feature request: secrets for credentials in notification requests

docker-flow / docker-flow-swarm-listener

Docker Flow Swarm Listener

http://swarmlistener.dockerflow.com/

MIT License

69 stars 49 forks source link

feature request: secrets for credentials in notification requests #21

Closed dsw9742 closed 6 years ago

dsw9742 commented 6 years ago

Current DFSL API requires basic authentication credentials be included in clear-text in the values provided to the notification URLs, e.g. --env DF_NOTIFY_CREATE_SERVICE_URL=http://username:passwordortoken@test.org/service/createOrUpdate. It would be ideal if credentials could be provided in a more secure manner, perhaps using Docker secrets instead, e.g. similar to how DFP handles sensitive information.

thomasjpfan commented 6 years ago

I propose the following implementation:

DFSL will look for a secret named df_notify_create_service_url which contains a comma separated list of urls. These urls will be added to the list of urls DFSL is sending create notifications to. The other secrets will be named df_notify_remove_service_url, df_notify_create_node_url, df_notify_remove_node_url.

@dsw9742 What do you think?

dsw9742 commented 6 years ago

This is much better than my suggestion. I think it sounds great

thomasjpfan commented 6 years ago

@dsw9742 This feature was added in dockerflow/docker-flow-swarm-listener:18.08.01-31. Please test it out and see if it works for your use case.