Skip to content
This repository has been archived by the owner on Mar 27, 2019. It is now read-only.

Serverless design #42

Closed
msessa opened this issue Jan 19, 2017 · 8 comments
Closed

Serverless design #42

msessa opened this issue Jan 19, 2017 · 8 comments
Labels
enhancement feature request

Comments

@msessa
Copy link
Collaborator

msessa commented Jan 19, 2017

Reading through the server-side node app source code it looks like most of the routes are simply proxying the client request to the vault server with no further modifications.

Given a scenario where the vault server is exposed directly to clients via a reverse proxy (nginx or such) adding the Access-Control-Allow-Origin: * header, it could be possible to adapt vault-ui react code to speak directly to the vault server without the need for the node server-side component.
This enables scenarios such as deploying to S3 static sites.

Is it something you guys would be interested in further exploring?
@djenriquez
Copy link
Owner

djenriquez commented Jan 19, 2017
edited
Loading

Yes, @msessa-cotd, in fact, this was actually our original design. The problem with this though was that Vault did not have the ability to manage CORS. Such a design dependened on a reverse proxy to add in headers. Since the dependency took it outside of Vault, we decided to implement Vault-UI the way it is today.

Really, we'd love to simplify it as much as possible, but "out-of-the-box" use-case is more important to us than simplification. If/when HashiCorp decides to add the feature for CORs, we can revisit this. You can follow the feature request here: hashicorp/vault#796

@msessa
Copy link
Collaborator Author

msessa commented Jan 19, 2017
edited
Loading

I might attempt something in a branch where I reduce the nodejs component to nothing but a reverse proxy and change all the react code AJAX calls to the original vault API specs.
If this effort proves successful it would make things easier when and if vault implements CORS headers.

@msessa msessa mentioned this issue Jan 24, 2017
Closed
@msessa
Copy link
Collaborator Author

msessa commented Feb 21, 2017

Upcoming v1.1.0 removes all remaining logic from the node/express code.

CORS support in Vault has been scheduled for v0.7.0. Once it's released we can start planning the phasing out of the server side nodejs component.

For now I'll just close this issue.

@msessa msessa closed this as completed Feb 21, 2017
@PhillippOhlandt
Copy link

@msessa seems like vault 0.7.0 still has no support for CORS, or did I miss something?

@msessa
Copy link
Collaborator Author

msessa commented Mar 30, 2017

You are correct. New milestone is 0.7.1

@msessa
Copy link
Collaborator Author

msessa commented Mar 30, 2017

We're devising some strategies to work around the problem in the meantime

@PhillippOhlandt
Copy link

@msessa I am building my own client at the moment. I used nginx as a workaround.

@msessa
Copy link
Collaborator Author

msessa commented Mar 31, 2017

this issue has been addressed in #85 by making vault-ui a client-side desktop app

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement feature request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@msessa @PhillippOhlandt @djenriquez