kube-arangodb icon indicating copy to clipboard operation
kube-arangodb copied to clipboard

Published 20 hours ago verified publisher icon arangodb

JWT Secret should contain JWT token, not just a HMAC secret

Open Glorf opened this issue 4 years ago • 1 comments

To make a real usage of the secret generated by kube-arangodb operator in automated deployment environments, it would be great to have the JWT token generated out of the box. As it seems to contain no timestamp nor server information, it should be no problem to have such generated. The currently proposed way: use of arangodb auth header command is a waste of resources as it requires installation of the whole arangodb server in the automated deployment container.

Glorf avatar Aug 21 '20 12:08 Glorf

Hello!

According to your comment - arangodb is only arangodb starter binary (in Go, standalone) - https://github.com/arangodb-helper/arangodb/releases/tag/0.14.15 - it should be not a problem to include it in your automated deployment.

About second part - JWT token can be generated in multiple ways, using expiration date, username, specific endpoints which it should access - we are not able to cover all cases.

Best Regards, Adam.

ajanikow avatar Aug 27 '20 12:08 ajanikow