Skip to content
This repository has been archived by the owner on Nov 21, 2023. It is now read-only.

Support multiple secrets for secret rotation #20

Merged
merged 5 commits into from
Jun 9, 2023

Conversation

kenoir
Copy link
Contributor

@kenoir kenoir commented Jun 1, 2023

What does this change?

This change builds on guardian/hmac-headers#20 to support passing a list of secrets to check for validity. The intention is to allow for safe secret rotation as described in https://github.com/guardian/birthdays/pull/180

We attempt to make this a "soft" change and continue to support the existing interface, but add a deprecation notice for consumers warning it's going to change soon.

See https://github.com/guardian/birthdays/pull/183 for an example of downstream use.

Depends: guardian/hmac-headers#20

How to test

Run sbt test

Note
Tests run by the added GitHub action workflow will fail until the upstream changes have been released.

How can we measure success?

Consumers are able to support secret rotation more easily in their projects.

Have we considered potential risks?

Changing authentication code has the potential to disrupt consuming services if an interface changes, we attempt to keep it the same here.

@kenoir kenoir merged commit d4118c0 into main Jun 9, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants