New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for "syncing" or "pushing" to external systems #58
Comments
A good use case may be to sync into Kubernetes Secrets and ConfigMaps. Maybe the Pulumi Kubernetes Operator could implement this by providing an API. e.g. kind: SecretSource
metadata:
namespace: shopping
spec:
environment: shopping-service-staging
secretName: shopping-service |
Another idea: sync with GitHub Environments, e.g. by pushing secrets. A benefit is to link ESC environments with protection rules, as described here. For example, allowing the |
Looking forward to this. At least we can expect to sync ESC secrets to GitHub Actions in a secure way. |
Was going to suggest adding this to ESO but I see Engin beat me to it already :) |
@MMartyn the PR (external-secrets/external-secrets#2997) is merged! I do not know their release cycle but expect it soon to be GA! 😍 |
While the esc CLI and REST APIs can be used today to pull configuration down into many existing places where environments will be consumed, there are also many systems that store their configuration in more “walled gardens” which would need to be pushed into for optimal usability.
For example, pushing configuration values into a CI/CD system’s configuration system to avoid needing to copy/paste configuration and secrets manually into their UI.
We want ESC to offer a “push”/”sync” option that can be configured to inject configuration from an environment into such systems directly, so that you can still benefit from the usability of their native configuration systems, without having to take on the problems of configuration sprawl, long-lived static secrets and duplication and copy/paste of secrets.
We anticipate this supporting things like GitHub Actions env secrets, and many other similar use cases.
The text was updated successfully, but these errors were encountered: