viovanov
commented
3 years ago Blocked by #1607
Open viovanov opened 3 years ago
viovanov
commented
3 years ago Blocked by #1607
thardeck
commented
3 years ago If we use the original Concourse vault resource (v1) then we are kind of forced into a granular structure anyway: https://concourse-ci.org/vault-credential-manager.html#vault-credential-lookup-rules
Is your feature request related to a problem? Please describe. Right now we have a few secrets that contain many values for unrelated things (e.g. rubygems, dockerhub, github, etc.). Each key is unique, and when rotating we only have to do it once.
Describe the solution you'd like We should have one secret per subject. Policies should exist per consumer (pipeline), and mention only required secrets.
Additional context
1607