Add the possibility to remove a file uploaded to a secret

[oleastre]

I'm trying to manage some generated files in Keeper. With the current implementation:

• I use ksm secret upload with a file
• I can get the secret and file with ksm secret get and ksm secret download
• If I try to update the secret fileRef field, it only removes the reference to the file, the file is still listed when I do a ksm secret get

What I would expect is either a specific command to remove a file (similar to ksm secret upload and ksm secret download), a specific ksm secret update parameter to delete a file, or have the ksm secret update --field-json fileRef=... cleanup not referenced files.

[flybyray]

Thanks for that ticket. I need to test this in my evaluation too.

A KSM demo showed secret rotation. I would assume exactly for such rotation such basic operations to replace file attachments should be available too. Did you checked if this stuff with KSM Gateway would allow rotating file attachments?

Managing clustered databases where nodes communicate via certificates I would like to have several different types of certificates assigned per instance per record. And of course I need selective rotation for those certificates attached as files too.

I would expect that basic "CRUD" operations should be possible manually/interactive with KSM Cli but also with the KSM secret rotation. Switching the tooling (Commander) only for certain tasks would introduce a lot of additional pain.

[titocadavez]

This function would be very helpful. Right now the only programatic way is to recreate the secret, but that will make me loose all the history.

[maksimu]

We are adding this functionality to the SDK levels, and then it will be added to other integrations, like KSM CLI.

[idimov-keeper]

KSM CLI 1.1.6 introduced a new command ksm secret delete-attachment - the full command syntax is explained here