Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor security-bootstrapper Vault's Consul Secret Engine APIs using go-mod-secret (yet to be created) #3227

Closed
jim-wang-intel opened this issue Mar 4, 2021 · 1 comment · Fixed by #4193
Closed

Refactor security-bootstrapper Vault's Consul Secret Engine APIs using go-mod-secret (yet to be created) #3227

jim-wang-intel opened this issue Mar 4, 2021 · 1 comment · Fixed by #4193
Assignees
@bnevis-i
Labels
1-low priority denoting isolated changes security-services tech-debt issue_type denoting refactoring to improve design or removal of temporary workarounds
Milestone
Levski

Comments

@jim-wang-intel
Copy link
Contributor

jim-wang-intel commented Mar 4, 2021
edited
Loading

🚀 Feature Request

Relevant Package

This feature request is for security-bootsrapper's subcommands to use go-mod-secret's API for Vault's SecretEngine API in future.

Description

A clear and concise description of the problem or missing capability...

Currently, the Vault's Consul Secret Engine APIs are locally coded in edgex-go. It would be nice to move these APIs to go-mod-secret and refactor the code to use them (not exists yet today).

(Please provide reference to the code to be moved/refactored)

Describe the solution you'd like

If you have a solution in mind, please describe it.

Move Vault's Consul Secret Engine APIs to go-mod-secret. This refactor can be done after phase 2 of Securing Consul is done so that we can refactor all Vault's Consul Secret Engine APIs into go-mod-secret module in one scoop.

Change Details

Specifically, the Vault-Consul secret engine APIs used in consul-bootstrapper in this code:

  1. https://github.com/edgexfoundry/edgex-go/blob/main/internal/security/bootstrapper/command/setupacl/command.go#L654-L708 and
  2. https://github.com/edgexfoundry/edgex-go/blob/main/internal/security/bootstrapper/command/setupacl/aclroles.go#L85-L137

could be refactored and modulized into go-mod-secrets as part of SecretStoreClient interfaces: https://github.com/edgexfoundry/go-mod-secrets/blob/main/secrets/interfaces.go#L54-L69.

Describe alternatives you've considered

Have you considered any alternative solutions or workarounds?
@jim-wang-intel jim-wang-intel added security-services tech-debt issue_type denoting refactoring to improve design or removal of temporary workarounds 1-low priority denoting isolated changes labels Mar 4, 2021
@jim-wang-intel jim-wang-intel mentioned this issue Mar 4, 2021
Merged
3 tasks
@bnevis-i bnevis-i added this to the Jakarta milestone Jun 23, 2021
@bnevis-i bnevis-i removed this from the Jakarta milestone Oct 6, 2021
@bnevis-i bnevis-i added this to the Levski milestone May 19, 2022
@bnevis-i
Copy link
Collaborator

Replanned for Levski in Levski planning 5/19/2022

@bnevis-i bnevis-i self-assigned this Sep 22, 2022
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Sep 27, 2022
@ItsRico
refactor: moving consul access and role interface
4bf73d9 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 12, 2022
@ItsRico
refactor: moving consul access and role interface
7bb2893 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 12, 2022
@ItsRico
refactor: moving consul access and role interface
fd852b8 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
@ItsRico ItsRico mentioned this issue Oct 12, 2022
Merged
1 task
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 12, 2022
@ItsRico
refactor: moving consul access and role interface
c5cff6f 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 12, 2022
@ItsRico
refactor: moving consul access and role interface
cdf811a 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 18, 2022
@ItsRico
refactor: moving consul access and role interface
7bb1638 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 19, 2022
@ItsRico
refactor: moving consul access and role interface
1b1fe8f 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 19, 2022
@ItsRico
refactor: moving consul access and role interface
0b38361 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 19, 2022
@ItsRico
refactor: moving consul access and role interface
aed9121 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 19, 2022
@ItsRico
refactor: moving consul access and role interface
3e94568 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 19, 2022
@ItsRico
refactor: moving consul access and role interface
5b88078 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
ItsRico added a commit to ItsRico/edgex-go that referenced this issue Oct 19, 2022
@ItsRico
refactor: moving consul access and role interface
39e5983 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: edgexfoundry#3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>
bnevis-i pushed a commit that referenced this issue Oct 19, 2022
@ItsRico
refactor: moving consul access and role interface (#4193)
5b680ce 
Moving configureConsulAccess and createRole to go-mod-secrets to
consolidate consul API.

Closes: #3227

Signed-off-by: Rico Chavez-Lopez <[email protected]>

Signed-off-by: Rico Chavez-Lopez <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bnevis-i bnevis-i

Labels
1-low priority denoting isolated changes security-services tech-debt issue_type denoting refactoring to improve design or removal of temporary workarounds
Projects
None yet
Milestone
Levski
Development

Successfully merging a pull request may close this issue.

refactor: moving consul access and role interface ItsRico/edgex-go
2 participants
@bnevis-i @jim-wang-intel