[Feature] - Key in state, release 1.2.0 #48
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
added 2 commits
November 8, 2019 15:08
- Adds a new feature, enhancing the format of the secrets envelope. The idea being that the user wont have to key in the key path more than once, and once a secret state file has a keyURI it will favor that keyURI and will aggressively check that the operator is storing secrets using the same KeyURI per state-file. This ships with a pretty invasive change to how we read/process/load secrets. I expect there to be a little fallout from this revision but nothing too un-patchable.
lazypower
force-pushed
the
envelope/key-uri
branch
from
f38956b
to
a97c9b9
Compare
|
Seeing as how this is non-critical and its late on a Friday, this can totally wait :) Final output of my efforts today: coverage: 81.2% of statements Not 100% but that's a 50% improvement over previous builds. |
marcoceppi
suggested changes
Nov 8, 2019
lazypower
force-pushed
the
envelope/key-uri
branch
from
e1ca2f1
to
d2d84d6
Compare
lazypower
commented
Nov 11, 2019
lazypower
force-pushed
the
envelope/key-uri
branch
from
e0e8de1
to
889c34a
Compare
|
Ok, Review feedback implemented and I think I got all the cases here. Thank you for the thorough review :) |
lazypower
force-pushed
the
envelope/key-uri
branch
2 times, most recently
from
e69e836
to
a91144f
Compare
edaniszewski
approved these changes
Nov 12, 2019
- Updated the test cases for better clarity. - Implemented the review feedback - ran go mod tidy && removed unused go-spew sums from go.sum
lazypower
force-pushed
the
envelope/key-uri
branch
from
a91144f
to
e5df7e6
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
idea being that the user wont have to key in the key path more than
once, and once a secret state file has a keyURI it will favor that
keyURI and will aggressively check that the operator is storing
secrets using the same KeyURI per state-file.
This ships with a pretty invasive change to how we read/process/load
secrets. I expect there to be a little fallout from this revision but
nothing too un-patchable.