Closed maroux closed 5 years ago
Hey @maroux
This sounds like a great idea - would you like to try submitting a PR for it? I'd be happy to help you through the contribution process!
Awesome, I'll take a crack at it. Have another question - would a command like berglas edit
make sense for this tool? This command would access the current secret, and open an editor so you can update it in-place, and then if file was saved, write the new secret back to GCS. There is some assumption about file contents here (that they are editable using an editor and is not, say, a pdf file) so I'm not sure if this command is a good fit but wanted to get your thoughts on it.
Maybe, but we should separate that. The hard part will be permissions - you may have permission to read a secret but not update (for example).
Yeah, let me create a separate issue and we can discuss there.
Moving edit
command discussion to GoogleCloudPlatform/berglas#40
This is a great tool, and we're evaluating using it as a config manager (a la Heroku). The one feature that's missing is the ability to rollback easily by providing versioning. We can easily piggyback on GCS's versioning scheme that generates a new generation every time you change an object in a bucket that has versioning enabled. The
access
command could provide an additional flag which would return previous version of the object. Theexec
command could do that as well, or just use latest version - which is fine in most cases.