[WIP] Add /api/v0/secrets REST endpoint

projectatomic / commissaire-http

Commissaire HTTP server

GNU General Public License v3.0

3 stars 7 forks source link

[WIP] Add /api/v0/secrets REST endpoint #79

Closed mbarnes closed 7 years ago

mbarnes commented 7 years ago

WIP - Totally untested sketch code.

Borrows code from requests-unixsocket (see https://github.com/projectatomic/commissaire-http/issues/78).

mbarnes commented 7 years ago

(3) [multi-host-mgr-2] Proxy Custodia's REST API

mbarnes commented 7 years ago

Current code is closer to working, but I'm using the so-called "magic path_info" feature of routes for the "/api/v0/secrets" endpoint, and I've come to realize that we need to integrate routes.middleware.RoutesMiddleware for the SCRIPT_NAME / PATH_INFO alteration to work correctly. I'm relying on that to build the Custodia URL.

Assuming I don't hit any roadblocks, expect a separate PR for that soon...

mbarnes commented 7 years ago

@ashcrow and I discussed some revisions to CPD-101. We agreed to reserve the public /api/v0/secrets endpoint for proxying other Custodia instances, and just have the storage service talk directly to a properly configured local Custodia instance (instead of looping back to the Commissaire endpoint).

That has some implications for containerizing the storage service + Custodia together, but it looks solvable. Proxying other Custodia instances is out of scope for the CPD, so I'm closing this PR in favor of https://github.com/projectatomic/commissaire-service/pull/69.