To:
CC:

Hi, I'm jira-bot, Percona's Jira automation tool. I've detected that someone from
Percona has made an edit to the Summary field of an issue that you reported.

I'm not sentient (yet) so I'm not sure whether the person fixed a typo, changed
a few words, or completely rewrote the text. In any case, it is Percona Engineering's
intention to make the Summary and Description of an issue as accurate as possible
so that we're fixing the actual problem you're encountering, and to avoid
misunderstandings about symptoms and causes.

If the current Summary does not accurately reflect the problem you are reporting,
or if you feel the change was otherwise inappropriate in some way, please add a
new comment explaining things and we'll address it as soon as we can.

This message will be added only once per issue, regardless of how many times
the Summary is edited.

message-code:summary-edited

Sorry for the late answer.

> (1) if we perform the encryption for the user, do we overwrite the file or create a new file?

> (2) What if they want to change the values? How would someone edit the values? (we could provide another utility for this)

I believe we need to mimic what mysql_config_editor does. It overrides the file and has a "set" command which allows to update credentials.

> (3) If we store the key with ProxySQL, is that secure enough?

Depending how it is stored. If hardly possible to retrieve by an attacker - yes.