Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Hot reloading of Signer keys store #1232

Merged
merged 7 commits into from
Mar 11, 2024
Merged

feat: Hot reloading of Signer keys store #1232

merged 7 commits into from
Mar 11, 2024

Conversation

dadrus
Copy link
Owner

@dadrus dadrus commented Mar 11, 2024

Related issue(s)

closes #1231

Checklist

  • I agree to follow this project's Code of Conduct.
  • I have read, and I am following this repository's Contributing Guidelines.
  • I have read the Security Policy.
  • I have referenced an issue describing the bug/feature request.
  • I have added tests that prove the correctness of my implementation.
  • I have updated the documentation.

Description

This PR makes heimdall listening to changes in configured Signer key store if secrets_reload_enabled is set to true. This way you can make use of a secret management service of your choice and rotate keys/certificates used by heimdall for JWT creation purposes.

@dadrus dadrus changed the title Feat/signer keys reloading feat: Hot reloading of Signer keys store Mar 11, 2024
@codecov Codecov
Copy link

codecov bot commented Mar 11, 2024

Codecov Report

Attention: Patch coverage is 98.55072% with 1 lines in your changes are missing coverage. Please review.

Project coverage is 89.28%. Comparing base (9abf723) to head (941e859).

Files Patch % Lines
internal/signer/jwt_signer.go 98.43% 1 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #1232      +/-   ##
==========================================
+ Coverage   89.24%   89.28%   +0.03%     
==========================================
  Files         269      269              
  Lines        8837     8862      +25     
==========================================
+ Hits         7887     7912      +25     
  Misses        703      703              
  Partials      247      247

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dadrus dadrus merged commit 36076e1 into main Mar 11, 2024
27 checks passed
@dadrus dadrus deleted the feat/signer_keys_reloading branch March 11, 2024 23:52
@github-actions github-actions bot mentioned this pull request Mar 11, 2024
Merged
@github-actions github-actions bot mentioned this pull request May 12, 2024
Merged
@dadrus dadrus mentioned this pull request Jun 11, 2024
Closed
3 tasks
@github-actions github-actions bot mentioned this pull request Dec 15, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Allow rotation of Signer key material and certificates without being forced to restart heimdall
1 participant
@dadrus