Uploaded image for project: 'Serverless logic'
  1. Serverless logic
  2. SRVLOGIC-11

[core] Workflow secrets and authentication

    XMLWordPrintable

Details

    • Feature
    • Resolution: Done
    • Critical
    • 1.24.0
    • None
    • serverless-workflow
    • None
    • False
    • None
    • False
    • 0
    • 0% 0%
    • 2022 Week 32-34 (from Aug 8)

    Description

      Motivation

      It’s possible to retrieve and freely look inside the workflow definition. Therefore sensitive information needs to be stored securely. Service call authentication is a common use case when we need to use secret passwords and authentication tokens.

      Goal

      Enable use of externally stored secrets

      Scenarios

      As a developer, I need to store secrets such as passwords in a secure vault in order to use those secrets in service calls for authentication.

      As a developer, I want to use environment variables in my expressions / external calls so that I don’t have to hard code constants in my workflow.

      Expected outcomes

      Workflows can access environments variables

      Workflows can use secrets from secured vaults

      Externally stored secrets can be used in workflows for service call authentication

      Workflows operation functions can use basic authentication

      Workflows operation functions can use bearer tokens

      OAuth2 authorization flow is out of scope of this requirement (tracked separately)

      Attachments

        Issue Links

          Activity

            People

              rhn-support-zanini Ricardo Zanini Fernandes
              ibek1@redhat.com Ivo Bek
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: