Hello,
If I understood correctly the changes that came with the v5 data scheme, the encrypted metadata led to the fact the new Passbolt Ansible plugin (https://github.com/passbolt/passbolt-ansible-lookup-plugin) can request resources from Passbolt API only with the UUID of the resource. I suppose this is due to the fact that only the UUID stays unencrypted by design.
With a structured approach:
- harmonized naming of secrets, harmonized naming of variables in Ansible,
- and for example, a "gateway import_secrets.yaml " file in the inventory that makes a mapping ansible_variable -> passbolt_uuid (including the passbolt api plugin syntax with uuid in the Jinja2 right member of the definition of the variable),
- ... we may be able to migrate happily. It might even force people to stay clean and get separated the secret/config retrieval definition from the tasks code if the latter only leverages the variable names.
However, there is a major setback as far as we understand it: we cannot search by UUID in the browser extension (or I do not know how to proceed :) ).
So, as a team, we have no easy way to consolidate and review (example ease-up debugging). We have at least some people that fear it might become unusable for them as "users".
Is this kind of search feature planned in the future ? (I have not found any ref to that in the issues so maybe our team is missing something?)
Hello,
If I understood correctly the changes that came with the v5 data scheme, the encrypted metadata led to the fact the new Passbolt Ansible plugin (https://github.com/passbolt/passbolt-ansible-lookup-plugin) can request resources from Passbolt API only with the UUID of the resource. I suppose this is due to the fact that only the UUID stays unencrypted by design.
With a structured approach:
However, there is a major setback as far as we understand it: we cannot search by UUID in the browser extension (or I do not know how to proceed :) ).
So, as a team, we have no easy way to consolidate and review (example ease-up debugging). We have at least some people that fear it might become unusable for them as "users".
Is this kind of search feature planned in the future ? (I have not found any ref to that in the issues so maybe our team is missing something?)