Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(hashicorp): implement hashicorp secrets manager solution #3297

Merged
merged 26 commits into from
Jan 24, 2024

Conversation

NishantJoshi00
Copy link
Member

@NishantJoshi00 NishantJoshi00 commented Jan 9, 2024

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

Implementing hashicorp secrets manager, to store secrets and sensitive data instead of providing it into environment variables

The behaviour pattern of hashicorp-vault with kms feature flag

kms hashicorp-vault behaviour
disabled disabled plaintext value will be picked from env/config
disabled enabled env/config should contain the key for the value that is being stored in hashicorp-vault
enabled disabled kms encrypted value to be provided in env/config
enabled enabled env/config should contain key for the kms encrypted value that is stored in hashicorp-vault

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

How did you test it?

⚠️ Testing Pending

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible
  • I added a CHANGELOG entry if applicable

@NishantJoshi00 NishantJoshi00 self-assigned this Jan 9, 2024
@NishantJoshi00 NishantJoshi00 added A-core Area: Core flows M-configuration-changes Metadata: This PR involves configuration changes A-drainer Area: Drainer A-currency-conversion Area: Currency Conversion labels Jan 9, 2024
jagan-jaya
jagan-jaya previously approved these changes Jan 10, 2024
@NishantJoshi00 NishantJoshi00 marked this pull request as ready for review January 10, 2024 12:39
@NishantJoshi00 NishantJoshi00 requested review from a team as code owners January 10, 2024 12:39
jagan-jaya
jagan-jaya previously approved these changes Jan 22, 2024
Chethan-rao
Chethan-rao previously approved these changes Jan 22, 2024
lsampras
lsampras previously approved these changes Jan 22, 2024
Copy link
Member

@lsampras lsampras left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the cargo/makefile changes look good...

@Gnanasundari24 Gnanasundari24 added this pull request to the merge queue Jan 24, 2024
Merged via the queue into main with commit 629d546 Jan 24, 2024
10 checks passed
@Gnanasundari24 Gnanasundari24 deleted the hashicorp branch January 24, 2024 08:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A-core Area: Core flows A-currency-conversion Area: Currency Conversion A-drainer Area: Drainer M-configuration-changes Metadata: This PR involves configuration changes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Implement HashiCorp Vault support in the core application
6 participants