Skip to content

GitLab

Projects Groups Snippets

/

Help
Sign in / Register

H Home
Project information
- Project information
- Activity
- Labels
- Members
Repository
- Repository
- Files
- Commits
- Branches
- Tags
- Contributors
- Graph
- Compare
- Locked Files
Issues 61
- Issues 61
- List
- Boards
- Service Desk
- Milestones
- Iterations
- Requirements
Merge requests 0
- Merge requests 0
CI/CD
- CI/CD
- Pipelines
- Jobs
- Schedules
- Test Cases
Deployments
- Deployments
- Environments
- Releases
Packages and registries
- Packages and registries
- Package Registry
- Container Registry
- Infrastructure Registry
Monitor
- Monitor
- Incidents
Analytics
- Analytics
- Value stream
- CI/CD
- Code review
- Insights
- Issue
- Repository
Wiki
- Wiki
Snippets
- Snippets
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards

Collapse sidebar

Open Subsurface Data Universe Software
Platform
Data Flow
Data Ingestion
External Data Sources
Home
Issues
#161

Closed

Open

Issue created Jun 04, 2021 by Jacob Rougeau @jrougeauOwner10 of 14 checklist items completed10/14 checklist items

Develop Secret Service

As a Platform Administrator I need a common service interface that can facilitate the storage and retrieval of various types of secrets in a specified repository(ies) so that secrets can be secure, separated from the secrets in the infrastructure repository, and be managed easily be interfacing applications.

Acceptance Criteria

Service is written in Java using the same frameworks, patterns, and practices as other core OSDU services.
Unit tests pass
Design is in alignment with OpenAPI specification. Take liberty to make updates to design as needed (i.e. to incorporate partition awareness)
API implements a common interface. (aka Cloud Service Provider interface). i.e. ISecretManager GetSecret, StoreSecret, etc
Implementation code, like that for Secret Manager, will be in its own provider folder (follow same pattern you see on OSDU core services)
Secret Manager code is in its own specific repository
Secret Service is partition-aware
Python SDK is updated

Tasks

Find and Compare the open source solutions for Secret Service storage.
Compare HashiCorp Vault with Keycloak.
Compare HashiCorp with CSP Native solutions.
Finalize the Approach for secret service development.
Review the code for other OSDU Core APIs and get a feel for the frameworks and style. Reach out on Slack and connect with others if you have questions about it.
Review and understand the Secret Service ADR
Review and understand the OpenAPI proposal for the Secret Service
Understand how to use the existing AWS Secret Manager that has been set up for EDS. This will be the "implementation" level underneath the interface.
Coordinate the creation of a Secrets Manager repository under Core Services (Raj/Ethiraj or David Diederich
Create unit tests.
Create APIs
Update SDK
Develop sequence diagram ![Sequence_Diagram_For_Retrieving_Secrets] - [x] Configuring local setup for test environment [Shankar]
Test unit cases [Shankar]. It is related with Create unit tests so it is also in progress.

Edited Jun 07, 2022 by Shankar Pattanayak

Assignee

Assign to

Time tracking