Closed alexisdondon closed 3 months ago
I added the prefix to the vault configuration in region on this PR : https://github.com/InseeFrLab/onyxia-api/pull/408
Please test image tagged vault-prefix
and see if it suits your need.
I can't seem to make use of the prefix when configured (but this might be a me problem rather than an Onyxia problem 🙃 ).
After using the vault-prefix
tag and adding the parameter in my region, I do see it coming back in the Onyxia UI :
But this itself is apparently not enough, as every request going to Vault use a $username
endpoint, instead of the ${prefix}${username}
I expected (in the screenshot below, ozp6kz
vs user-ozp6kz
) :
Am I misunderstanding the intent or scope of this feature ? Or am I missing something, maybe a parameter or something similar (or some additional changes to UI of Onyxia) ?
can you check the api response for the request on the /user/info endpoint. ?
Not sure if this is the relevant part, but the vaultTopDir
comes back as being just $username
and not ${prefix}${username}
:
Yup, I made a mistake in the PR, I just fixed it
The image built with your latest commit included works as intended : the vaultTopDir
does include the prefix, and the UI shows the proper secrets (in my case : with a prefix for user projet, and without for group projects).
Thanks ! :)
onyxia let add prefix to namespace https://github.com/InseeFrLab/onyxia-api/blob/main/docs/region-configuration.md#services-properties
namespacePrefix groupNamespacePrefix
So when singleNamespace is not true (one namespace by user/project).
It could be interesting that vault directory construct by the ui take the same prefix.
I don't know it should rely on namespacePrefix and groupNamespacePrefix or two new values.