Hi everyone,
Wanted to solicit feedback on an idea. Internally we'd like to use
backup/restore more, however how it interacts with encrypted store
passwords is a bit of an issue. To that end I have been working on the
ability for backup/restore to parameterize outgoing store passwords. I have
a branch created with this work:
https://github.com/dvntucker/geoserver/tree/parameterize_passwords
To save people from having to dig, basically all I've done is create two
new XML persisters, one for data stores that collects the fields that need
to be parameterized (similar to what happens now, just collecting a little
more info) and a new connections parameters converter that does the actual
tokenization:
https://github.com/dvntucker/geoserver/blob/5e1f574c9e428357f6f3c824854936049632bd65/src/community/backup-restore/core/src/main/java/org/geoserver/backuprestore/BackupRestoreItem.java#L185
Next steps would be to update the restore job to do the token replacement,
plus options in the UI and rest interface
Unfortunately, I realized a little too late that there is sort of an
existing solution to this, which is the capability to parameterize the
entire environment, but AFAICT this doesn't work well with encrypted
passwords. Personally, I like the approach of just replacing the password
in the backups, since it requires less specialized config.
Any thoughts on this approach? Any potential issues? Any issue with
contributing something along these lines?
Cheers,
Devon
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
