-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for deleting tokens & keypairs #3359
Support for deleting tokens & keypairs #3359
Conversation
This now allows for deleting all secrets, which means we can have a procedure for rotating all keys.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Some questions for yah
@@ -55,6 +55,17 @@ func (c *VFSSecretStore) FindSecret(id string) (*fi.Secret, error) { | |||
return s, nil | |||
} | |||
|
|||
func (c *VFSSecretStore) DeleteSecret(item *fi.KeystoreItem) error { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this generated? If not comments please ;)
upup/pkg/fi/vfs_castore.go
Outdated
} | ||
p := c.buildCertificatePath(item.Name, version) | ||
if err := p.Remove(); err != nil { | ||
return err |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we need fmt?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We use fmt when we are adding information to the error. Kinda marginal here, but I'll add it...
We need fmt.Errorf
when we're returning a third party error we can't control. But if we wrap all our errors we end up with:
cannot do X: failed to do X: unable to X: error while doing X: <real error>
Addressed comments - PTAL @chrislovecnm |
/retest |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: chrislovecnm The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
/test all [submit-queue is verifying that this PR is safe to merge] |
Automatic merge from submit-queue |
This now allows for deleting all secrets, which means we can have a
procedure for rotating all keys.