secrets-helper

command
v0.0.0-...-9697014 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 8, 2025 License: Apache-2.0 Imports: 18 Imported by: 0

Documentation

Overview

secrets-helper: a chef_secrets-compatible secrets helper. This is basically a reimplementation of veil-env-helper, veil-ingest-secret, and veil-read-secret.

This is used to share secrets between components that require secrets other than our TLS certificates. For example, erchef and bifrost need to share a superuser_id.

The current implementation uses a files on disk for storage.

KNOWN ISSUES

  • generate and insert are not safe for concurrent access to the same key. A basic check is in place to allow "idempotent"-ish operations for a single service, but if multiple services are generating the same key the last writer wins. However, we ARE concurrency safe for /different/ keys since those are stored in different files on disk.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.