-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hide encryption key fetching behind an interface #3304
Labels
Comments
dmjb
added a commit
that referenced
this issue
May 14, 2024
Relates to #3304 Implement an interface which hides the specifics of loading an encryption key. This allows us to use a secret store or a key store directly in future. Right now, the implementation uses a single key loaded from the config. In my next PR, I will generalize it to support multiple keys. This will require a new config structure.
10 tasks
dmjb
added a commit
that referenced
this issue
May 14, 2024
Relates to #3304 Implement an interface which hides the specifics of loading an encryption key. This allows us to use a secret store or a key store directly in future. Right now, the implementation uses a single key loaded from the config. In my next PR, I will generalize it to support multiple keys. This will require a new config structure.
dmjb
added a commit
that referenced
this issue
May 15, 2024
Fixes #3304 Add a new configuration structure for encryption keys. This allows a default key and algorithm to be specified, along with fallbacks. A backwards compatibility mechanism is provided which will allow the keystore to work with the existing configuration structure.
10 tasks
dmjb
added a commit
that referenced
this issue
May 16, 2024
Fixes #3304 Add a new configuration structure for encryption keys. This allows a default key and algorithm to be specified, along with fallbacks. A backwards compatibility mechanism is provided which will allow the keystore to work with the existing configuration structure.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Please describe the enhancement
Place encryption key retrieval behind an interface so that we can create multiple retrieval mechanisms, and select one based on configuration. For example, we may want a secret store which reads straight from a secrets manager instead of reading off disk.
Solution Proposal
Create interface for key retrieval.
Describe alternatives you've considered
No response
Additional context
No response
Acceptance Criteria
No response
The text was updated successfully, but these errors were encountered: