coop-cloud/organising
coop-cloud
/
organising
7
0
Fork 0
Code Issues 152 Pull Requests Projects 2 Releases Activity

Global, shared secrets on the server level #431

New Issue
Open
opened 2023-03-06 13:55:45 +00:00 by decentral1se · 1 comment
decentral1se commented 2023-03-06 13:55:45 +00:00
Owner
Copy Link

You configure app A at foo_com and app B at bar_com. Then both need a shared secret. You generate and insert both with abra app foo_com secret insert ... and abra app bar_com secret insert ... but what if we could share a common secret across the two apps? It's already possible, you can reference a shared_smtp_secret_v1 between both apps if you reference this in your configuration by name. We could have a abra servers secret ... interface for creating these? Unsure. Also, not sure how we can reference these shared secrets when there are already secrets referenced in existing configuration that are not shared. You might already have a ${STACK_NAME}_smtp_pass_${SMTP_PASS_VERSION} in a recipe config? I think those were the thoughts! /cc @moritz

You configure app A at `foo_com` and app B at `bar_com`. Then both need a shared secret. You generate and insert both with `abra app foo_com secret insert ...` and `abra app bar_com secret insert ...` but what if we could share a common secret across the two apps? It's already possible, you can reference a `shared_smtp_secret_v1` between both apps if you reference this in your configuration by name. We could have a `abra servers secret ...` interface for creating these? Unsure. Also, not sure how we can reference these shared secrets when there are already secrets referenced in existing configuration that are not shared. You might already have a `${STACK_NAME}_smtp_pass_${SMTP_PASS_VERSION}` in a recipe config? I think those were the thoughts! /cc @moritz
decentral1se added the
enhancement
 label 2023-03-06 13:55:45 +00:00
decentral1se commented 2023-03-24 08:38:14 +00:00
Author
Owner
Copy Link

@3wordchant and myself ran into another group (WASHNote) needing this. They have to deploy several instances of the same app and need a shared client secret for SSO. Would greatly simplify the deployment if we can get a convention going for this technique.

@3wordchant and myself ran into another group (WASHNote) needing this. They have to deploy several instances of the same app and need a shared client secret for SSO. Would greatly simplify the deployment if we can get a convention going for this technique.
decentral1se added the
documentation
 label 2024-03-27 06:39:31 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
master
Labels
Clear labels   
abra

Everything to do with abra

  
abra-gandi

Abra Gandi plugin

  
awaiting-feedback

Ping/pong on comms

  
backups

   
bug

Something is not working

  
build

Go build related issues

  
ci/cd

Getting the robots into the mix

  
community organising

Opening this thing up

  
contributing

Contributors stuff

  
coopcloud.tech

Our main website

  
democracy

Democratic decision making

  
design

Design thinking required

  
documentation

Let's write things together

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
finance

Money things

  
funding

Anything related to grant funding

  
good first issue

Easy start with development

  
help wanted

Need some help

  
installer

Installation related issues

  
kadabra

   
performance

Performance related

  
proposal

Large change which requires feedback & decisin making

  
question

More information is needed

  
recipes.coopcloud.tech

Our recipes catalogue

  
security

Securing our shit

  
test

Unit or integration test suite

  
wontfix

This won't be fixed

No Label
abra
abra-gandi
awaiting-feedback
backups
bug
build
ci/cd
community organising
contributing
coopcloud.tech
democracy
design
documentation
duplicate
enhancement
finance
funding
good first issue
help wanted
installer
kadabra
performance
proposal
question
recipes.coopcloud.tech
security
test
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: coop-cloud/organising#431
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?