argocd-vault-plugin
kubernetes-external-secrets
Our great sponsors
argocd-vault-plugin | kubernetes-external-secrets | |
---|---|---|
9 | 1 | |
757 | 1,635 | |
2.1% | - | |
7.1 | 8.5 | |
3 days ago | about 3 years ago | |
Go | JavaScript | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
argocd-vault-plugin
-
GitOps and Kubernetes – Secure Handling of Secrets
ArgoCD supports SOPS with the vault Plugin.
-
Injecting secrets from Vault into Helm charts with ArgoCD
repoServer: rbac: - verbs: - get - list - watch apiGroups: - '' resources: - secrets - configmaps initContainers: - name: download-tools image: registry.access.redhat.com/ubi8 env: - name: AVP_VERSION value: 1.11.0 command: [sh, -c] args: - >- curl -L https://github.com/argoproj-labs/argocd-vault-plugin/releases/download/v$(AVP_VERSION)/argocd-vault-plugin_$(AVP_VERSION)_linux_amd64 -o argocd-vault-plugin && chmod +x argocd-vault-plugin && mv argocd-vault-plugin /custom-tools/ volumeMounts: - mountPath: /custom-tools name: custom-tools extraContainers: - name: avp-helm command: [/var/run/argocd/argocd-cmp-server] image: quay.io/argoproj/argocd:v2.4.8 securityContext: runAsNonRoot: true runAsUser: 999 volumeMounts: - mountPath: /var/run/argocd name: var-files - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp name: tmp-dir - mountPath: /home/argocd/cmp-server/config name: cmp-plugin - name: custom-tools subPath: argocd-vault-plugin mountPath: /usr/local/bin/argocd-vault-plugin volumes: - configMap: name: cmp-plugin name: cmp-plugin - name: custom-tools emptyDir: {} - name: tmp-dir emptyDir: {} # If you face issue with ArgoCD CRDs installation, then uncomment below section to disable it #crds: # install: false
- K8s and HIPPA/PHI compliant systems - Need advice!
-
Learning with K3s at home. Is it "better" to store secrets encrypted in the git repo (e.g., sealed-secrets) or in a separately managed secret database (e.g., vault)?
argoproj-labs/argocd-vault-plugin
-
Best solution to use Argocd with helm and manage secrets ? Don't say flux !
We’re using https://github.com/argoproj-labs/argocd-vault-plugin which allows you to define secrets in git (works with more backends than just hashicorp vault despite the name). The documentation took me a bit to figure out, but so far it works.
-
Best Practices for Argo CD
Argo CD Vault plugin
- Removing replication count, resource, tolerations, pvc when app is onboarded using ArgoCD
- Gotta love gitops
-
Best/Secure way to add a secret for ArgoCD Helm Chart?
I used argocd vault plugin https://github.com/IBM/argocd-vault-plugin
kubernetes-external-secrets
-
Building cloud native apps: Config and Toggles
If you host your Kubernetes cluster in a cloud then I would strongly encourage you to use godaddy/kubernetes-external-secrets project to sync your Kubernetes secrets with external secrets services. kubernetes-external-secrets supports the following backends: AWS Systems Manager Parameter Store, Hashicorp Vault, Azure Key Vault, Google Secret Manager, and Alibaba Cloud KMS Secret Manager.
What are some alternatives?
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
teller - Cloud native secrets management for developers - never leave your command line for secrets.
kustomize-sops - KSOPS - A Flexible Kustomize Plugin for SOPS Encrypted Resources
kube-secret-syncer - A Kubernetes operator to sync secrets from AWS Secrets Manager
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
kube-secrets-init - Kubernetes mutating webhook for `secrets-init` injection
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
vanishing-keys - Vanishing Keys is the public implementation of how Authress provides One Time Secrets
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
migrator - Super fast and lightweight DB migration & evolution tool written in Go
vault-creds - Sidecar container for requesting dynamic Vault database secrets
argocd-image-updater - Automatic container image update for Argo CD