external-auth-server icon indicating copy to clipboard operation
external-auth-server copied to clipboard

Published 20 hours ago verified publisher icon travisghansen

Add EAS_ENCRYPT_IV_SECRET environmental variable to helm template

Open venkyhodigere opened this issue 4 years ago • 4 comments
trafficstars

Hi there,

I wanted to use the initialization vector for the config token encryption with AES.

I saw that the support for IV is already there in utils.js https://github.com/travisghansen/external-auth-server/blob/master/src/utils.js#L14

But the env var setup for EAS_ENCRYPT_IV_SECRET is missing in the deployment.yaml helm template: https://github.com/travisghansen/external-auth-server/blob/master/charts/external-auth-server/templates/deployment.yaml

I was wondering if you are ok if I go ahead and add it in there and raise a PR.

Venky

venkyhodigere avatar Nov 03 '21 20:11 venkyhodigere

Welcome!

Yeah of course! Let's get it added. Just make sure to add it as a secret value and treat it similar to how the rest of the secrets are treated.

travisghansen avatar Nov 03 '21 21:11 travisghansen

I have added it as a secret value.

Would it be possible to take a look at the PR: https://github.com/travisghansen/external-auth-server/pull/137

venkyhodigere avatar Jan 05 '22 14:01 venkyhodigere

Yeah I haven’t forgotten about this. Thanks for the contribution!

The holdup is I’m considering rewriting a bit of how this value is used to more closely align with its cryptographic purpose. Currently it’s just in there as a way to sort of suppress the warnings in the logs but it’s not quite what it needs to be. In that vein I’ve just been holding off a bit :(

travisghansen avatar Jan 05 '22 14:01 travisghansen

Please let me know if there is something I could do help with to take this forward.

Meantime, would you be ok to review/approve this PR and do the bigger redesign as a subsequent feature?

venkyhodigere avatar Jan 07 '22 17:01 venkyhodigere