Hashicorp Vault wallet implementation #781
Conversation
--------- Signed-off-by: Lyubomir Bandrov <[email protected]> Signed-off-by: Yanko Zhelyazkov <[email protected]> Co-authored-by: Yanko Zhelyazkov <[email protected]> Signed-off-by: Yanko Zhelyazkov <[email protected]> add readme for hashicorp vault wallet config Signed-off-by: Yanko Zhelyazkov <[email protected]>
Merge main
yzhivkov
force-pushed
the
feature/vault-storage
branch
2 times, most recently
from
30e52c4
to
bdc6235
Compare
Signed-off-by: Yanko Zhelyazkov <[email protected]>
yzhivkov
force-pushed
the
feature/vault-storage
branch
from
bdc6235
to
8b4af56
Compare
There was a problem hiding this comment.
Alrighty, be sure to read this part of the review before the code comments!
So first, this is really well written and thought out. Thanks for putting in all this effort. 👏
I've found a few things that need resolving, but the real hold up to merging this is we need to address the elephant in the room. This project is on life-support and has no real maintainers at the moment. The IBMers on this repo are only committed to keep this codebase updated to address security/exploit issues. There is nobody who can help with integration issues that might crop up from this new feature.
What you've added is well designed, but there is nobody to maintain it. I don't like the idea of adding something as critical to as a new wallet system when we don't have a test team, or a dev team, or even 1 active maintainer on this project. The wallet system is not some side feature of this project, it is critical to nearly every user action you can perform on this web app, including just reading data.
SO! my recommendation is that you take your fork of this project and advertise the wallet integration you've done there, and we leave this version as is. Then you can gather a community and turn your fork into the leading version of this project.
However, since I have moved on from this project, I don't think its fair for me to have the final say. I'll let the current maintainers and anybody out there voice their opinion. If there was just 1 active person, then maybe i'd change my mind. But anyway, you don't need to convince me, there are others than can approve.
Scores:
Code-Readability - 8/10
Code-Structure - 9/10
Chance this PR causes an issue with the vanilla wallet in some weird use case - 3/10
Chance this PR causes some issue in the future - 6.5/10
Chance that I'll be around to fix it - 1/10
|
So what we could do is create an @TsvetanG thoughts? -------- update ---------- |
Hi @dshuffma-ibm that looks ok. We will need a build out of the new branch (experimental) and an image. For that purpose, we have to update the git workflow actions in the default branch (that is main). We will open a new pull request with the git actions change so it can be merged. |
Signed-off-by: TsvetanG <[email protected]>
Signed-off-by: TsvetanG <[email protected]>
Signed-off-by: Yanko Zhelyazkov <[email protected]>
Type of change
Description
Hashicorp Vault wallet implementation as initiated by #568
The change brings in a new wallet implementation that uses Hashicorp Vault as a secure store of identities and related cryptographic material.
A new API is introduced to support a backend wallet. The documentation (readme) is updated to describe how to configure and use the new wallet. Some of the existing library dependencies are updated due to npm audit failures.