Add EAS_ENCRYPT_IV_SECRET environmental variable to helm template

Question

Add EAS_ENCRYPT_IV_SECRET environmental variable to helm template

venkyhodigere opened this issue 3 years ago · comments

Hi there,

I wanted to use the initialization vector for the config token encryption with AES.

I saw that the support for IV is already there in utils.js
https://github.com/travisghansen/external-auth-server/blob/master/src/utils.js#L14

But the env var setup for EAS_ENCRYPT_IV_SECRET is missing in the deployment.yaml helm template:
https://github.com/travisghansen/external-auth-server/blob/master/charts/external-auth-server/templates/deployment.yaml

I was wondering if you are ok if I go ahead and add it in there and raise a PR.

Venky

Travis Glenn Hansen · Answer 1 · Thu Nov 04 2021 05:33:13 GMT+0800 (China Standard Time)

Welcome!

Yeah of course! Let's get it added. Just make sure to add it as a secret value and treat it similar to how the rest of the secrets are treated.

Venky Hodigere · Answer 2 · Wed Jan 05 2022 22:08:10 GMT+0800 (China Standard Time)

I have added it as a secret value.

Would it be possible to take a look at the PR: #137

Travis Glenn Hansen · Answer 3 · Wed Jan 05 2022 22:34:28 GMT+0800 (China Standard Time)

Yeah I haven’t forgotten about this. Thanks for the contribution!

The holdup is I’m considering rewriting a bit of how this value is used to more closely align with its cryptographic purpose. Currently it’s just in there as a way to sort of suppress the warnings in the logs but it’s not quite what it needs to be. In that vein I’ve just been holding off a bit :(

Venky Hodigere · Answer 4 · Sat Jan 08 2022 01:28:14 GMT+0800 (China Standard Time)

Please let me know if there is something I could do help with to take this forward.

Meantime, would you be ok to review/approve this PR and do the bigger redesign as a subsequent feature?