Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
The presence of the `next-rotation-on` tag should be verified only for secrets in the manifest
See original GitHub issueProblem
When we’re validating secrets, we load the list of secrets from the manifest. Then we get all the secrets from all associated KeyVaults so that we can print extraneous secrets. For each KeyVault secret, we verify that it has the next-rotation-on tag and if doesn’t, we log an error regardless of whether the secret is or is not in the original manifest. This ends up flagging over a 100 secrets currently which might be in the KeyVault for some time already and were never rotated with the tooling before.
Proposal
We should only verify secrets from the manifest. E.g. we could move the logging statement out but I have no knowledge about whether this should apply to all secrets or just the KeyVault ones…
Something like this - move the logging from within the ListSecretsAsync method to the foreach:
Alternatively, we could also pass the the list of secret names to the ListSecretsAsync and make it compare against that.
Related: https://github.com/dotnet/arcade-services/pull/2234
Release Note Description
Not release not worthy
Issue Analytics
- State:
- Created 6 months ago
- Comments:5 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Yup this was resolved in https://github.com/dotnet/arcade-services/pull/2238, sorry for not putting it here earlier
P.S. @premun you write really nice issues.