Expand the Scope of Pluggable Secret Keys Ticket

77 views
Skip to first unread message

John Gooding

unread,
Aug 7, 2019, 9:43:49 PM8/7/19
to Django developers (Contributions to Django itself)
Would it be possible to expand the scope of the recently accepted secret key rotation ticket to include the ability to live rotate other credentials as well, such as the DB credentials?

Carlton Gibson

unread,
Aug 8, 2019, 4:53:52 AM8/8/19
to Django developers (Contributions to Django itself)
Hi John, 

I'm inclined towards "separate thing all together". Maybe they're all related but the bigger a ticket gets the less chance it has of actually appearing... 

> ... DB credentials...

Let's say you put those in environment variables... Don't you just relaunch with a new environment to "rotate"? i.e. What special handling would Django need to provide?

Kind Regards,

Carlton

Adam Johnson

unread,
Aug 8, 2019, 5:05:36 AM8/8/19
to django-d...@googlegroups.com
This should be a separate ticket.

I'm not sure what you need for DB credential rotation - this can already be done by creating a second user in your database, then changing Django's config to use the new one, then deleting the old one.

--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/4271925d-6198-4847-80a1-fe453a6e4313%40googlegroups.com.


--
Adam
Reply all
Reply to author
Forward
0 new messages