Skip to content

[WIP] Added support for resolving vault secrets on-demand basis #1538

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
VShingala wants to merge 1 commit into
base: develop
Choose a base branch
from
Draft

[WIP] Added support for resolving vault secrets on-demand basis #1538

VShingala wants to merge 1 commit into from

Conversation

@VShingala
Copy link
Member

@VShingala VShingala commented Dec 16, 2025

Problem Statement

Currently, vault secrets must be pre-loaded as a VariableScope with all values passed upfront via options.vaultSecrets. This requires the consumer (e.g., Postman App, Newman) to:

Know all vault secrets that might be needed before the run starts

Fetch all secrets synchronously before runtime initialization

Handle secret refresh/expiry outside of the runtime flow

Solution

Introduce an on-demand resolution mechanism where:

Runtime detects which vault variables are referenced (e.g., {{vault:secret_key}})

Calls an async resolver function provided by the consumer to fetch those specific secrets

Resolves secrets at the point of need (request resolution, script execution)

Maintains existing domain-based filtering behavior

@VShingala VShingala changed the title Added support for resolving vault secrets on-demand basis [WIP] Added support for resolving vault secrets on-demand basis Dec 16, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@VShingala