Skip to main content

Suggest an Idea

Vote for your favorite Qlik product ideas and add your own suggestions.

Announcements
Have questions about Qlik Connect? Join us live on April 10th, at 11 AM ET: SIGN UP NOW

Expand External Credential addon to new programming language

mclancaster
Contributor III
Contributor III

Expand External Credential addon to new programming language

The external credential addon (used to integrate with secrets managers like HashiCorp Vault) currently requires a ".so" executable; which means the code written must be done in c/c++. Most modern-day systems that require a custom integration (where the business needs to provide a 'middle-man' script), accept more human-friendly languages like python, bash, java/JS, c#, etc. I believe the replicate product itself is written in a c-based language, so the biggest road-block is ensuring that the information returned from the executable can be properly ingested.

Instead of a large c-based frame, perhaps the addon could be more generalized to accept a specific returned value:

1) addon is invoked when 'lookup' is noted

2) addon (in the background) executes the given 'middle-man' script to retrieve a credential (necessary library paths can be included in the site_arep_login.sh file), passing the lookup value as an argument

3) middle-man script performs it's magic, and pulls the desired secret (this would be out-of-scope for Qlik)

4) addon reads returned data from script in a VERY specific format. For example, a JSON string with a single key/value pair

5) addon internally copies provided secret to proper location in memory, and cleans up after itself.

 

As it stands, I currently have to do this process today, as the linux CLI we use for integrating with our secrets manager does NOT support a c-script. My c-script simply calls a bash-script, reads back a very specific returned value,  and updates the necessary pointers. Forcing a c-program can provide multiple roadblocks due to complexity of the language, memory management, and being a "one-off" compared to standard operating procedures across other platforms.

3 Comments
dima_etkin
Support
Support

Hi @mclancaster ,

While the idea of having more versatile hooks in Qlik Replicate is appealing, it may take some time before it will be implemented.

In the meanwhile - would you consider an approach of calling Python from C? There is some information available on this subject in the links below:

https://docs.python.org/3/extending/embedding.html

https://www.geeksforgeeks.org/calling-python-from-c-set-1/

https://stackoverflow.com/questions/3286448/calling-a-python-method-from-c-c-and-extracting-its-retu...

best,

\d

 

Meghann_MacDonald

From now on, please track this idea from the Ideation portal. 

Link to new idea

Meghann

NOTE: Upon clicking this link 2 tabs may open - please feel free to close the one with a login page. If you only see 1 tab with the login page, please try clicking this link first: Authenticate me! then try the link above again. Ensure pop-up blocker is off.

Ideation
Explorer II
Explorer II
 
Status changed to: Closed - Archived