Right now the trust serializer expects an io.ReadCloser from zip.OpenReader when passed to serializer.Read() - this works when the zip file is being opened from a path on disk, but doesn't allow in-memory decompression of zip files, which may be required when using secrets storage such as Google Secret Manager or Vault. Although in most cases the secret will be mounted to a pod and read as though it were on disk, it would still be useful to have this utility.
See also this small test issue in the directory repo.
Right now the trust serializer expects an
io.ReadCloserfromzip.OpenReaderwhen passed toserializer.Read()- this works when the zip file is being opened from a path on disk, but doesn't allow in-memory decompression of zip files, which may be required when using secrets storage such as Google Secret Manager or Vault. Although in most cases the secret will be mounted to a pod and read as though it were on disk, it would still be useful to have this utility.serializer.Readin ZIP mode perform a type check to see if the reader is azip.ReadCloser, azip.Reader, or not.zip.ReadCloser- continue as normal; if not azip.Reader, create azip.Readerfrom the reader.zip.Readerindependently of thezip.ReadCloserUsing advice from this stackoverflow postSee also this small test issue in the
directoryrepo.