Support reading secrets from a separate config file #487
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
squalus
force-pushed
the
systemd-credential
branch
2 times, most recently
from
e1613c5
to
6c56d7d
Compare
|
Added issue, changelog entry, and unit test |
Users can specify a new overlay config file. This file can contain secrets. The file is specified in two ways: - VOUCH_SECRETS_FILE env var: path of the overlay config file - CREDENTIALS_DIRECTORY env var that contains a file called VOUCH_SECRETS_FILE. This can be used with systemd LoadCredential.
squalus
force-pushed
the
systemd-credential
branch
from
6c56d7d
to
2575e30
Compare
squalus
changed the title
|
Updated based on the discussion in #491 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Users can specify a new overlay config file. This file can contain secrets. The file is specified in two ways:
Allow reading OauthClientId and OauthClientSecret from systemd LoadCredential directives.
VOUCH_SECRETS_FILEenv var: path of the overlay config fileCREDENTIALS_DIRECTORYenv var that contains a file calledVOUCH_SECRETS_FILE. This can be used with the systemdLoadCredentialdirective.Tested using both hardcoded secrets and LoadCredential files.