search

SIOS-Technology-Inc / dacrane

"Dacrane" is a Delivery as Code (DaC) tool for deploying cloud infrastructures and applications anywhere.
Apache License 2.0
61 stars 1 forks source link

Secret sharing function #9

Closed t-ikeda-sti closed 1 year ago

t-ikeda-sti commented 1 year ago

User Story

Developers want to minimize the definition of cloud credentials. However, they do not always use the same credentials; they may be dynamically generated or use different credentials.

Acceptance Criteria

(Implemented also by #7 at the same time.)

t-ikeda-sti commented 1 year ago

Implemented also by #7 at the same time.

data kind allows passing authentication information, and references by expression allow dynamic authentication information to be passed.

The following is an example definition of data kind.

kind: data
name: azure_credential
provider: environment
parameters:
  - name: subscription_id
  - name: tenant_id
  - name: client_id
  - name: username
  - name: password
    secret: true

The following is an example of data kind reference.

parameters:
  credentials: ${{ data.azure_credential }}
  other_parameters: ...

The following is an example of a reference to a secret generated from a dependent resource.

parameters:
  app_settings:
    DOCKER_REGISTRY_SERVER_URL: ${{ resource.acr.url }}
    DOCKER_REGISTRY_SERVER_USERNAME: ${{ resource.acr.user }}
    DOCKER_REGISTRY_SERVER_PASSWORD: ${{ resource.acr.password }}
  other_parameters: ...