[Feature] - Key in state, release 1.2.0

vapor-ware / sctl

SCTL is not End2End encryption, instead SCTL is more of an envelope, in which you store secrets until they are needed, and those secrets should only remain available in plain text while the operation that needs them is active.

GNU General Public License v3.0

8 stars 2 forks source link

[Feature] - Key in state, release 1.2.0 #48

Closed lazypower closed 4 years ago

lazypower commented 5 years ago

Adds a new feature, enhancing the format of the secrets envelope. The idea being that the user wont have to key in the key path more than once, and once a secret state file has a keyURI it will favor that keyURI and will aggressively check that the operator is storing secrets using the same KeyURI per state-file.

This ships with a pretty invasive change to how we read/process/load secrets. I expect there to be a little fallout from this revision but nothing too un-patchable.

lazypower commented 5 years ago

Seeing as how this is non-critical and its late on a Friday, this can totally wait :)

Final output of my efforts today: coverage: 81.2% of statements

Not 100% but that's a 50% improvement over previous builds.

lazypower commented 4 years ago

Ok, Review feedback implemented and I think I got all the cases here. Thank you for the thorough review :)