Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow for a list and no searching for keys #46

Merged
merged 4 commits into from
Apr 8, 2021
Merged

Allow for a list and no searching for keys #46

merged 4 commits into from
Apr 8, 2021

Conversation

scott-phillips-ah
Copy link
Contributor

@scott-phillips-ah scott-phillips-ah commented Mar 26, 2021
edited
Loading

Searching for keys makes the secrets manager configuration require the ListSecrets permission, which some organizations don't like to grant to services. This PR allows users to define a list of secret ARNs to load, and it only loads those. Filtering still works, but I don't see a good reason to use a filter with a defined secrets list.

Test created and passed. Not sure the best way to develop an example

@Kralizek
Copy link
Owner

Hi @scott-phillips-ah

Thank you for your pull request.

I have two observations:

  • can we avoid having a list of arns and a flag to set in the options? Basically instead of checking the flag we could check if the list is non empty. Otherwise the user could be misled into an erroneous path by either adding desired arns to the list or setting the flag but not both.
  • i noticed you changed the styling of some files, please revert those changes.

Thanks.

Kralizek
Kralizek requested changes Mar 26, 2021
View reviewed changes
Copy link
Owner

@Kralizek Kralizek left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As per the previous comment.

  • Remove extra boolean flag
  • Revert some code style changes.

...k.Extensions.Configuration.AWSSecretsManager/Internal/SecretsManagerConfigurationProvider.cs Outdated Show resolved Hide resolved
...sions.Configuration.AWSSecretsManager/Internal/SecretsManagerConfigurationProviderOptions.cs Outdated Show resolved Hide resolved
...sions.Configuration.AWSSecretsManager/Internal/SecretsManagerConfigurationProviderOptions.cs Outdated Show resolved Hide resolved
tests/Tests.Extensions.Configuration.AWSSecretsManager/ConfigurationProviderExtensions.cs Outdated Show resolved Hide resolved
@Kralizek Kralizek linked an issue Mar 26, 2021 that may be closed by this pull request
FR: Read just specified keys #24
Closed
@scott-phillips-ah
Copy link
Contributor Author

Addressed all feedback, thanks for the quick review!

@Kralizek
Copy link
Owner

Hi @scott-phillips-ah, sorry I disappeared.

I'm not totally happy with the name of DefinedSecretArns. Can you suggest something else? I was more inclined towards AcceptedSecretArns but I welcome any other idea.

Also, would you be so kind to update the README file with this addition?

@Kralizek Kralizek mentioned this pull request Mar 29, 2021
Merged
@scott-phillips-ah
Copy link
Contributor Author

Hey, no worries. Good call on that. I changed it to what you specified, the alternative I'd use is RequiredSecretArns (which would indicate that the following secrets are required for the application to operate).

@Kralizek
Copy link
Owner

Would the application fail to start if a secret with one of the specified Arns were to be missing? If not, i don't think Required describes the behavior we are introducing.

@scott-phillips-ah
Copy link
Contributor Author

In our case, it would. But I wouldn't say that is true in every case. We can leave it as it is.

@scott-phillips-ah
Copy link
Contributor Author

Feel free to merge whenever.

@killianhale-earnin
Copy link

Any updates on this? I'd be happy to test or do whatever is needed to get this merged. I'm very excited for the feature ^_^

@Kralizek
Copy link
Owner

Kralizek commented Apr 7, 2021

Hi @killianhale-earnin, could you take care of updating the readme? Also if you could try the feature in the wild, using one of the nightly builds, it would be great.

@scott-phillips-ah
Copy link
Contributor Author

@killianhale-earnin @Kralizek the README has been updated per your request.

@Kralizek Kralizek merged commit 854b1ae into Kralizek:master Apr 8, 2021
@Kralizek
Copy link
Owner

Kralizek commented Apr 8, 2021

@scott-phillips-ah @killianhale-earnin

I'll release a new version once #47 is merged in :)

@scott-phillips-ah scott-phillips-ah deleted the allow-defined-list-of-secrets branch April 8, 2021 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Kralizek Kralizek Kralizek approved these changes

@killianhale-earnin killianhale-earnin killianhale-earnin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

FR: Read just specified keys
3 participants
@scott-phillips-ah @Kralizek @killianhale-earnin