Skip to content

Update config.example.toml key format example #369

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
augustuswm merged 2 commits into from
Dec 16, 2025
Merged

Update config.example.toml key format example #369

augustuswm merged 2 commits into from
Dec 16, 2025

Conversation

@oblakeerickson
Copy link
Contributor

@oblakeerickson oblakeerickson commented Dec 16, 2025
edited
Loading

Now that we have migrated to v-api in db07e89 we need to update the config.example.toml file to match our new reality.

This commit updates the Local key section and the Cloud KSM section to specify a signer and a verifier.

Addresses part of #368

@oblakeerickson
Update config.example.toml key format example
76c14e9 
Now that we have migrated to v-api in db07e89 we need to update the
config.example.toml file to match our new reality.

This commit updates the Local key section to specify a signer and a
verifier and removes the deprecated ckms key type.

Address part of oxidecomputer#368
@augustuswm
Copy link
Contributor

augustuswm commented Dec 16, 2025

Thanks for updating this in the docs. We do still support CKMS as a key backend in addition to local keys. For the CKMS option it would look like this:

# Cloud KMS
[[keys]]
kind = "ckms_signer" # Static identifier indicating Cloud KMS
kid = "" # Unique key identifer, that will be used in JWKS
version = 1 # KMS key version
key = "" # KMS key name
keyring = "" # KMS keying name
location = "" # KMS region
project = "" # GCP project containing Cloud KMS

[[keys]]
kind = "ckms_verifier" # Static identifier indicating Cloud KMS
kid = "" # Unique key identifer, that will be used in JWKS
version = 1 # KMS key version
key = "" # KMS key name
keyring = "" # KMS keying name
location = "" # KMS region
project = "" # GCP project containing Cloud KMS

@oblakeerickson
Copy link
Contributor Author

oblakeerickson commented Dec 16, 2025

Ah I see. Makes sense you wouldn't just get rid of cloud kms support. Updated my original PR comment too.

@augustuswm augustuswm merged commit d2f7513 into oxidecomputer:main Dec 16, 2025
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@oblakeerickson @augustuswm