Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support custom key retrival and getting custom Versions of secrets #1206

Draft
wants to merge 3 commits into
base: 5.0.x
Choose a base branch
from
Draft

Support custom key retrival and getting custom Versions of secrets #1206

wants to merge 3 commits into from

Conversation

MatejNedic
Copy link

@MatejNedic MatejNedic commented Nov 2, 2021
edited
Loading

Allow users to name which keys to fetch instead of loading it by application name. This would provide bigger versatility and would allow users to use common credentials for POC or something like that. Not only that but this would allow users to fetch secrets by namings they choose and wouldn't have to switch to application name namings.
This integration would allow users to fetch versions of older parameters or secrets which could be something they might choose. We are not making calls that are not required with this way of loading, meaning no additional cost and starting fetch time will be faster since we are only looking what is asked.

example of use:

application.properties
'aws.distributed-configuration.secrets': 'SECRETS:path/mongoDBPassword;path/kafkaSSLKey:version'

If needed to keep the old way of loading we could just place an empty string after SECRETS:

application.properties
'aws.distributed-configuration.secrets': 'SECRETS:'

TO:DO
(If the idea is accepted would be happy to do all under)
Introduce loading by env which is currently not supported. (Each application-env file would be taken into account).
Introduce aws.distributed-configuration as a list and have a prefix change depending on the integration. (Parameter store could be easily integrated by just implementing one class).
Allow Optional before SECRETS: meaning all secrets loaded will not cause failure on load.
If chosen old way of loading can be kept for backward compatibility.
Clean code and namings more.
Introduce missing tests.

@CLAassistant
Copy link

CLAassistant commented Nov 2, 2021
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@MatejNedic
Copy link
Author

Hey @sdelamo ,
before going through with the implementation of to:dos would like to know your opinion on this approach for integration. Is this something that the Micronaut team would like to have or current way of loading is to stay? Would like to start working on PR if this is something you think is worth having. I understand it is breaking change and is whole another way of loading both parameter store and secrets manager.

@sdelamo sdelamo added the status: under consideration The issue is being considered, but has not been accepted yet label Nov 22, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
status: under consideration The issue is being considered, but has not been accepted yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MatejNedic @CLAassistant @sdelamo