duglin
commented
6 years ago Or at least the docs for the service should make it clear how to interpret the data - they need to do that anyway for people to know what fields to expect.
Closed luksa closed 5 years ago
duglin
commented
6 years ago Or at least the docs for the service should make it clear how to interpret the data - they need to do that anyway for people to know what fields to expect.
duglin
commented
6 years ago Assigned to @luksa but @jmrodri will help
n3wscott
commented
6 years ago in the current binding response, I would assume you do something like:
{
"credentials": {
"pfx_base64": "dsainudasiunsdaijndasijnadsjonadsiodnsaiuadsiuan"
}
}And it could be based on to the application but it would have to be processed?
I see how this can be awkward. Does kubernetes have the concept of a file object that it can pass into a pod?
mattmcneeney
commented
5 years ago This is possible today, and #116 discusses having a schema for binding responses which may help this further.
The spec doesn't say anything about how brokers are supposed to return credentials in binary form (e.g. a PFX certificate). Binary data in JSON is usually base64-encoded, but the receiving end must know that the field is base64-encoded. In our case, the platform can't know that.
Not sure if we can do anything about this, but maybe it makes sense to clearly state that users are on their own?