zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-08-24 10:11:07 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/core/src
History
Weimin Yu 495d7176d8
Validate SQL credentials in Secret Manager (#907) 
* Validate SQL credentials in Secret Manager

Load SQL credentials from the SecretManager and compare them with the
ones currently in use in Nomulus server, beam pipeline, and the registry
tool. Normal operations are not affected by failures related to the
SecretManager, be it IOException, insufficient permission , or wrong or
missing credential.

The appengine and compute engine default service accounts must be
granted the permission to access the secret data. In the short term, we
will grant the secretmanager.secretAccessor role to these accounts. In
the long term, with the proposed privilege service, access will be granted
on per-secret basis.
2020-12-16 10:57:03 -05:00
..
main Validate SQL credentials in Secret Manager (#907) 2020-12-16 10:57:03 -05:00
nonprod Add a command to generate ER diagram for SQL schema (#839) 2020-10-15 17:31:43 -04:00
test Validate SQL credentials in Secret Manager (#907) 2020-12-16 10:57:03 -05:00