SSLCert::Helper)
db_username = nil
db_username_vault_item = node['screwdriver']['db_username_vault_item']
-unless db_username_vault_item.empty?
- db_username = get_vault_item_value(db_username_vault_item)
- api_envs['DATASTORE_SEQUELIZE_USERNAME'] = '${DB_USERNAME}'
-end
+db_username = get_vault_item_value(db_username_vault_item) unless db_username_vault_item.empty?
+db_username = 'sd-admin' if db_username.nil?
+api_envs['DATASTORE_SEQUELIZE_USERNAME'] = '${DB_USERNAME}'
db_password = nil
db_password_vault_item = node['screwdriver']['db_password_vault_item']
-unless db_password_vault_item.empty?
- db_password = get_vault_item_value(db_password_vault_item)
- api_envs['DATASTORE_SEQUELIZE_PASSWORD'] = '${DB_PASSWORD}'
-end
+db_password = get_vault_item_value(db_password_vault_item) unless db_password_vault_item.empty?
+db_password = SecureRandom.urlsafe_base64(32) if db_password.nil?
+api_envs['DATASTORE_SEQUELIZE_PASSWORD'] = '${DB_PASSWORD}'
db_root_password = nil
db_root_password_vault_item = node['screwdriver']['db_root_password_vault_item']
-unless db_root_password_vault_item.empty?
- db_root_password = get_vault_item_value(db_root_password_vault_item)
-end
+db_root_password = get_vault_item_value(db_root_password_vault_item) unless db_root_password_vault_item.empty?
+db_root_password = SecureRandom.urlsafe_base64(32) if db_root_password.nil?
db_dialect = api_envs_org['DATASTORE_SEQUELIZE_DIALECT']
case db_dialect
s3_access_key_id = nil
s3_access_key_id_vault_item = node['screwdriver']['s3_access_key_id_vault_item']
-unless s3_access_key_id_vault_item.empty?
- s3_access_key_id = get_vault_item_value(s3_access_key_id_vault_item)
- store_envs['S3_ACCESS_KEY_ID'] = '${S3_ACCESS_KEY_ID}'
-end
+s3_access_key_id = get_vault_item_value(s3_access_key_id_vault_item) unless s3_access_key_id_vault_item.empty?
+s3_access_key_id = SecureRandom.urlsafe_base64(16) if s3_access_key_id.nil?
+store_envs['S3_ACCESS_KEY_ID'] = '${S3_ACCESS_KEY_ID}'
s3_access_key_secret = nil
s3_access_key_secret_vault_item = node['screwdriver']['s3_access_key_secret_vault_item']
-unless s3_access_key_secret_vault_item.empty?
- s3_access_key_secret = get_vault_item_value(s3_access_key_secret_vault_item)
- store_envs['S3_ACCESS_KEY_SECRET'] = '${S3_ACCESS_KEY_SECRET}'
-end
+s3_access_key_secret = get_vault_item_value(s3_access_key_secret_vault_item) unless s3_access_key_secret_vault_item.empty?
+s3_access_key_secret = SecureRandom.urlsafe_base64(32) if s3_access_key_secret.nil?
+store_envs['S3_ACCESS_KEY_SECRET'] = '${S3_ACCESS_KEY_SECRET}'
# S3 compatible server
if !store_backend.nil? && !store_backend.empty?