dapr
Add Akeyless Secrets Store Component
Description
Added a new Secret Store component for Akeyless.
Checklist
Please make sure you've completed the relevant tasks for this PR, out of the following list:
Issue reference
https://github.com/dapr/components-contrib/issues/4063
Requirements
- [x] Code compiles correctly, component loaded successfully after compiling local daprd with added Akeyless Secret Store component, secret retrieved:
- [x] Created tests
- [x] Created the dapr/docs PR: https://github.com/dapr/docs/pull/4930
- [x] Created the dapr/dapr PR: https://github.com/dapr/dapr/pull/9181
@sicoyle while doing some testing after the implemented changes, I attempted to fetch around 18k static secrets using this code:
package main
import (
"context"
"log"
dapr "github.com/dapr/go-sdk/client"
)
func main() {
log.Println("Starting test application")
client, err := dapr.NewClient()
if err != nil {
log.Printf("Error creating Dapr client: %v\n", err)
panic(err)
}
log.Println("Dapr client created successfully")
const daprSecretStore = "akeyless"
defer client.Close()
ctx := context.Background()
secrets, err := client.GetBulkSecret(ctx, daprSecretStore, nil)
if err != nil {
log.Printf("Error fetching secrets: %v\n", err)
panic(err)
}
log.Printf("Found %d secrets: ", len(secrets))
for secretName, secretValue := range secrets {
log.Printf("Secret: %s, Value: %s", secretName, secretValue)
}
}
I got the following error:
❯ go run app.go
2025/11/10 17:50:15 Starting test application
dapr client initializing for: 127.0.0.1:50001
2025/11/10 17:50:15 Dapr client created successfully
2025/11/10 17:50:32 Error fetching secrets: error invoking service: rpc error: code = ResourceExhausted desc = grpc: trying to send message larger than max (7039478 vs. 4194304)
panic: error invoking service: rpc error: code = ResourceExhausted desc = grpc: trying to send message larger than max (7039478 vs. 4194304)
From what I see this issue was raised in https://github.com/dapr/dapr/issues/8537. I tried setting the --max-body-size to 10MB but still getting this error:
/Users/kgal/dev/github.com/dapr/dapr/dist/darwin_arm64/debug/daprd run \
--app-id akeyless-stress-test \
--resources-path components \
--log-level debug \
--max-body-size 10Mi \
--enable-api-logging;
@sicoyle - can you please review this again? There were a bunch of merge conflicts and it happens every I update the branch.
@sicoyle - can you please review this again? There were a bunch of merge conflicts and it happens every I update the branch.
Hi! Yes, thank you for your patience 🙏 I've been OOO for the past two weeks on vacation. I'm back now :)
can you please rebase onto main? There are over 10k lines changed now in this PR with a ton of unrelated changes...
can you please rebase onto main? There are over 10k lines changed now in this PR with a ton of unrelated changes...
@sicoyle should be all cleaned up now. FYI, since your last review I added a few things:
- Added support for authentication options for k8s, AWS IAM.
- Added refresh token mechanism
- Added support for filtering when bulk secret retrieval using path/secret type query params.
@sicoyle - I've finished going over the PR comments, let me know what you think.
Also, can you please let me know what I need to do to resolve this/(your sister's?) comment?
@sicoyle - I've finished going over the PR comments, let me know what you think.
Also, can you please let me know what I need to do to resolve this/(your sister's?) https://github.com/dapr/dapr/pull/9181#issuecomment-3627750967?
Hahah yeah she's my twin actually! So after this PR is merged then in your PR in dapr/dapr you have to bump the components-contrib go mod reference and push that as well so dapr/dapr knows about your changes here. Essentially it will be a:
go get github.com/dapr/components-contrib@<grab commit sha from contrib main branch with this PR merged>