keysync
keysync copied to clipboard
square
Keysync periodically downloads secrets from Keywhiz
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.8.0. Commits 181cea6 impr: CallerInfo should print full paths to the terminal (#1201) cf1284f Allow mock expectations to be ordered (#1106) 66eef0e fix: assert.MapSubset (or...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
[//]: # (dependabot-start) ⚠️ **Dependabot Preview has been deactivated** ⚠️ This pull request was created by Dependabot Preview, and you've upgraded to Dependabot. This means it won't respond to `dependabot`...
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot] avatar"){kind=avatar}
[//]: # (dependabot-start) ⚠️ **Dependabot Preview has been deactivated** ⚠️ This pull request was created by Dependabot Preview, and you've upgraded to Dependabot. This means it won't respond to `dependabot`...
The "Info" output from the logrus module produces thousands of lines of text in syslog. Would it be possible to take a parameter on the command line and do a...
keymonitor will not alert on keysync health if the syncer uptime (now returned as part of the `StatusResponse`) is lower than the configurable `MaxInitialSyncDuration`.
ERRO[0000] Error looking up groupname, using fallback client=client1 error="error resolving gid for %!s(*user.Group=): group: unknown group keysync-test" group=keysync-test server_name=C02YT5VRLVDL Notice: `%s!(*user.Group=)` We should fix the formatting directive used to print...
Right now if you want to enforce tmpfs, you have to write something like: filesystem_type: 16914836 That's weird and hard to read. We should have a map of string names.
I think we only reload certs when we start a sync. But if a client cert is invalid (eg, expired), there's no point in retrying with the same cert. We...
We'd like keysync to handle several server failure scenarios, so we need a more robust backend. * Retry support * During a sync, we should try to fetch the secret...
If two API requests come in to sync at the same time, we shouldn't sync twice. This is made a bit easier because we serialize syncs on a lock. I'm...