runtime icon indicating copy to clipboard operation
runtime copied to clipboard
verified publisher icon acorn-io

Secrets with type "credential.acorn.io" need to show which Acorns are referencing them.

Open sangee2004 opened this issue 2 years ago • 4 comments

acorn version - v0.10.0-rc1-7-g8b9acb47+8b9acb47

Steps to reproduce the problem:

  1. Deploy app with secrets with type "credential.acorn.io" using the following Acornfile - acorn run -n mytestsec
secrets:
{ 
config: {
	type: "credential.acorn.io/mytest"
	params: {
		promptOrder: ["proto", "address", "port", "adminUsername", "adminPassword", "username", "password"]
	}
	data: {
		address:       ""
		port:          ""
		username:      ""
		password:      ""
		adminUsername: ""
		adminPassword: ""
		proto:         ""
		dbName:        ""
	}
}
mytestsec: type: "token"
}
  1. Once the app is deployed, notice that the credential - config created does not indicate that app deployed in step1 is referencing this credential.
acorn secrets
NAME                  TYPE                          KEYS                                                                        CREATED
config-84pkz          credential.acorn.io/mytest    [address adminPassword adminUsername dbName password port proto username]   8s ago
mytestsec.mytestsec   token                         [token]                                                                     22s ago

Expected Behavior: Credential needs to show which Acorns are referencing them.

sangee2004 avatar Dec 21 '23 01:12 sangee2004

@sangee2004 I got confirmation from @ibuildthecloud that these credentials secrets are intentionally named that way, so we don't want to change them by adding app name prefixes. I think this issue can just be closed.

g-linville avatar Jan 17 '24 14:01 g-linville

@g-linville Is there any other way of letting the user know which credential is the associated with the app ? It feels odd for user to not know this when the secret definition is present in the Acornfile that is used for deployment of this secret .

sangee2004 avatar Jan 17 '24 17:01 sangee2004

I'm gonna bring this up with the team and see what they think the UX should be.

g-linville avatar Jan 17 '24 19:01 g-linville

It would be helpful to know:

  1. What app created the credential. Then you could see if it exists or not.
  2. What apps are referencing the credential.

In the case of services, multiple "Credentials" can be created that connect to different database instances. They all end up with the same name. Which makes it difficult to figure out which credential is the one needed.

Also, when apps are deleted, the credentials are not, and they can build up over time and the user has no idea which is which, or if they can re-use one.

cloudnautique avatar Jan 19 '24 15:01 cloudnautique