search

kramphub / kiya

manage secrets for development and infrastructure deployment using Google Cloud Platform
Other
16 stars 9 forks source link

Feature: Add Support For Google Secret Manager #24

Closed soheily98 closed 3 years ago

soheily98 commented 3 years ago

Context

This PR aims to add support for Google Secret Manager.

To make that possible I introduced the Backend interface that gives you the flexibility to add support for more secret providers.

Two implementations are there for the Backend interface. KMS is the already existing one, and GSM is the newly implemented Google Secret Manager backend.

An example of a .kiya file will look like this:

{
    "personal-secret-manager": {
        "backend": "gsm",
        "projectId": "blah-blah"
    },
    "personal-kms": {
        "projectId": "blah-blah",
        "location": "europe-west3",
        "keyring": "personal",
        "cryptoKey": "personal",
        "bucket": "something"
    }
}

You can mention kms or gsm as the value for backend in each Kiya profile. If you don't, kms is used as the fallback.

Related issue

See #23.

emicklei commented 3 years ago

LGTM, the code is improved by separating interface (Backend) from implementation (KMS, GSM). For testing we could eventually add a Memory backend...