Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow az vault name to be included in secret name #11867

Merged
merged 1 commit into from
Jul 28, 2021
Merged

Allow az vault name to be included in secret name #11867

merged 1 commit into from
Jul 28, 2021

Conversation

marcparadise
Copy link
Member

This modifies the :azure_key_vault fetcher so that it's possible
to fetch a secret by embedding the vault name in the secret name
instead of providing it in configuration. This continues down the path
of making secrets accessible with less typing and sane default
expectations.

Example:

file "/home/ubuntu/test2" do
  content secret(name: "test-chef-infra-secrets/test-secret-1", service: :azure_key_vault)
end

Specifying vault name via configuration is still supported, but if it is
specified in the secret name as well that will take precedence.

Fixes: #11852

Signed-off-by: Marc A. Paradise marc.paradise@gmail.com

@marcparadise marcparadise requested review from a team as code owners July 27, 2021 17:59
@marcparadise marcparadise force-pushed the mp/11852 branch 2 times, most recently from 6ae9c43 to 1d0af2e Compare July 27, 2021 19:46
@marcparadise
Allow az vault name to be included in secret name
84aa9bd 
This modifies the `:azure_key_vault` fetcher so that it's possible
to fetch a secret by embedding the vault name in the secret name
instead of providing it in configuration. This continues down the path
of making secrets accessible with less typing and sane default
expectations.

Example:

```
file "/home/ubuntu/test2" do
  content secret(name: "test-chef-infra-secrets/test-secret-1", service: :azure_key_vault)
end
```

Specifying vault name via configuration is still supported, but if it is
specified in the secret name as well that will take precedence.

Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
@tas50 tas50 merged commit 0e041b5 into master Jul 28, 2021
@tas50 tas50 deleted the mp/11852 branch July 28, 2021 17:17
@tas50
Copy link
Contributor

tas50 commented Jul 28, 2021

Thanks @marcparadise

@marcparadise marcparadise restored the mp/11852 branch July 29, 2021 18:00
@marcparadise marcparadise deleted the mp/11852 branch July 29, 2021 18:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tas50 tas50 tas50 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

secrets: Improve how the vault and secret name as passed in Azure
2 participants
@marcparadise @tas50