-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat!: add support for secrets in manifests
This adds support for secrets in wasmCloud application manifests. The secrets themselves are actually _secret references_ as outlined in wasmCloud/wasmCloud#2190. Just like config, secrets can be specified at the component or provider level or on a link. Secret references themselves are actually implemented as an additional kind of config stored in the same config data bucket. However, I opted to implement a dedicated scaler for secrets that is largely a clone of the existing ConfigScaler since the underlying data type is very different than the arbitrary set of key/value pairs we use for config. An example of what this looks like in a component is shown below: ```yaml spec: components: - name: http-component type: component properties: image: ghcr.io/wasmcloud/test-fetch-with-token:0.1.0-fake secrets: - name: some-api-token source: backend: nats-kv key: test-value version: 1 - name: my-other-secret source: backend: aws-secrets-manager value: secret-name version: "be01a5fb-7ebb-4ae9-8ea0-0902e8940bc0" ``` This contains a breaking change to the way that we specify config on links: ```yaml - type: link properties: namespace: wasmcloud package: postgres interfaces: [managed-query] target: name: sql-postgres secrets: - name: db-password source: backend: nats-kv key: myapp_db-password version: 1 ``` Instead of using `target_config` and `source_config`, this renames them to `target` and `source` respectively and adds keys for `config` and `secrets`. The name of the target and source are now keys at the top level of the `source` and `target` blocks, as seen above. Signed-off-by: Dan Norris <protochron@users.noreply.github.com>
- Loading branch information
1 parent
61c45e1
commit 6039d41
Showing
35 changed files
with
849 additions
and
207 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.