Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
  • Sign in / Register
  • H Home
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 61
    • Issues 61
    • List
    • Boards
    • Service Desk
    • Milestones
    • Iterations
    • Requirements
  • Merge requests 0
    • Merge requests 0
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Package Registry
    • Container Registry
    • Infrastructure Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Code review
    • Insights
    • Issue
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Open Subsurface Data Universe SoftwareOpen Subsurface Data Universe Software
  • Platform
  • Data Flow
  • Data IngestionData Ingestion
  • External Data Sources
  • Home
  • Issues
  • #161
Closed
Open
Issue created Jun 04, 2021 by Jacob Rougeau@jrougeauOwner10 of 14 checklist items completed10/14 checklist items

Develop Secret Service

As a Platform Administrator I need a common service interface that can facilitate the storage and retrieval of various types of secrets in a specified repository(ies) so that secrets can be secure, separated from the secrets in the infrastructure repository, and be managed easily be interfacing applications.

Acceptance Criteria

  • Service is written in Java using the same frameworks, patterns, and practices as other core OSDU services.
  • Unit tests pass
  • Design is in alignment with OpenAPI specification. Take liberty to make updates to design as needed (i.e. to incorporate partition awareness)
  • API implements a common interface. (aka Cloud Service Provider interface). i.e. ISecretManager GetSecret, StoreSecret, etc
  • Implementation code, like that for Secret Manager, will be in its own provider folder (follow same pattern you see on OSDU core services)
  • Secret Manager code is in its own specific repository
  • Secret Service is partition-aware
  • Python SDK is updated

Tasks

  • Find and Compare the open source solutions for Secret Service storage.
  • Compare HashiCorp Vault with Keycloak.
  • Compare HashiCorp with CSP Native solutions.
  • Finalize the Approach for secret service development.
  • Review the code for other OSDU Core APIs and get a feel for the frameworks and style. Reach out on Slack and connect with others if you have questions about it.
  • Review and understand the Secret Service ADR
  • Review and understand the OpenAPI proposal for the Secret Service
  • Understand how to use the existing AWS Secret Manager that has been set up for EDS. This will be the "implementation" level underneath the interface.
  • Coordinate the creation of a Secrets Manager repository under Core Services (Raj/Ethiraj or David Diederich
  • Create unit tests.
  • Create APIs
  • Update SDK
  • Develop sequence diagram ![Sequence_Diagram_For_Retrieving_Secrets] Sequence_Diagram_For_Update_Secrets- [x] Configuring local setup for test environment [Shankar]
  • Test unit cases [Shankar]. It is related with Create unit tests so it is also in progress.
Edited Jun 07, 2022 by Shankar Pattanayak
Assignee
Assign to
Time tracking