-
Notifications
You must be signed in to change notification settings - Fork 171
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
STDIN Shell Provider #44
Comments
@brandonwestcott Hi 👋 |
I think I got it, the original request is about making a generic adapter for any shell executable -- it's in my backlog |
@jondot yes exactly. Quick escape hatch for devs to use other tools that aren't yet supported providers. |
First design:
@kaplanelad WDYT? got some feedback? specifically on the interchange format or new |
Example case: sync:
🚨 not good, shows only key list some CLI golf we get at:
🚨 not there yet, shows a list of values but we lose the key get:
✅ works according to assumption General challenges:
|
Final design:
Configurable:
Tradeoffs:
|
For now finalizing the design but parking implementation. This is good in theory but then to provide value end users would need to do too much work (write wrapper scripts, deal with standardizing a certain CLI) and it's better that we build "tailored" providers per tool. |
@jondot thanks for putting in some mind work toward this. I definitely agree first class providers are a MUCH better user experience and should be the default answer for tools with any meaningful usage. I will also note I see value in this feature for complex use cases, such as using |
@brandonwestcott thanks -- feedback like yours really helps prioritizing, actually, we're doing a public steering every second week, hopefully soon we can open it to the public.
|
Thanks for the insight @jondot. I will say, I see this as a "power user" type feature, and deserves to be prioritized lower than core features / additional providers. That being said, I would love to have it 😄
Also from my perspective, in these advanced cases I think the main usage is reading of secrets, not writing / updating. As it relates to 2 above, I personally would not go through the effort of making a custom script support the write ops. I realize having some providers in "read-only" mode is a a bit odd though. All in all, I think for new applications / environments this isn't valuable - one should just conform to existing teller providers. For existing environments, I foresee people either having to adjust their secret storage strategy to match providers supported in teller, or they skip on teller for those projects because there isn't a custom escape hatch like this. Thanks again for all the great work on this project, I can see easily see teller becoming the "terraform of secrets" ! |
Love the tool! This solves a pain point that I've been patching with shell scripts. Kudos and thanks for the amazing work. To add one more data point, I would definitely use this feature and build scripts around it if needed (maybe using |
Just came across this tool, super great. Been in devops for a few years and this definitely solves a need. Love the support for multiple providers within a single invocation.
I'm personally interested in gopass (#11) for some local only api keys. While I fully appreciate first class integration with providers, I'm wondering if #3 #10 #11 (and other future requests) could all be achieved if there was a generic
shell
provider. Using that provider would just invoke that shell script with a known STDIN api, ex[command] [path] [options]
.The text was updated successfully, but these errors were encountered: