<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:19:30 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-2278] Spike:  Secret Storage</title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-2278</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;h2&gt;&lt;a name=&quot;Overview&quot;&gt;&lt;/a&gt;Overview&lt;/h2&gt;
&lt;p&gt;Encrypted storage is needed by several apps e.g. for things like (RMAPI keys, SMTP credentials, FTP credentials, etc.).  Currently these things are not encrypted at rest.  Some have their own APIs (just to access/manage the sensitive data) with their own permissions, others are simply stored in mod-configuration&lt;/p&gt;

&lt;p&gt;Specific Questions to be answered:&lt;/p&gt;
&lt;ol&gt;
	&lt;li&gt;What technologies would be appropriate for this?&lt;/li&gt;
	&lt;li&gt;What might a solution look iike?  Is there some abstraction layer/interface allowing for different implementations?&lt;/li&gt;
	&lt;li&gt;What&apos;s required for a module to store/retrieve a secret?&lt;/li&gt;
	&lt;li&gt;What&apos;s required on the infrastructure side?&lt;/li&gt;
&lt;/ol&gt;


&lt;h2&gt;&lt;a name=&quot;AcceptanceCriteria&quot;&gt;&lt;/a&gt;Acceptance Criteria&lt;/h2&gt;
&lt;ul&gt;
	&lt;li&gt;The questions above are answered&lt;/li&gt;
	&lt;li&gt;One or more approach is documented on the wiki
	&lt;ul&gt;
		&lt;li&gt;If more than one approach is provided, pros &amp;amp; cons are provided along with a recommendation&lt;/li&gt;
	&lt;/ul&gt;
	&lt;/li&gt;
	&lt;li&gt;POC code (if applicable) is committed to git and linked to from the wiki page&lt;/li&gt;
&lt;/ul&gt;
</description>
                <environment></environment>
        <key id="79669">FOLIO-2278</key>
            <summary>Spike:  Secret Storage</summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10005" iconUrl="https://dev.folio.org/assets/jira-priority/tbd.svg">TBD</priority>
                        <status id="1" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/open.png" description="The issue is open and ready for the assignee to start work on it.">Open</status>
                    <statusCategory id="2" key="new" colorName="blue-gray"/>
                                    <resolution id="-1">Unresolved</resolution>
                                                        <assignee accountid="-1">Unassigned</assignee>
                                                                <reporter accountid="5cf6c546b87c300f36eb7b9a">Craig McNally</reporter>
                                    <labels>
                    </labels>
                <created>Mon, 23 Sep 2019 15:14:06 +0000</created>
                <updated>Tue, 2 Aug 2022 18:46:23 +0000</updated>
                                                                                <due></due>
                            <votes>0</votes>
                                    <watches>10</watches>
                                                                <comments>
                                                            <comment id="189392" author="5cf6c546b87c300f36eb7b9a" created="Mon, 23 Sep 2019 15:17:07 +0000"  >&lt;p&gt;My initial thought was to create something like mod-vault that uses &lt;a href=&quot;https://www.vaultproject.io/&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://www.vaultproject.io/&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;We ran into a similar requirement with the Edge APIs; where to store institutional user credentials.  The approach we took there is to build a simple SecureStore (java) interface and add a few implementations:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;Vault&lt;/li&gt;
	&lt;li&gt;AWS Param Store&lt;/li&gt;
	&lt;li&gt;Properties file (intended for dev use only)&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;However, we sort of punted on the infrastructure side of this and left it entirely up to those setting up/managing the system to setup the secret store and provision it with secrets.&lt;/p&gt;

&lt;p&gt;I do think it would be nice to have that sort of flexibility.  Maybe we define a secure-store (folio) interface and allow multiple implementations of it... e.g. mod-vault, mod-aws-param-store, etc.&lt;/p&gt;</comment>
                                                            <comment id="189395" author="557058:b8e64633-1f7c-402d-9caf-9959a5ba5d0d" created="Wed, 16 Oct 2019 11:56:12 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5cd423bebc70090d6ce241b1&quot; class=&quot;user-hover&quot; rel=&quot;5cd423bebc70090d6ce241b1&quot; data-account-id=&quot;5cd423bebc70090d6ce241b1&quot; accountid=&quot;5cd423bebc70090d6ce241b1&quot; rel=&quot;noreferrer&quot;&gt;Ian Hardy&lt;/a&gt; can you provide some input on secret management with Kubernetes?&lt;/p&gt;</comment>
                                                            <comment id="189397" author="5cd423bebc70090d6ce241b1" created="Wed, 16 Oct 2019 13:01:04 +0000"  >&lt;p&gt;Kubernetes secrets allow for passing secrets as environment variables or configuration files to containers on the cluster. We&apos;ve used them for infrastructure level secrets like postgres credentials required to connect to the module db. I think k8s secrets are useful for anything that needs to get set once when a container is started, I think it would be less useful for something that a user of a folio system is supposed to be able to modify after startup.  &lt;/p&gt;

&lt;p&gt;So for an edge module api key the workflow might look like:&lt;br/&gt;
1. sysadmin/hosting provider sets secret w/api key&lt;br/&gt;
2. edge module is deployed w/instructions for pod to pick up additional environment vars from secret&lt;br/&gt;
3. for an update, sysadmin edits secret and redeploys pod.&lt;/p&gt;

&lt;p&gt;Note that a separate pod would probably need to be used for separate tenants in this scenario (assuming there&apos;s a one to one relation between api keys and tenants).&lt;/p&gt;</comment>
                                                            <comment id="189398" author="5cf6c546b87c300f36eb7b9a" created="Thu, 13 Feb 2020 03:25:38 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5cd423bebc70090d6ce241b1&quot; class=&quot;user-hover&quot; rel=&quot;5cd423bebc70090d6ce241b1&quot; data-account-id=&quot;5cd423bebc70090d6ce241b1&quot; accountid=&quot;5cd423bebc70090d6ce241b1&quot; rel=&quot;noreferrer&quot;&gt;Ian Hardy&lt;/a&gt; I think we need to be able to support multi-tenancy here.  &lt;/p&gt;

&lt;blockquote&gt;&lt;p&gt;a separate pod would probably need to be used for separate tenants&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;Is this a reasonable thing to do?  Would tenants typically live in separate pods otherwise?&lt;/p&gt;</comment>
                                                            <comment id="189400" author="5cf6c546b87c300f36eb7b9a" created="Thu, 13 Feb 2020 03:27:43 +0000"  >&lt;p&gt;I&apos;d be surprised if the current mechanism for storing the types of secrets mentioned in the description isn&apos;t raised as part of the security audit feedback, so this will likely be resurfacing again soon.&lt;/p&gt;</comment>
                                                            <comment id="189402" author="5cd423bebc70090d6ce241b1" created="Thu, 13 Feb 2020 14:25:57 +0000"  >&lt;blockquote&gt;&lt;p&gt;Is this a reasonable thing to do? Would tenants typically live in separate pods otherwise?&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;It&apos;s possible for many tenants to share one deployment (I said pod, last time) of a module as long as they can all coexist with whatever arguments/variables are configured on that deployment. So if we want tenant_a and tenant_b to share a deployment of an RMB based storage module, they can do that as long as they&apos;re using the same db. This limitation is because we can only pass 1 set of db credentials to a deployment of say mod-inventory-storage. If we didn&apos;t want tenant_a and tenant_b to share a db instance, we&apos;d have to have two deployments of the module each w/different credentials configured. &lt;/p&gt;

&lt;p&gt;I think both are reasonable things to do. Having multiple tenants share one instance is possibly more convenient and less expensive from a deployment perspective.&lt;/p&gt;

&lt;p&gt;I suppose this isn&apos;t necessarily a limit for edge modules as long as there is a way to configure secrets for multiple tenants at once, but the limitation described above must have been on my mind when I wrote that hypothetical scenario where the key is configured through an environment variable.&lt;/p&gt;</comment>
                                                            <comment id="189403" author="557058:2f7b6349-450b-419a-ba54-c181f51383ad" created="Wed, 5 May 2021 22:45:07 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5cf6c546b87c300f36eb7b9a&quot; class=&quot;user-hover&quot; rel=&quot;5cf6c546b87c300f36eb7b9a&quot; data-account-id=&quot;5cf6c546b87c300f36eb7b9a&quot; accountid=&quot;5cf6c546b87c300f36eb7b9a&quot; rel=&quot;noreferrer&quot;&gt;Craig McNally&lt;/a&gt;&#160;is there any chance this will be completed in R2. We have a story about encrypting interface credentials that is blocked by this. If it will not be completed I will push that story out to R3. thx!&lt;/p&gt;</comment>
                                                            <comment id="189406" author="557058:b92c545f-a9eb-488e-9d26-fe6b921e4fbb" created="Fri, 7 May 2021 12:44:21 +0000"  >&lt;p&gt;Hi, I&apos;m currently working through this item, please take a look at &lt;a href=&quot;https://wiki.folio.org/display/~Raman+Auramau/FOLIO+secrets+management&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://wiki.folio.org/display/~Raman+Auramau/FOLIO+secrets+management&lt;/a&gt; for more details.&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10000">
                    <name>Blocks</name>
                                            <outwardlinks description="blocks">
                                        <issuelink>
            <issuekey id="74905">MODORGSTOR-33</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10003">
                    <name>Relates</name>
                                            <outwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="77203">MODEMAIL-4</issuekey>
        </issuelink>
                            </outwardlinks>
                                                                <inwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="81943">FOLIO-2875</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="27972">MODKBEKBJ-507</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i0069j:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 16 Oct 2019 11:56:12 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>