cadviser: add storageDriverPasswordFile option#24341
Merged
7c6f434c merged 1 commit intoNixOS:masterfrom May 1, 2017
Merged
Conversation
|
@basvandijk, thanks for your PR! By analyzing the history of the files in this pull request, we identified @offlinehacker, @bjornfor and @nckx to be potential reviewers. |
75 tasks
Member
There was a problem hiding this comment.
you forgot to end the quote for href.
Member
Author
There was a problem hiding this comment.
Thanks for the heads up.
480086b to
1143731
Compare
This gives users the option of storing the storageDriverPassword outside the world-readable Nix store.
1143731 to
2030a91
Compare
Member
Author
|
It would be great if this can be merged so that we get some progress on #24288. I also requested a |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This gives users the option of storing the
storageDriverPasswordoutside the world-readable Nix store.This is part of #24288.
@offlinehacker I tested if the module evaluates without problems. I haven't tested the actual service yet. Would you be able to do that?
One concern I have is if the
secretin-storage_driver_password secretwill show up intop/htop/ps/ etc. since it's passed as a command line argument. Willcadvisordo The Right Thing and remove the secret from its command line?Ideally we request the cadviser developers to add a
-storage_driver_password_fileoption.