-
Notifications
You must be signed in to change notification settings - Fork 432
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/envelope pgp #1547
Feature/envelope pgp #1547
Conversation
# Conflicts: # internal/configure.go
|
||
import "io" | ||
|
||
//go:generate mockery --name Enveloper --with-expecter=true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There is no standart mock gen in project.
Should we make an issue in backlog for that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, the current zoo of mock generators is confusing and needs to be fixed eventually. Would appreciate an issue addressing this.
detect crypto type at first then configure particular
Database name
Enveloped gpg via yckms was added to WAL mondo/pg/sqlserver
Pull request description
Use Envelope encryption on gpg keys to stop storing the original gpg (dek key) in the system and make possible a painless gpg key rotation.
TBD:
clean configure to prevent setting both gpg and encrypted gpg
make ttl cache on yckms enveloper
make stale cache on yckms envelope
docs
try to setup yckms mock) it useaws local kms use http(