You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The Vault configuration supports structured keys based on (default and configured) application name and active environments, which is obviously a great feature. Given application name "my-application" and environment "production" the following requests are sent:
/application
/my-application
/application/production
/my-application/production
Additionally, Micronaut activates some environments automatically (e.g. "cloud" or "cli"), each causing two additional requests. However, a lot of these requests might be unnecessary - in our setup, this gives 10 requests, when we really only need "/my-application/production" (all other requests will result in 404 anyway).
In order to improve startup performance and reduce the load on the Vault service, it would be great to make this configurable (configuration names up for discussion):
vault.client.ignore-default-application: boolean flag to remove the /application and /application/[env] keys
vault.client.ignore-default-environment: boolean flag to remove the /application and /[application-name] keys
vault.client.ignored-environments: set of environment names to ignore when generating the keys
For backward compatibility, the defaults should be false and an empty set.
Feature description
The Vault configuration supports structured keys based on (default and configured) application name and active environments, which is obviously a great feature. Given application name "my-application" and environment "production" the following requests are sent:
/application/my-application/application/production/my-application/productionAdditionally, Micronaut activates some environments automatically (e.g. "cloud" or "cli"), each causing two additional requests. However, a lot of these requests might be unnecessary - in our setup, this gives 10 requests, when we really only need "/my-application/production" (all other requests will result in 404 anyway).
In order to improve startup performance and reduce the load on the Vault service, it would be great to make this configurable (configuration names up for discussion):
vault.client.ignore-default-application: boolean flag to remove the/applicationand/application/[env]keysvault.client.ignore-default-environment: boolean flag to remove the/applicationand/[application-name]keysvault.client.ignored-environments: set of environment names to ignore when generating the keysFor backward compatibility, the defaults should be
falseand an empty set.This would probably need to be implemented in the protected method VaultConfigurationClient#buildVaultKeys, which should not have any outside impact.
The text was updated successfully, but these errors were encountered: