-
Notifications
You must be signed in to change notification settings - Fork 166
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Abstracting secret management from values repo PoC #263
Comments
Awesome. The tradeoff between kubernetes-external-secret and bank-vault seems tricky, they both seem to be maintained equally well. I guess bank-vault offers more features and has 50 more collaborators, but then again, the other project is created for solving this problem specifically, correct? |
Indeed, choosing the one is tricky. Intuitively, I like more bank-vaults, because of it's simplicity in terms of referencing to a secret value. But let's make our hands dirty first and then we can decide which one does better work for us. The kubernetes-external-secrets can integrate more seamlessly but if has some disadvantages that I would like to avoid. |
I prefer bank-vaults as it fits more tightly. The other one is offering an interface that is too wide. So if the POC with bank-vaults feels nice we can just continue with that imo. |
Yes, I am going to start with bank-vaults |
Discussion is finished. Requirements are complete and user stories defined. |
**Is your feature request related to a problem? **
The current secret management implementation:
We need robust, multi-tenant secret management solution that integrates seamlessly with Kubernetes but also is suitable for GitOps approach. The solution should also provide secret rotations out of the box.
For more information see discussion: #279
Describe the solution you'd like
I would like to have vault a a secret manager.
First of of Valut seems to be a great candidate as it provides:
Unfortunately, it does not support secrets injection as ENV vars (link)
There are two solutions that could meet our requirements:
Related tasks:
The text was updated successfully, but these errors were encountered: