Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for SecretBinary #1043

Closed
avpjanm opened this issue Jun 13, 2024 · 2 comments
Closed

Support for SecretBinary #1043

avpjanm opened this issue Jun 13, 2024 · 2 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@avpjanm
Copy link

avpjanm commented Jun 13, 2024
edited
Loading

First of all thanks a lot for this construct!

I am just wondering whether it is possible to create binary secrets. For example key stores.
I kind of got the idea from the readme:

Binary - Just the raw file[...]

But when I tried this it could see some string value of the secret in the console which is not the case for binary secrets.
@markussiebert
Copy link
Contributor

markussiebert commented Jun 14, 2024
edited
Loading

At the moment we use it already for keys, but handle them as 'strings' in the aws call. I agree we should add an option to pass the secret as binary (maybe this should be the default if option binary is used)

@markussiebert markussiebert added enhancement New feature or request help wanted Extra attention is needed labels Oct 10, 2024
@markussiebert markussiebert mentioned this issue Jan 27, 2025
Closed
@markussiebert markussiebert mentioned this issue Feb 10, 2025
Merged
markussiebert added a commit that referenced this issue Feb 11, 2025
@markussiebert @derbauer97 @lenderom
feat: sdkv2 (#1111)
dc789a9 
# BREAKING CHANGE: v2.0

Fixes #1090, #1096, #1092, #1043, #1045

# Features

- update Go AWS SDK V2
- Handling of raw secrets
- Handling of binary secrets

## Migrate from V1 to V2

It was required to change some user facing configuration properties. So minor changes are required to make things work again.

### SecretsManager
- Removed property convertToJSON, flatten, stringifiedValues 
- Use property rawOutput instaed:
  - `undefined / not set` => (default) convertToJSON and flatten and stringifiedValues = true
  - `RawOutput.STRING` => convertToJSON and flatten and stringifiedValues = false
  - `RawOutput.BINARY` => convertToJSON and flatten and stringifiedValues = false and Secret is binary

### Parameter
- Removed property convertToJSON, flatten, stringifiedValues => all of them made no sense - now only raw output of decrypted secret

### MultiParameter
- Removed property convertToJSON, flatten, stringifiedValues => most of this combinations made no sense
- Allways convertToJson and flatten (as we have to parse it to create multiple parameters)
- You are allowed to chose the flattenSeperator
---------

Signed-off-by: Florian Fl Bauer <[email protected]>
Signed-off-by: github-actions <[email protected]>
Signed-off-by: lennartrommeiss <[email protected]>
Co-authored-by: Florian Bauer <[email protected]>
Co-authored-by: github-actions <[email protected]>
Co-authored-by: lennartrommeiss <[email protected]>
Co-authored-by: Lennart Rommeiss <[email protected]>
@markussiebert
Copy link
Contributor

This is fixed in Version 2.0

you have to create a binary secret with sops and use rawOutput: RawOutput.BINARY in your Secret

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@markussiebert @avpjanm