Skip to content

feat!: Remove secret definitions through env vars #666

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Apr 12, 2024
Merged

feat!: Remove secret definitions through env vars #666

merged 7 commits into from
Apr 12, 2024

Conversation

Natoandro
Copy link
Contributor

@Natoandro Natoandro commented Apr 5, 2024
edited
Loading

Remove the ability to define secrets in the env vars of the typegate.

Secrets can now only be defined in the metatype config file and the --secret CLI option.

Motivation and context

Migration notes

  1. Metatype config file: On the node configuration, secrets are defined at secrets.<tg_name>.key:
# before
typegates:
  dev:
    env:
      TG_CONSOLE_POSTGRES_CONN: postgresql://postgres:password@localhost:5432/db?schema=console
      TG_CONSOLE_BASIC_ADMIN: password

#after
typegates:
  dev:
    secrets:
      console:
        POSTGRES_CONN: postgresql://postgres:password@localhost:5432/db?schema=console
        BASIC_ADMIN: password
  1. Secret override option on meta/cli
# before
meta deploy -f my-tg.py --secret TG_CONSOLE_POSTGRES_CONN=postgresql://postgres:password@localhost:5432/db?schema=console

# after
meta deploy -f my-tg.py --secret POSTGRES_CONN=postgresql://postgres:password@localhost:5432/db?schema=console
# or - with the typegraph name
meta deploy -f my-tg.py --secret console:POSTGRES_CONN=postgresql://postgres:password@localhost:5432/db?schema=console

Checklist

  • The change come with new or modified tests
  • Hard-to-understand functions have explanatory comments
  • End-user documentation is updated to reflect the change

@linear Linear
Copy link

linear bot commented Apr 5, 2024

MET-370 Easier way to pass secrets in `metatype.yaml` config file

@Natoandro Natoandro changed the title feat: Simpler way to pass secrets in metatype.yaml feat: Remove secret definitions through env vars Apr 9, 2024
@Natoandro Natoandro changed the title feat: Remove secret definitions through env vars feat!: Remove secret definitions through env vars Apr 9, 2024
@Natoandro Natoandro marked this pull request as ready for review April 10, 2024 11:22
@Natoandro Natoandro requested review from Yohe-Am, michael-0acf4, zifeo and destifo and removed request for Yohe-Am and michael-0acf4 April 10, 2024 11:22
@codecov Codecov
Copy link

codecov bot commented Apr 10, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 73.91%. Comparing base (4dfeb55) to head (bd76fa7).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #666      +/-   ##
==========================================
- Coverage   73.94%   73.91%   -0.03%     
==========================================
  Files         114      114              
  Lines       12898    12880      -18     
  Branches     1356     1355       -1     
==========================================
- Hits         9537     9520      -17     
+ Misses       3340     3338       -2     
- Partials       21       22       +1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Yohe-Am
Yohe-Am approved these changes Apr 11, 2024
View reviewed changes
Copy link
Contributor

@Yohe-Am Yohe-Am left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good stuff

zifeo
zifeo reviewed Apr 11, 2024
View reviewed changes
@Natoandro Natoandro merged commit 2752d4a into main Apr 12, 2024
@Natoandro Natoandro deleted the secrets-config/met-370 branch April 12, 2024 10:16
@Natoandro Natoandro mentioned this pull request Apr 16, 2024
Merged
3 tasks
Natoandro added a commit that referenced this pull request Apr 16, 2024
@Natoandro
fix: fix secret passing (#675)
ac544b3 
Fix secret passing in examples and documentation.

#### Motivation and context

Followup to #666.

#### Migration notes

_N/A_

### Checklist

- [x] The change come with new or modified tests
- [ ] Hard-to-understand functions have explanatory comments
- [x] End-user documentation is updated to reflect the change
@Natoandro Natoandro mentioned this pull request Apr 26, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zifeo zifeo zifeo left review comments

@Yohe-Am Yohe-Am Yohe-Am approved these changes

@michael-0acf4 michael-0acf4 Awaiting requested review from michael-0acf4

@destifo destifo Awaiting requested review from destifo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Natoandro @zifeo @Yohe-Am