agenix icon indicating copy to clipboard operation
agenix copied to clipboard

Published 20 hours ago verified publisher icon ryantm

feature: combine root and nonroot secret install; delay chowning

Open ryantm opened this issue 2 years ago • 1 comments

This simplifies agenix by combining the root and nonRoot secret installation into one place and delays setting the owner and group of the secrets until after the users and groups activation scripts are completed. This also fixes #117 by incorporating the changes from #118 to not switch over the secret directory symlink until after the secrets are decrypted.

This is a breaking change in the sense that someone might have depended on the user or group of a root secret being set before the "users" and "groups" activation scripts run, but that seems unlikely to me.

This is also a breaking change because I renamed a bunch of the activation scripts. I believe these will be module compile-time errors.

cc @jsimonetti

ryantm avatar Jul 10 '22 18:07 ryantm

Perhaps it would be wise (considering the possible breaking) to tag a new release before and after merging?

jsimonetti avatar Jul 10 '22 19:07 jsimonetti

We should be sure to cut a release before and after this merges, though.

cole-h avatar Aug 05 '22 20:08 cole-h

Just curious, is there anything blocking this PR?

jsimonetti avatar Aug 26 '22 09:08 jsimonetti

Both those releases have been cut and release notes added. Thanks for the reviews everyone!

ryantm avatar Sep 01 '22 15:09 ryantm