-
Notifications
You must be signed in to change notification settings - Fork 18
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add vault store #61
add vault store #61
Conversation
This is awesome and actually I though about doing it for a long time, but never got to the point where vault was required. Anyway, I would love some more description how trocla keys are ending up in valt. Also might it be desirable to have a (configurable) global prefix for keys in vault, so they go under their own path? Also we should probably explain that kv is a mount in vault, which was not obvious to me at the beginning. I wonder whether we need tests? |
I think the main point to upgrade to vault for us might be to include acl to prepare for the future and improve global security. We do not have a main requirement now but it is a good thing to prepare for. |
@fe80 , does the ruby vault lib do abstraction between kv v1 and kv v2 engines ? |
A subpath parameter could be an option to be able to use an existing kv mount but a dedicated kv mount seems fine by default |
Hi @duritong I've complete the readme with more information about vault. It's better ? I change the kv options with mount too. Like say @IAmAStealer , vault can be offer lot of feature require for us (history, acl, native REST API...) The idea about a default path can be a good, we thinking about this feature too and why not another feature with subpath options to additional the key name. I propose to open an issue about this feature an add on a different merge request ? For us it's just a poc for this moment, we need to think about the data migration an we probably run to double trocla for puppet (use vault just for put data and test performance). The kv v1 work but add a path |
Ui, I absolutely forgot about this here. @fe80 do you see anything left? |
Some rewording an clarifications
Sorry I don't have see your reply. We are on testing migration actually and It's works correctly for this time |
thank you to confirm, I'll merge and guess will release a 0.4.0 soon |
Hi,
This is a proposal, we actually work to use Vault as backend storage.
We eventually need help for review code and add spec.
Regards,