这是indexloc提供的服务,不要输入任何密码
Skip to content

BYOK signature uses TURBO_REMOTE_CACHE_SIGNATURE_KEY env variable by default #963

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 29, 2022
Merged

BYOK signature uses TURBO_REMOTE_CACHE_SIGNATURE_KEY env variable by default #963

merged 4 commits into from
Mar 29, 2022

Conversation

gaspar09
Copy link
Contributor

@gaspar09 gaspar09 commented Mar 28, 2022
edited
Loading

Remote support for turbo.json's plaintext key and configurable environment keyEnv name
Update docs.

@gaspar09
Document BYOK signature verification
de1804c 
Needs followup on 'remoteCache' option documentation to include remoteOnly, teamId explanation.
@vercel
Copy link

vercel bot commented Mar 28, 2022
edited
Loading

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/vercel/turbo-site/JEEpV4AWDh521yK4DTTZswewshMd
✅ Preview: https://turbo-site-git-gaspar-document-remote-cache-signatures.vercel.sh

gaspar09
gaspar09 commented Mar 28, 2022
View reviewed changes
docs/pages/docs/features/remote-caching.mdx
```jsonc
{
"$schema": "https://turborepo.org/schema.json",
"remoteCache": {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we might need a section defining the remoteCache similar to https://turborepo.org/docs/features/pipelines#defining-a-pipeline

Copy link
Contributor Author

@gaspar09 gaspar09 Mar 28, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

depends on how we want to introduce --remote-only and teamId enforcement from turbo.json

@jaredpalmer
Copy link
Contributor

Let’s write the docs for remote only in another PR and then we can implement it. A little docs-driven development

jaredpalmer
jaredpalmer suggested changes Mar 29, 2022
View reviewed changes
docs/pages/docs/features/remote-caching.mdx Outdated
// used for signing and verifying signatures. You can use any
// environment variable name.
"keyEnv": "TURBO_REMOTE_CACHE_SIGNATURE_KEY",
// The secret key to use for signing and verifying signatures.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why would you ever commit this? or is this a path to a txt file?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is the plaintext secret key. I added it here as a way to test changes to the key value. I considered adding a note saying that using key is not recommended.

Would you prefer we remove support for that key and only allow env variable keys for now?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think only env var keys for now makes sense

Copy link
Contributor

@jaredpalmer jaredpalmer Mar 29, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the thinking behind making the key name configurable? Why not just TURBO_REMOTE_CACHE_SIGNATURE_KEY?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was forward looking to supporting multiple signature schemes, if needed at some point.

gaspar09 added 2 commits March 29, 2022 11:47
@gaspar09
Convert signature configuration to use boolean signature in remote …
b31d26b 
…cache options

Use preset `TURBO_REMOTE_CACHE_SIGNATURE_KEY` environment variable name to set the key for signatures
@gaspar09
fix package test
569fb14
@gaspar09 gaspar09 requested a review from jaredpalmer March 29, 2022 20:50
@gaspar09 gaspar09 changed the title Document BYOK signature verification BYOK signature uses TURBO_REMOTE_CACHE_SIGNATURE_KEY env variable by default Mar 29, 2022
@kodiakhq kodiakhq bot merged commit 78eedba into main Mar 29, 2022
@kodiakhq kodiakhq bot deleted the gaspar/document-remote-cache-signatures branch March 29, 2022 22:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jaredpalmer jaredpalmer jaredpalmer approved these changes

@gsoltis gsoltis Awaiting requested review from gsoltis

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gaspar09 @jaredpalmer