Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. #10222

Closed
6 of 28 tasks
Sn0rt opened this issue Sep 18, 2023 · 3 comments
Closed
6 of 28 tasks

Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. #10222

Sn0rt opened this issue Sep 18, 2023 · 3 comments
Assignees
@Sn0rt
Labels
feature-request stale

Comments

@Sn0rt
Copy link
Contributor

Sn0rt commented Sep 18, 2023
edited
Loading

Description

This task is a sub-requirement of 8319 and is used to independently verify the vault as the backend of the Secert manager.

Define the Data Range That Secret Manager Can Protect

The following configuration is designed to obtain values from the secert manager, which is called referenceable.

  • authentication plugin
    • Basic-auth 's password
    • Key-auth key
    • ldap-auth user_dn
    • appid of Wolf-rbac
    • Hmac-auth’s access_key and secret_key
    • Jwt-auth secret
    • client_secret of authz-keycloak (need test case ( work in progress
    • client_secret of authz-casdoor (need test case
    • client_secret of openid-connect (need test case
    • The RBAC configuration file information of authz-casbin requires secondary confirmation.
  • logger plugin
    • http-logger: auth_header (option)
    • tcp-logger: tls_options(option)
    • kafka-logger: brokers.sasl_config.user, brokers.sasl_config.password, key(option) of
    • rocketmq-logger: access_key, secret_key of
    • clickhouse-logger: user, password
    • error-log-logger: clickhouse.user, clickhouse.password,
    • error-log-logger: kafka.brokers.sasl_config.user, kafka.brokers.sasl_config.password, kafka.key
    • sls-logger: access_key_id, access_key_secret
    • google-cloud-logging: auth_config.private_key
    • loggly: customer_token
    • elasticsearch-logger: auth.password
    • tencent-cloud-cls: secret_id, secret_key
  • Other plugin
    • kafka-proxy: sasl.password
  • Security plugin
    • csrf: key
@Sn0rt Sn0rt changed the title Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. Sep 18, 2023
@Sn0rt
Copy link
Contributor Author

Sn0rt commented Oct 16, 2023
edited
Loading

PR list:
authz-keycloak #10353

@monkeyDluffy6017 monkeyDluffy6017 moved this to 🏗 In progress in Apache APISIX backlog Dec 12, 2023
@github-actions GitHub Actions
Copy link

This issue has been marked as stale due to 350 days of inactivity. It will be closed in 2 weeks if no further activity occurs. If this issue is still relevant, please simply write any comment. Even if closed, you can still revive the issue at any time or discuss it on the dev@apisix.apache.org list. Thank you for your contributions.

@github-actions github-actions bot added the stale label Nov 26, 2024
@github-actions GitHub Actions
Copy link

This issue has been closed due to lack of activity. If you think that is incorrect, or the issue requires additional review, you can revive the issue at any time.

@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Dec 10, 2024
@github-project-automation github-project-automation bot moved this from 🏗 In progress to ✅ Done in Apache APISIX backlog Dec 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Sn0rt Sn0rt

Labels
feature-request stale
Projects
Apache APISIX backlog
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Sn0rt @monkeyDluffy6017