-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Added ability to parse keyvalue as an azure keyvault ID #50
feat: Added ability to parse keyvalue as an azure keyvault ID #50
Conversation
…ort lookups across multiple keyvaults Signed-off-by: Steven Gettys <[email protected]>
What does this changeThis adds the ability for the azure key vault secrets plugin to resolve secrets when the secret keyValue is specified as the secret ID instead of just the secret name. The following behavior was added
The new plugin behavior does not break backwards compatibility. It will check that the provided secret keyValue can be parsed as a secret ID. If it can then it attempts to fetch that based on the values it parsed. If it fails then it will fallback to attempting to read it as the secret name in the configured key vault. Only after it has failed both attempts to resolve the secret will the plugin fail What issue does it fixCloses #49 Checklist
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great. I didn't see any problems so just let me know when you'd like a full review.
Signed-off-by: Steven Gettys <[email protected]>
Tested with a mix of secret names and secret IDs in both the keyvault configured for the plugin as well as a separate keyvault that the user running porter has access to. Able to resolve all combinations of secret names and IDs. Example porter config:
Example credential set:
|
Signed-off-by: Steven Gettys <[email protected]>
Signed-off-by: Steven Gettys [email protected]