dapr
/
docs
mirror of https://github.com/dapr/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update component-secrets.md 

Applied Mark Fussell's feedback replacing Standard and Special case names with more descriptive names.  Plus cleaned up the grammer and text in a few areas.
This commit is contained in:
georgestevens99 2021-09-07 14:26:51 -04:00
parent 2cf5ce5e13
commit ad5a8d7676
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
daprdocs/content/en/operations/components/component-secrets.md
View File

@ -38,9 +38,9 @@ spec:
value: MyPassword
```
Instead create the secret in your secret store and reference it in the component definition. There are 2 cases for this shown below -- A Standard Case and a Special Case.
Instead create the secret in your secret store and reference it in the component definition. There are 2 cases for this shown below -- the "Secret Contains an Embedded Key" and the "Secret is a String".
The Standard Case applies when there is an key embedded within the secret, i.e. the secret is NOT an entire connection string. The below component definition yaml is for the Standard Case.
The "Secret Contains an Embedded Key" case applies when there is a key embedded within the secret, i.e. the secret is NOT an entire connection string. This is shown in the following component definition yaml.
```yml
apiVersion: dapr.io/v1alpha1
@ -64,10 +64,10 @@ auth:
`SECRET_STORE_NAME` is the name of the configured [secret store component]({{< ref supported-secret-stores >}}). When running in Kubernetes and using a Kubernetes secret store, the field `auth.SecretStore` defaults to `kubernetes` and can be left empty.
The above component definition tells Dapr to extract a secret named `redis-secret` from the defined `secretStore` and assign the value associated with the `redis-password` key embedded in the secret to the `redisPassword` field in the component.
The above component definition tells Dapr to extract a secret named `redis-secret` from the defined `secretStore` and assign the value associated with the `redis-password` key embedded in the secret to the `redisPassword` field in the component. One use of this case is when your code is constructing a connection string, for example putting together a URL, a secret, plus other information as necessary, into a string.
On the other hand, the below Special Case applies when there is NOT a key embedded in the secret. Rather, the secret is just a string. Therefore, in the `secretKeyRef` section both the secret `name` and the secret `key` will be identical. This is the case when the secret is an entire connection string with no embedded key whose value needs to be extracted. Typically a connection string consists of connection information, some sort of secret to allow connection, plus perhaps other information and does not require a separate "secret". This Special Case is shown in the below component definition yaml.
On the other hand, the below "Secret is a String" case applies when there is NOT a key embedded in the secret. Rather, the secret is just a string. Therefore, in the `secretKeyRef` section both the secret `name` and the secret `key` will be identical. This is the case when the secret itself is an entire connection string with no embedded key whose value needs to be extracted. Typically a connection string consists of connection information, some sort of secret to allow connection, plus perhaps other information and does not require a separate "secret". This case is shown in the below component definition yaml.
```yml
apiVersion: dapr.io/v1alpha1
@ -88,7 +88,7 @@ auth:
secretStore: <SECRET_STORE_NAME>
```
The above Special Case yaml tells Dapr to extract a connection string named `asbNsConnstring` from the defined `secretStore` and assign the value to the `connectionString` field in the component since there is no key embedded in the "secret" from the `secretStore` because it is a plain string. This requires the secret `name` and secret `key` to be identical.
The above "Secret is a String" case yaml tells Dapr to extract a connection string named `asbNsConnstring` from the defined `secretStore` and assign the value to the `connectionString` field in the component since there is no key embedded in the "secret" from the `secretStore` because it is a plain string. This requires the secret `name` and secret `key` to be identical.
## Example