Add client side state configuration variables to `syndesis-rest`

syndesisio / syndesis-openshift-templates

OpenShift Templates for Syndesis

7 stars 18 forks source link

Add client side state configuration variables to `syndesis-rest` #63

Open zregvart opened 7 years ago

zregvart commented 7 years ago

Environment variables that need to be set:

CLIENT_STATE_AUTHENTICATION_ALGORITHM, value: HmacSHA1
CLIENT_STATE_AUTHENTICATION_KEY, value: random 20 bytes
CLIENT_STATE_ENCRYPTION_ALGORITHM, value: AES/CBC/PKCS5Padding
CLIENT_STATE_ENCRYPTION_KEY, value: random 16 bytes
CLIENT_STATE_TID, value: 1

Random values could be set in the environment of the user adding templates (similar to GITHUB_CLIENT_ID).

zregvart commented 7 years ago

If these are not specified random key are generated and default algorithms are used. TID is set to a random long value. This is not well suited for clustered deployments and will not failover.

rhuss commented 7 years ago

Would a randomly generated default value for the random data above be sufficient (as described in https://docs.openshift.com/container-platform/3.5/dev_guide/templates.html#writing-parameters) ?