sethvargo
commented
5 years ago Hey @maroux
This sounds like a great idea - would you like to try submitting a PR for it? I'd be happy to help you through the contribution process!
Closed maroux closed 5 years ago
sethvargo
commented
5 years ago Hey @maroux
This sounds like a great idea - would you like to try submitting a PR for it? I'd be happy to help you through the contribution process!
maroux
commented
5 years ago Awesome, I'll take a crack at it. Have another question - would a command like berglas edit make sense for this tool? This command would access the current secret, and open an editor so you can update it in-place, and then if file was saved, write the new secret back to GCS. There is some assumption about file contents here (that they are editable using an editor and is not, say, a pdf file) so I'm not sure if this command is a good fit but wanted to get your thoughts on it.
sethvargo
commented
5 years ago Maybe, but we should separate that. The hard part will be permissions - you may have permission to read a secret but not update (for example).
maroux
commented
5 years ago Yeah, let me create a separate issue and we can discuss there.
maroux
commented
5 years ago Moving edit command discussion to GoogleCloudPlatform/berglas#40
This is a great tool, and we're evaluating using it as a config manager (a la Heroku). The one feature that's missing is the ability to rollback easily by providing versioning. We can easily piggyback on GCS's versioning scheme that generates a new generation every time you change an object in a bucket that has versioning enabled. The
accesscommand could provide an additional flag which would return previous version of the object. Theexeccommand could do that as well, or just use latest version - which is fine in most cases.