Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Random keyname for transferprocess DataDestination secret in vault #4521

Open
rafaelmag110 opened this issue Oct 2, 2024 · 2 comments
Open
Labels
feature_request New feature request, awaiting triage
Milestone

Comments

@rafaelmag110
Copy link
Contributor

rafaelmag110 commented Oct 2, 2024

Feature Request

During transfer process initialization, a provider stores DataDestination secrets in its vault using dataDestination.getKeyName() as secret key.

This can lead to unintentional secret overwrites.

Which Areas Would Be Affected?

TransferProcessManager.processInitial()

Solution Proposal

Have the secret stored with a random uuid as key.

@rafaelmag110 rafaelmag110 added feature_request New feature request, awaiting triage triage all new issues awaiting classification labels Oct 2, 2024
@ndr-brt ndr-brt removed the triage all new issues awaiting classification label Oct 16, 2024
@ndr-brt ndr-brt added this to the Milestone 18 milestone Oct 16, 2024
@AndrYurk
Copy link
Contributor

Hello. I would like to take care about it, please assign.

@jimmarino
Copy link
Contributor

We should have a design document for this first. For example, how are vault entries to be cleaned up?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature_request New feature request, awaiting triage
Projects
None yet
Development

No branches or pull requests

4 participants