Multiple Secret Backend Suppport
Barbican supports secret storage in HSM device as well as in a database. So far, Barbican has implicit concept of configuring one active plugin for secret store which means all of the new secrets are going to be stored via same plugin (i.e. same storage backend). This approach can limit the usage of barbican in a typical cloud deployment where not all services/
Proposal is to allow multiple secret store backend available in a single
barbican deployment. As part of this change, client has choice to select
preferred backend at a project level.
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Adding API docs for multiple backend support
Addressed by: https:/
Adding multiple backend db model and repo support
Addressed by: https:/
Adding central logic to manage multiple backend feature.
Addressed by: https:/
Adding central logic to sync secret store data with conf data
Addressed by: https:/
Adding rest API for secret-stores resource (Part 4)
Addressed by: https:/
Adding functional tests for multiple backend changes (Part 5)
Addressed by: https:/
Adding reno release notes for multiple backend feature