Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. #10222

Open
6 of 28 tasks
Sn0rt opened this issue Sep 18, 2023 · 1 comment
Open
6 of 28 tasks

Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. #10222

Sn0rt opened this issue Sep 18, 2023 · 1 comment
Assignees
@Sn0rt
Labels
feature-request

Comments

@Sn0rt
Copy link
Contributor

Sn0rt commented Sep 18, 2023
edited
Loading

Description

This task is a sub-requirement of 8319 and is used to independently verify the vault as the backend of the Secert manager.

Define the Data Range That Secret Manager Can Protect

The following configuration is designed to obtain values from the secert manager, which is called referenceable.

  • authentication plugin
    • Basic-auth 's password
    • Key-auth key
    • ldap-auth user_dn
    • appid of Wolf-rbac
    • Hmac-auth’s access_key and secret_key
    • Jwt-auth secret
    • client_secret of authz-keycloak (need test case ( work in progress
    • client_secret of authz-casdoor (need test case
    • client_secret of openid-connect (need test case
    • The RBAC configuration file information of authz-casbin requires secondary confirmation.
  • logger plugin
    • http-logger: auth_header (option)
    • tcp-logger: tls_options(option)
    • kafka-logger: brokers.sasl_config.user, brokers.sasl_config.password, key(option) of
    • rocketmq-logger: access_key, secret_key of
    • clickhouse-logger: user, password
    • error-log-logger: clickhouse.user, clickhouse.password,
    • error-log-logger: kafka.brokers.sasl_config.user, kafka.brokers.sasl_config.password, kafka.key
    • sls-logger: access_key_id, access_key_secret
    • google-cloud-logging: auth_config.private_key
    • loggly: customer_token
    • elasticsearch-logger: auth.password
    • tencent-cloud-cls: secret_id, secret_key
  • Other plugin
    • kafka-proxy: sasl.password
  • Security plugin
    • csrf: key
@Sn0rt Sn0rt changed the title Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. Secert Manager sub-task: new test case proves that the vault works as the secret manager backend. Sep 18, 2023
@Sn0rt
Copy link
Contributor Author

Sn0rt commented Oct 16, 2023
edited
Loading

PR list:
authz-keycloak #10353

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Sn0rt Sn0rt

Labels
feature-request
Projects
Apache APISIX backlog
Status: 🏗 In progress
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Sn0rt @monkeyDluffy6017