GitLab

As a Platform Administrator I need a common service interface that can facilitate the storage and retrieval of various types of secrets in a specified repository(ies) so that secrets can be secure, separated from the secrets in the infrastructure repository, and be managed easily be interfacing applications.

Acceptance Criteria

• Service is written in Java using the same frameworks, patterns, and practices as other core OSDU services.
• Unit tests pass
• Design is in alignment with OpenAPI specification. Take liberty to make updates to design as needed (i.e. to incorporate partition awareness)
• API implements a common interface. (aka Cloud Service Provider interface). i.e. ISecretManager GetSecret, StoreSecret, etc
• Implementation code, like that for AWS Secret Manager, will be in its own provider folder (follow same pattern you see on OSDU core services)
• Secret Manager code is in its own specific repository
• Secret Service is partition-aware
• Python SDK is updated

Tasks

• Review the code for other OSDU Core APIs and get a feel for the frameworks and style. Reach out on Slack and connect with others if you have questions about it.
• Review and understand the Secret Service ADR
• Review and understand the OpenAPI proposal for the Secret Service
• Understand how to use the existing AWS Secret Manager that has been set up for EDS. This will be the "implementation" level underneath the interface.
• Coordinate the creation of a Secrets Manager repository under Core Services (Raj/Ethiraj or David Diederich
• Create unit tests
• Create APIs
• Update SDK