Decrease code paths where secrets can be accessed #9947
Assignees
Labels
area/platform
issues related to the platform
team/compose
team/platform-move
type/enhancement
New feature or request
Comments
cgardens
added
type/enhancement
|
One other part that makes this complicated is not having a separated secrets strategy / migration for this for OSS. It'd be better if we even used a table with globally encrypted values or something so we don't have misleading names depending on the configuration. |
|
closed by #8898 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Tell us about the problem you're trying to solve
Currently secrets are written and read using
ConfigRespository. This makes it heard to easily tell where secrets can be access because this class is used frequently throughout the codebase. We should refactorConfigRepositoryto not include secrets handling so it is easier to track where secrets might be accessed.PR to address it here.
The text was updated successfully, but these errors were encountered: