Secret type to represent secrets and integrate with the secrets handling #1232
Conversation
|
The type is What about supporting the existing types as secrets? Or at most maybe adding a wrapper e.g. Also please look into how Elytron does password encoding because it could be relevant. |
Yes, I was not too certain about the name, but the rationale was to keep it consistent with what we already have,
What do you mean? This only extends
We need the mapping generator to identify which elements are considered secrets. Either we provide a list of types for that case, or maybe we can make it work generically with a wrapper type. Let me see what I can do. |
| } | ||
|
|
||
| @Override | ||
| public ConfigValue getValue(final ConfigSourceInterceptorContext context, final String name) { | ||
| if (SecretKeys.isLocked() && secrets.contains(name)) { | ||
| if (SecretKeys.isLocked() && secrets.contains(new PropertyName(name))) { |
There was a problem hiding this comment.
Creating a new PropertyTime every time getValue is called may impact performance, perhaps consider iterating the Set and comparing the name instead?
There was a problem hiding this comment.
It was to move forward with the implementation. I haven't profiled the code yet, but I am not too worried about it because when we are populating the config, the secrets are unlocked, but I'll have a look. Thanks!
|
I've moved We need to figure out how to handle the nested converters piece. I'm wondering if we should support nested converter creation automatically. |
Adds a new wrapper type,
Secret<T>, to represent a secret. When aSecretis part of a mapping, the path is added to the Secrets interceptor, to not include the secret in property names or access the secret without callingSecretKeys.doUnlocked.This is initial work to support more advanced scenarios around secrets, that we should discuss.