Uploaded image for project: 'Serverless logic'
  1. Serverless logic
  2. SRVLOGIC-11

[core] Workflow secrets and authentication

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Done
    • Icon: Critical Critical
    • 1.24.0
    • None
    • serverless-workflow
    • None
    • False
    • None
    • False
    • 2022 Week 32-34 (from Aug 8)

      Motivation

      It’s possible to retrieve and freely look inside the workflow definition. Therefore sensitive information needs to be stored securely. Service call authentication is a common use case when we need to use secret passwords and authentication tokens.

      Goal

      Enable use of externally stored secrets

      Scenarios

      As a developer, I need to store secrets such as passwords in a secure vault in order to use those secrets in service calls for authentication.

      As a developer, I want to use environment variables in my expressions / external calls so that I don’t have to hard code constants in my workflow.

      Expected outcomes

      Workflows can access environments variables

      Workflows can use secrets from secured vaults

      Externally stored secrets can be used in workflows for service call authentication

      Workflows operation functions can use basic authentication

      Workflows operation functions can use bearer tokens

      OAuth2 authorization flow is out of scope of this requirement (tracked separately)

            rhn-support-zanini Ricardo Zanini
            ibek1@redhat.com Ivo Bek
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: