Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: support hcv namespace #11277

Merged
merged 6 commits into from
May 23, 2024
+89 −8
Merged

feat: support hcv namespace #11277

Changes from 1 commit
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
0a77798
feat: add namespace for hcv
bzp2010 May 22, 2024
dcd8525
chore: add comment
bzp2010 May 22, 2024
10eab82
test: add ns case
bzp2010 May 22, 2024
11de5e3
docs: add ns desc
bzp2010 May 22, 2024
5e1dfa4
docs: fix reviews
bzp2010 May 23, 2024
73eae50
docs: fix lint
bzp2010 May 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
docs: add ns desc
@bzp2010
bzp2010 committed May 22, 2024
commit 11de5e3eefa6990b57bd3bdc80bfaad28e26e46e
12 changes: 9 additions & 3 deletions docs/en/latest/terminology/secret.md
View file
Original file line number Diff line number Diff line change
@@ -123,17 +123,17 @@ curl http://127.0.0.1:9180/apisix/admin/consumers \

Through the above steps, the `key` configuration in the `key-auth` plugin can be saved in the environment variable instead of being displayed in plain text when configuring the plugin.

## Use Vault to manage secrets
## Use HashiCorp Vault to manage secrets

Using Vault to manage secrets means that you can store secrets information in the Vault service and refer to it through variables in a specific format when configuring plugins. APISIX currently supports [Vault KV engine version V1](https://developer.hashicorp.com/vault/docs/secrets/kv/kv-v1).
Using HashiCorp Vault to manage secrets means that you can store secrets information in the Vault service and refer to it through variables in a specific format when configuring plugins. APISIX currently supports [Vault KV engine version V1](https://developer.hashicorp.com/vault/docs/secrets/kv/kv-v1).

### Usage

```
$secret://$manager/$id/$secret_name/$key
```

- manager: secrets management service, could be the Vault, AWS, etc.
- manager: secrets management service, could be the HashiCorp Vault, AWS, etc.
- id: APISIX Secrets resource ID, which needs to be consistent with the one specified when adding the APISIX Secrets resource
- secret_name: the secret name in the secrets management service
- key: the key corresponding to the secret in the secrets management service
@@ -168,6 +168,12 @@ secrets:
uri: 127.0.0.1:8200
```

:::tip

It now supports the use of the `namespace` field to set the multi-tenant namespace concepts supported by HashiCorp Vault Enterprise and HCP Vault.

:::

Step 3: Reference the APISIX Secrets resource in the `key-auth` plugin and fill in the key information:

```shell
6 changes: 6 additions & 0 deletions docs/zh/latest/terminology/secret.md
View file
Original file line number Diff line number Diff line change
@@ -169,6 +169,12 @@ secrets:
uri: 127.0.0.1:8200
```

:::tip

它现在支持使用 `namespace` 字段设置 HashiCorp Vault Enterprise 和 HCP Vault 所支持的多租户命名空间概念。

:::

第三步:在 `key-auth` 插件中引用 APISIX Secret 资源,填充秘钥信息:

```shell
Loading
Oops, something went wrong.