Skip to content

Latest commit

 

History

History
119 lines (107 loc) · 6.7 KB

TODO.md

File metadata and controls

119 lines (107 loc) · 6.7 KB

TODO

Completed from old roadmap

  • Exporting of secrets to multiple outputs (dotenv, tfvars)
  • Seeding of secrets not already in the store
  • Export outputs to stdout (no logging allowed)
  • Command for reading a single secrets value
  • Context support (dev / production / cicd / localdev etc)
  • Key format for Parameter Store
  • Remapping support for outputs (PaymetApiKey -> Payment__ApiKey)
  • Json output format
  • Flag for specifying other filenames for racoon.y*ml
  • Cleaner handling of errors (less panic, more logging and exit codes)
  • Ability to select secrets for export using flags (racoon export --include||--exclude Secret1)
  • Ability to select secrets for export using output config (include:[] exclude:[])
  • Configuration of outputs (example: dotenv without doublequotes)
  • Update description on existing secrets

Completed

  • Introduced properties concept (replaces secrets)
  • Introduced the concept of sensitive values
  • Introduced layers concept
  • Allow changing the log-level using flag
  • Allow defining a property in a layer
  • Enforce sensitive value from a source (awsParameterStore etc)
  • Allow changing a property to "sensitive" in upper layer
  • Validate parameters as specified by manifest file (required or just defined)
  • Verify explicit overrides works
  • Allow formatting of a value by replacing keys as specified by the property
  • Allow implicit override from sources specified in a layer where property is defined in parent layer
  • Config: Deny implicit overrides from any layer above
  • Config: Deny explicit overrides from any layer above
  • How do we express that an empty value is OK for a property? (use default: ""?)
  • Allow output filter (all, sensitive, cleartext)
  • Re-implement read command
  • Basic layer regexp matching
  • Re-implement create command (renamed to write)
  • General refactor
  • Resolve important TODO's in code
  • Rename "layer" flag and alias to "parameter" and "p"
  • Rename deny* to allow* (allowImplicit: true), default must change
  • Remove "current value" from prompt for new values (write command)
  • Bug, do not ask about preview twice (when using write command)
  • Bug, when setting new value, never allow log of sensitive value
  • Parameter validation (regexp)
  • Basic test cases
  • Add support for regexpReplace (regexpReplace: "/demo-*//")
  • Allow writing fortatter sources as defined by formatting config
  • Allow specifying value to be treated as error by source (only AwsParameterStore supported at the moment)
  • Improved layer matching and error handling
  • Warn about trying to "override" rules of a property
  • Warn about trying to "override" description of a property
  • Warn about defining explicit property in layer when explicity overrides is not allowed by parent property rules
  • Validate that ImplicitSources list is unique
  • Option to sort output keys (dotenv)
  • UI command with web interface that allows comparing results between different exports
  • Support multiple paths with formatting for outputs (using --path= should override all paths specified in manifest)
  • Feature: Dot-based property name format for grouping and to enable structured output in json etc (name: Translation.TravelwebUrl -> {"Translation": {"TravelWebUrl": "..."}})?
  • Allow extending a base config, referencing a yaml file to serve as the base
  • Tagging of AWS SSM parameters using default tags (owner + version) and labels
  • Fix: Allow base config to define layers (currently, base layers are replaced by layers in defined by referencing config)
  • Fix: If base config has layers but referencing config does not, validation error for "duplicate layer" is triggered.
  • Added config show command to display the final configuration (after merge with base configs)
  • Basic implementation of a backend for configurations (with support for AWS S3 and KMS)
  • Basic UI for view backend configurations
  • Allow enabling and disabling backend usage using RACOON_BACKEND_ENABLED=true/false
  • Fix: Read command must match argument to a single property, no property match
  • Fix: write command needs log message when no properties have a writable source
  • Fix: Remove support for optional properties, define them in lower layer instead??? should be an error
  • Fix: Bad logging (racoon WARN[0000] dotenv file local.env was not found ... racoon DEBU[0000] dotenv file local.env loaded)
  • Feature: Allow prefix for dotenv output (could be used to do "export FOO=bar" or "MYSVC_FOO=bar")
  • Feature: Allow {name} to be replaced with the manifest name
  • Feature: Added logging of provided parameters during matching
  • Feature: Optional formatters where replacement can be enforced by defining rules
  • Feature: "config init" command for generating a "started" config

In progress

  • Initial round of real world testing

Next

Pre-release

  • Test conventional commit and goreleasers changelog feature
  • Enforce conventional commit
  • What's the tagline for the project, update readme, repository and cli help
  • Project branding
  • More and better tests on multiple levels and components (e2e, unit etc)
  • Documentation, lot's of it
  • Write a getting started guide
  • Write a guide for contributing to the project

Proposals

NOTE! These have yet to make it onto the project board

  • Feature: Basic support for Int, String and Boolean values
  • Feature: Validation options, Value type (Int, String, Bool etc)
  • Feature: Validation options, Value match Regexp (.*)
  • Feature: Validation options, String values - MinLength: 3, MaxLength: 16 etc
  • Feature: Auditing: Track who, what and when (enables "last accessed" reviews for sources)
  • Feature: Allow layers to be defined in separate files
  • Feature: Use config.sources as a way to enable the use of a source (if not specified, then it's not enabled)?
  • Feature: Add output type "merge", that combines aliased outputs
  • Feature: Conditional outputs, based on same matching method as layers
  • Feature: Command for listing properties
  • Feature: Deleting a value from a writable source (useful for cleanup)
  • Feature: Moving a value from one source to another
  • Feature: Copying a value from one source to another
  • Feature: Certificate output format
  • Feature: Kubernetes secret output format
  • Feature: Kubernetes configmap output format
  • Feature: "Naming" conventions for outputs
  • Feature: New writable source, AWS Secrets Manager
  • Feature: New writable source, Azure Key Vault
  • Feature: Readonly properties (used for consuming values managed by external system)