dimas-b commented on PR #461: URL: https://github.com/apache/polaris/pull/461#issuecomment-2530377833
So it looks like the approach proposed in this PR (while I keep my non-binding approval) appears to be not robust enough. I'd like to propose to move the printing of generated credentials to the `bootstrap` CLI command and also add an option to write them to a file on the local filesystem. For that matter, I think even the generation of random secrets should be delegated to the `bootstrap` command and removed from core. Them, core services will receive secrets the same way whether the user provided self-managed secrets or asked the `bootstrap` command to generate them. Integration with secret managers is deferred. WDYT? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
