Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The "secure" flag breaks deployments in OpenShift #52

Open
exhuma opened this issue Jan 27, 2020 · 0 comments
Open

The "secure" flag breaks deployments in OpenShift #52

exhuma opened this issue Jan 27, 2020 · 0 comments
Labels
enhancement

Comments

@exhuma
Copy link
Owner

exhuma commented Jan 27, 2020

The "secure" flag to "get_config" enforces the permissions 0x600 for a config file. But in OpenShift the most secure a file can be is 0x640 because any mounted secrets will be owned by root:<app-user>.

This means that in its current state, config_resolver cannot be used for OpenShift apps.

A backwards compatible change would be to allow to pass in an octal value of the "expected" mode of a file, and use 0x600 if a user passes in True. This way each call could be adapted apropriately.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@exhuma