Small feature request. I am using helmfile for the deployment of our k8s infrastructure and wanted to use sops for encryption of secrets. I need to use the --keyservice but as I am calling sops inside a wrapper (helmfile) of a wrapper (helm secrets) I cannot pass this variable to sops in a clean way.

Could you provide an alternative way to provide this option to sops in the .sops.conf and/or i

See https://github.com/square/keywhiz/blob/master/server/src/main/resources/keywhiz-development.yaml#L49

It's a dropWizard thing, but we should document why it exists in Keywhiz and how to configure it (or link to the DropWizard docs).

We still have docs describing an antigen plugin that has long been deprecated

The regex test if [[ $yml =~ ^(.*/)?secrets(\.[^.]+)*\.yaml$ ]] does not match the helm secrets help text, at least on OSX.

secrets.dev.yaml functions properly; secrets-dev.yaml fails to decrypt; helm secrets implies it should: wrapper that decrypts secrets[.*].yaml

while zsh handles binary data correctly in its process substitution, other shells like bash and fish don't.

zsh:

% print -R -n - $pass | wc -c
509

bash:

-bash: warning: command substitution: ignored null byte in input
$ echo -n -e $pass | wc -c
507

fish:

> echo -n -e $pass | wc -c
323

In order to pass the correct key to cryptsetup I th

As a Developer, I want to know why a Follower is not authenticating my application, so that I can address the issue without a lot of trial & error.

GIVEN an application deployed in K8s/OCP with the authenticator client
WHEN the the Follower rejects the authn request
THEN post the error message such that it is visible in the Follower log at the default log level.

Developer Notes

In /opt

ISSUE TYPE

• Bug Report

COMPONENT NAME

• gui
• documentation

CONFIGURATION

OS / ENVIRONMENT

Java GUI on MacOS

SUMMARY

It is not totally obvious to a new user of the GUI that even if they have selected a secret, clicking "Policies" will edit the policy of the whole group. Of course, users should know that policies are per group and not per secret,

The wording in the README leads you to believe that the --create-principal and --fetch-role will be created when running the docker command given. However, those two roles need to exist already in the user's account.

Is your feature request related to a problem? Please describe.

I would like to see a service connector available for MarkLogic.

Describe the solution you would like

At least one of these 2 options:

• MarkLogic as an HTTP service here

• MarkLogic as