Josh Giles
Josh Giles
@thaidn @rosstimothy are there any updates on the above, and is there anything an external contributor could do to help things along? We are also very interested in using Tink...
`make all` is breaking on my machine both on master and on this branch: ``` $ make all go vet github.com/grpc-ecosystem/go-grpc-middleware github.com/grpc-ecosystem/go-grpc-middleware/auth github.com/grpc-ecosystem/go-grpc-middleware/logging github.com/grpc-ecosystem/go-grpc-middleware/logging/logrus github.com/grpc-ecosystem/go-grpc-middleware/logging/logrus/ctxlogrus github.com/grpc-ecosystem/go-grpc-middleware/logging/zap github.com/grpc-ecosystem/go-grpc-middleware/logging/zap/ctxzap github.com/grpc-ecosystem/go-grpc-middleware/recovery github.com/grpc-ecosystem/go-grpc-middleware/retry github.com/grpc-ecosystem/go-grpc-middleware/tags...
@jefferai thoughts on this? Paired with well-designed support in the Vault Terraform provider, this would permit a powerful pattern for automated Vault setup.
Ah, that's good to know. I think it makes sense for this to be the default behavior, but assumed backwards compatibility would win out. What's the timeline for introducing this...
Hmm, even if the Vault instance is unsealed at init-time, not returning a root token on init complicates the goal of "init+configure Vault automatically without human root-token handling". Enabling that...
Ultimately, it would be great to have something in the Terraform provider like ```hcl resource vault_init "init" { pgp_keys = [ "keybase:user1", "keybase:user2", "keybase:user3", ] secret_shares = 3 secret_threshold =...
Sure, that workaround would provide the desired behavior. It's a little unfortunate from a security perspective though... I suppose we are already placing a good deal of trust in the...
I just meant that if it were to go into the Terraform provider it would certainly *look* like an at least semi-official solution. The reason for Terraform is that we...
This user at least would love something natively supported by Terraform :-). Properly-implemented initialization automation in Terraform would provide significant security and usability benefits for Vault operators. I probably should...
Is this addressed with `openapi_naming_strategy=fqn` ?