Would it be possible to add the name of who changed the settings ?

[arnaudbuchholz-sap]

Among the amazing features of the tool, I would like to have the name of who changed the settings when looking back in time.

NOTE: gcloud info gives the account name ;-)

[hawser86]

Thanks for the idea.

The Secret Editor does not save backups, but only reads them and provides a UI to restore secrets based on the backups. Backups are saved by the secret-backup-operator, which saves the backups regardless the tool you use to modify the secret (Secret Editor, gap-cli, k9s, etc.).

At first this operator needs to be extended to save the username, as well. When it is done, Secret Editor can be extended to show it. But as far as I know, in the context where the secret-backup-operator runs, we do not have the name of the user who made the change. Try creating an issue for secret-backup-operator, and hope for the best 🙂

[arnaudbuchholz-sap]

@hawser86 It looks like I need to submit an incident to the initial repository (the one you pointed out is a forked one).
Before doing so, I need to understand better how this backup is being done : you mentioned that the operator saves the backups regardless the tool, but is it triggered by the secret editor or is it triggered upon save (i.e. you don't have the opportunity to pass a parameter) ?

Thanks & regards

[hawser86]

Honestly, it is some kind of kubernetes black magic I am not really familiar with. I think it is some kind of "hook" which is triggered automatically whenever a secret is modified, but it is not called by the Secret Editor directly, so we cannot pass an additional parameter.

[arnaudbuchholz-sap]

@hawser86 that's what I wanted to understand. thx,

[arnaudbuchholz-sap]

geritol/secret-backup-operator#15