-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ability to manage a default secret that would be always injected in services #760
Comments
One implementation could be to maintain a list of all paths that should be automatycally injected. |
Thanks for creating this issue. On my side, I was actually thinking about a more straitforward/naive experience: by default, all the user secrets are injected in the services environment as environment variables. But then there is the question of secret variables with the same name, but in different secrets and/or directories. For these cases, I think we could actually not care about it and just overwrite variables previously defined in the environment, because this "default" behavior would be only for onboarding/newcomers users. Advanced users with plenty of secrets won't use this option anyway: they will care about what service has access to what secret. That being said, a default secret at the root, called "default" and containing a "SECRET_EXAMPLE" variable could do the job perfectly. BTW, reading @fcomte 's previous comment makes me think maybe the user uptake is difficult also because there is no auto-completion for the secret paths in the vault tab. I don't how difficult it is to implement that though. My two cents! |
my idea is quite simple : When a user write a secret he has the possibility to enable it by default for all services. Behind the scene we maintain this path (somewhere in vault but silently) I would prefer this kind of implementation in comparaison to the "one big default secret" because it's more maintenable by the user. |
Oh I see it now! This is really better than my idea 👍 |
This is all your idea.. I think it can greatly improve the UX on the secret usage. thank you 🙏 |
Secrets are not often use by users because it's quite complex to use it.
One idea would be to manage a default secret (a list of secrets) that would be always injected without any effort from the user
The text was updated successfully, but these errors were encountered: