Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle Operator API secret Updates #3276

Open
3 tasks
Tracked by #2893
BlairCurrey opened this issue Feb 6, 2025 · 0 comments
Open
3 tasks
Tracked by #2893

Handle Operator API secret Updates #3276

BlairCurrey opened this issue Feb 6, 2025 · 0 comments
Labels
discussions: ideas Convert to an idea discussion

Comments

@BlairCurrey
Copy link
Contributor

BlairCurrey commented Feb 6, 2025
edited
Loading

Currently we do not handle operator secret updates correctly. The operator is identified by the api secret from the config (coming from environment variable). As a result:

  • If we update the operators api secret use it for subsequent api requests, we get a 401 instead of success.
  • If we updated the operators api secret and use the original secret on subsequent requests, it works instead of 401ing.

We concluded that we do not want to support updates at run time due to the coordination required with the integration server operator to update on their end as well, and the infrequency of the need to rotate.

TODO:

  • Disallow operator secret updates via admin api.
  • Allow updating secret via environment variable by updating operator's secret database field to the config value on application start
  • Document this behavior and note that it requires coordination with the integration sever operator, who needs to update the secret as well
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
discussions: ideas Convert to an idea discussion
Projects
Rafiki
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BlairCurrey