1password-linux-to-bitwarden
kubernetes-external-secrets
Our great sponsors
1password-linux-to-bitwarden | kubernetes-external-secrets | |
---|---|---|
5 | 26 | |
36 | 2,584 | |
- | - | |
0.0 | 7.7 | |
over 2 years ago | almost 2 years ago | |
Go | JavaScript | |
GNU General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
1password-linux-to-bitwarden
-
1Password Has Raised $620M
They have been doing some pretty unfriendly moves towards their long-term customers, like making sure the new 1Password cannot be used without 'the cloud' like the old one could be.
I have no doubt raising more VC money will only accelerate such trends.
In fact I've decided to move off of 1Password to BitWarden, since at least one can realistically self-host it. That being said, it's not exactly easy to migrate from the latest 1Password so I wrote my own little utility to do it[1].
I think we need more competition to VC backed products in general, just imagine what would happen if the building blocks of say a GNU/Linux system we take for granted today would've been built with the mindset that investors are going to want a return on their investment.
I am not saying there's anything wrong with that in principle, but am not sure I want to surrender my passwords to these kinds of incentives.
1 - https://github.com/MatejLach/1password-linux-to-bitwarden
-
New version of 1Password means no way to import 1Password data into Bitwarden
By looking at the decoder of the tool linked in this post, it's just a zip that contains .data files, which are JSON. Still, hiding known file formats (.zip, .json) behind some obscure names (.1pux and .data) does look like a shady pattern to me.
-
1Password .pux file
There are compiled version available: 1.0 - initial binary release
kubernetes-external-secrets
- aws secrets with eks ,Teffarorm & helm
-
Securing Kubernetes Secrets with HashiCorp Vault
$ helm repo add external-secrets https://external-secrets.github.io/kubernetes-external-secrets/ "external-secrets" has been added to your repositories $ helm install k8s-external-secrets external-secrets/kubernetes-external-secrets -f values.yaml NAME: k8s-external-secrets LAST DEPLOYED: Wed Mar 23 22:50:35 2022 NAMESPACE: default STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: The kubernetes external secrets has been installed. Check its status by running: $ kubectl --namespace default get pods -l "app.kubernetes.io/name=kubernetes-external-secrets,app.kubernetes.io/instance=k8s-external-secrets" Visit https://github.com/external-secrets/kubernetes-external-secrets for instructions on how to use kubernetes external secrets
-
SimpleSecrets: A self-hosted K8S Secrets Manager Operator
I’m reading above that you weren’t aware of sealed-secrets. So I guess that you are not familiar with ExternalSecrets secrets neither. Very solid project
- Managing json config files for apps deployed to k8s at scale
-
1Password Has Raised $620M
They probably should merge with https://github.com/external-secrets/kubernetes-external-secr...
- Recommended way of securing AWS secret key and id in K8s secrets for pulling images from AWS ECR
-
Do you have a TODO checklist when creating clusters from scratch?
I do not recommend vault if you are not experienced. It is a heavy infra to manage. I suggest looking into https://github.com/external-secrets/kubernetes-external-secrets and selecting the tool offered by your cloud providers.
-
Secrets usage
This is where things like the vault agent sidecar or projects like external secrets come in and allow you to inject / sync your secrets backend and your Kubernetes workloads :)
-
Cloud password managements
Depending on what platform you are on, you could use the AWS SDK or a tool like external-secrets (for Kubernetes).
-
Kuberentes CI/CD
We don't keep anything sensitive inside of Helm charts. We use AWS Secrets Manager and external-secrets
What are some alternatives?
MacPass - A native macOS KeePass client
argocd-vault-plugin - An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets
vaultwarden - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
onepassword-operator - The 1Password Connect Kubernetes Operator provides the ability to integrate Kubernetes Secrets with 1Password. The operator also handles autorestarting deployments when 1Password items are updated.
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
infrastructure - The infrastructure monorepo for the Rocky Linux project. This project will be archived/deprecated in the future.
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
portwarden - Create Encrypted Backups of Your Bitwarden Vault with Attachments
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
mkcert - A simple zero-config tool to make locally trusted development certificates with any names you'd like.
Reloader - A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!