HC Vault: add allowlist support for acceptable HC Vault URLs#2164
Merged
felixfontein merged 4 commits intogetsops:mainfrom May 3, 2026
Merged
HC Vault: add allowlist support for acceptable HC Vault URLs#2164felixfontein merged 4 commits intogetsops:mainfrom
felixfontein merged 4 commits intogetsops:mainfrom
Conversation
sabre1041
reviewed
May 3, 2026
Signed-off-by: Felix Fontein <felix@fontein.de>
Signed-off-by: Felix Fontein <felix@fontein.de>
Signed-off-by: Felix Fontein <felix@fontein.de>
Signed-off-by: Felix Fontein <felix@fontein.de>
sabre1041
approved these changes
May 3, 2026
Contributor
sabre1041
left a comment
sabre1041
left a comment
There was a problem hiding this comment.
LGTM
Thanks for taking a look at adding the / to the vault address
Contributor
Author
|
@sabre1041 thanks for reviewing! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Default is
all, which is the current behavior. WhenSOPS_HC_VAULT_ALLOWLISTis set tononeor a comma-separated list of prefixes, none or only URLs starting with these prefixes are allowed.