e4ff07c793
This patchset aims to address least privileged concerns, namely that Pegleg's current behavior is to require decryption of all site documents prior to rendering. Failure to do so leads to a duplicate document error. Operators of Pegleg may not have a valid reason to access secrets that are not being modified during their current workflow, their work may be limited to non-secrets but need to test their changes by rendering the site manifests. To enable this, the get_rendered_documents function has been updated such that if a document is encrypted, the secret value will be converted to a string to pass schema validation, and then used for rendering. This will allow operators of Pegleg to render documents without decrypting secrets. Instead the encrypted string value of the secret will be used. Change-Id: I8656b5496e2225e6eb59727c4f79326a1406147c |
||
|---|---|---|
| .. | ||
| unit | ||
| __init__.py | ||
| conftest.py | ||