-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Qualified names for reserved secret data fields in Provisioned Service #96
Comments
Do you have an example conflict? Changing the key names doesn't eliminate the possibility of a conflict. In my mind this is why it can be problematic to think of any arbitrary Secret as material for a binding instead of a Secret being a vehicle for the binding material. Bindable Secrets have additional requirements over opaque Secrets. The spec is clear about what those requirements are and among them is that the |
I concur with this as well. Not just any |
No. I don't have any specific examples.
Yes. But a more qualified name reduces the probability of conflicts.
Since these values are injected as volume mounts into the container, I am fine with the generic names. For environment-variables users can still re-use these names, right? |
All envvars aside from |
Thanks for the clarification. I am closing this issue! |
Current specification mandate using generic names as reserved secret data field names in Provisioned Service. The keys' names are
type
andprovider
. In real-world, these names could conflict with existing service secrets. I propose to qualify these reserved names with some prefix.I would suggest names like this:
service_binding_type
service_binding_provider
Apart from potential name conflicts, the name qualification will help to easily differentiate these names from other secret data fields.
The text was updated successfully, but these errors were encountered: