Closed evie-lau closed 5 years ago
Also, currently Portfolio doesn't follow the secret format generated by the Service Broker. The secret keys there will need to be changed as well to match up with Service Broker Event Stream generated secrets.
Documented in IBMStockTrader/portfolio#30
It makes sense to me that we need only 1 apiKey here. It also makes sense that we should be consistent in the case when we don't have a SB and when we do. We can follow up on these with @jwalcorn and the relevant folks to determine best practices.
Discussed and concluded that we should have separate apiKey for different services (for isolation) especially since the service that produces events is a different one from the service that consumes service. Better for security too. If a service will both product and consume events, one apiKey will suffice but each service should have its own unique apiKey.
We are currently using the secrets
trade-history-kafka
andtrade-history-kafka-keystore
for this project. We may want to consolidate to use the same secrets as the portfolio project.The keystore (certs.jks) will have no issue, as it is the same file regardless of project.
However,
trade-history-kafka
(equivalent ofkafka
) contains theapi-key
value. When generating an api-key, there is an option to have it be able to 1) produce, 2) consume, or 3) produce and consume.To consolidate, generated api key will need to be able to both produce and consume to work for both projects. Any issue on combining the two functions into one api key?