Skip to content

Scoped secret store: admin escape hatch for system key inspection #4228

Open
Open
Scoped secret store: admin escape hatch for system key inspection#4228
Labels
authenticationenhancementNew feature or requestgoPull requests that update go code
@amirejaz

Description

@amirejaz
amirejaz
opened on Mar 19, 2026

Summary

Phase 5 of the scoped secret store implementation (#4192).

Provides a privileged escape hatch for operators who need to inspect or delete system-managed secrets directly, without going through the scoped wrappers.

Work

  • --system flag on thv secret list to include system-reserved keys in output
  • --system flag on thv secret delete to allow deletion of a system-reserved key
  • Both flags require explicit opt-in and display a warning
  • E2E tests covering flag behaviour

Dependencies

Depends on Phase 4. This is the last phase — the feature is complete once this ships.

Metadata

Metadata

Assignees

No one assigned

    Labels

    authenticationenhancementNew feature or requestgoPull requests that update go code

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions