Chicken and egg issue with cerberus.auth.token.hash.salt and getting started locally.

[fieldju]

I noticed when starting this project locally from scratch that there is a bit of chicken and egg issue with cerberus.auth.token.hash.salt

This is normally generated by the LCM CLI when you create an environment.

If I want to run Cerberus locally with out having an env, I had to copy and paste code from here: https://github.com/Nike-Inc/cerberus-lifecycle-cli/blob/36dda5b5148cafb9aeb389b64a6f599fa22d2b4c/src/main/java/com/nike/cerberus/service/SaltGenerator.java

into a groovyConsole and execute it and then use that output in my cerberus-local.yaml

There should be a flag that I can set such as auth.token.hash.salt.autoGenerateForSingleInstanceMode that is set to false by default with a note about if you enable it, it doesn't work with cerberus being in clustered mode, and is for local dev and invalidates tokens after reboots etc.

OR maybe the salt should be stored in the database encrypted with KMS and it can be loaded into the memory at runtime and you delete that property all together?