Skip to content
This repository has been archived by the owner on Jul 2, 2020. It is now read-only.

zalando-stups/mint-worker

Repository files navigation

mint-worker

Build Status Coverage Status

mint is the secret rotator and distributor for the STUPS ecosystem.

Download

Releases are pushed as Docker images in the public Docker registry:

You can run mint by starting it with Docker:

$ docker run -it stups/mint-worker

Requirements

  • PostgreSQL 9.4+

Configuration

Configuration is provided via environment variables during start.

Mint Worker

Variable Mandatory? Default Description
OAUTH2_ACCESS_TOKEN_URL yes URL of the /access_token endpoint of the authorization server (to retrieve OAuth tokens)
JOBS_KIO_URL yes URL to Kio. Used to verify applications.
JOBS_SERVICE_USER_URL yes URL to Service User API
JOBS_MINT_STORAGE_URL yes URL to Mint storage
JOBS_ESSENTIALS_URL yes URL of essentials. Used to verify scopes.
JOBS_MINT_COWORKER_URL no URL of mint-coworker proxy. Used for proxying bucket writes to GCS.
JOBS_MAX_S3_ERRORS no 10 At which point mint-worker pauses password/client rotation for applications
JOBS_ETCD_LOCK_URL no etcd key URL for locking
JOBS_ETCD_LOCK_TTL no 500 etcd TTL for locking

Example:

$ docker run -it \
    -e OAUTH2_ACCESS_TOKEN_URL="https://auth-example.com/access_token" \
    -e JOBS_KIO_URL="https://kio.example.com" \
    -e JOBS_SERVICE_USER_URL="https://service-user.example.com" \
    -e JOBS_MINT_STORAGE_URL="https://mint.example.com" \
    -e JOBS_ESSENTIALS_URL="https://essentials.example.com" \
    stups/mint-storage

Building

$ lein do uberjar, scm-source, docker build

Releasing

$ lein release :minor

Developing

Mint embeds the reloaded workflow for interactive development:

$ lein repl
user=> (go)
user=> (reset)

License

Copyright © 2016 Zalando SE

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

https://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.