Details
-
Feature Request
-
Resolution: Duplicate
-
Major
-
None
-
2.13.2 GA
-
False
-
None
-
False
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
Not Started
-
0
-
0%
Description
For customers managing products using CI/CD that have policy chains that involve sensitive data like tokens it can be difficult to provide that data in a way that does not require that data to be placed in a GIT repository or similar - especially when the Product is managed by the Operator so any value changes are overridden by the Operator during reconciliation.
For example, where "client_secret" is placed in this policy config it would be preferable to have an OpenShift secret reference so that the value would not need to be stored unencrypted in the customers GIT repository:
policies: - name: "token_introspection" version: builtin configuration: auth_type: "client_id+client_secret" client_id: "example-client" client_secret: "client_secret" introspection_url: "https://sso.example.com/auth/realms/foo/openid-connect/token/introspect" enabled: true
Attachments
Issue Links
- duplicates
-
THREESCALE-8002 Enable using secretKeyRef to specify APIcast policies configurations
- Closed
- links to