cryptr
openbao
Our great sponsors
cryptr | openbao | |
---|---|---|
3 | 14 | |
485 | 2,092 | |
0.0% | 33.2% | |
0.0 | 9.9 | |
about 1 year ago | 2 days ago | |
HTML | Go | |
Apache License 2.0 | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cryptr
-
HashiCorp Vault Forked into OpenBao
My colleague at Adobe built one for our own use, since HashiCorp didn't provide one at the time: https://github.com/adobe/cryptr
IIRC HashiCorp was not interested in supporting these kinds of tools because they were in direct competition with the Vault enterprise offering.
-
Are there "Configuration Manager" solution out there?
Something like cryptr working on top of Hashicorp vault? https://github.com/adobe/cryptr
-
Recommended Vault Services?
Adobe built a web UI for Vault, if you want to use it more like a password manager: https://github.com/adobe/cryptr
openbao
- OpenBAO: Manage, store, distribute sensitive data – secrets, certificates, keys
- Show HN: Open-source alternative to HashiCorp/IBM Vault
-
IBM Planning to Acquire HashiCorp
FWIW, most of the code and docs contributions have come from non-IBMers [0]. That said, IBM has done a lot of great work building the foundation and initial community and without them, OpenBao wouldn't be here. :-)
Speaking for myself, but I do not get any monetary compensation from IBM and I suspect this is true for all of the other non-IBM contributors.
[0]: https://github.com/openbao/openbao/releases/tag/v2.0.0-alpha...
-
Software Company HashiCorp Is Weighing a Potential Sale
on the off chance one hasn't been tracking it, there were several "we don't need your stinking BuSL" projects when this drama first started:
https://github.com/opentofu#why-opentofu (Terraform)
https://github.com/openbao/openbao#readme (Vault)
and I know of several attempts at Vagrant <https://github.com/hashicorp/vagrant/forks> but I don't believe one of them has caught traction yet
There are also some who have talked about an "open Nomad" but since I don't play in that space I can't speak to it
- OpenBAO – Fork of HashiCorp's Vault
-
OpenBao – FOSS Fork of HashiCorp Vault
Oops https://github.com/openbao/openbao/tree/development?tab=read...
-
HashiCorp Vault Forked into OpenBao
Well, lucky you, because now there's new management :-)
In all seriousness, you may want to open an issue <https://github.com/openbao/openbao/issues> as they have weighed in on a few threads here saying they're open to suggestions
Having implemented a reader for 1Password's "old" opvault format, I would imagine the threat model is not just searching, so it may be a heavy lift to coerce ~~Vault~~ OpenBao's mental model over into one that can be used as a consumer a password manager but I'll admit that would be pretty cool to unify vaultwarden and OpenBao into one stop shopping for all one's cryptographic needs
What are some alternatives?
harp - Secret management by contract toolchain
Nomad - Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.
k8s-vault-webhook - A k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers
infisical - ♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure and prevent secret leaks.
medusa - A cli tool for importing and exporting Hashicorp Vault secrets
Gravitational Teleport - The easiest, and most secure way to access and protect all of your infrastructure.
wrongsecrets - Vulnerable app with examples showing how to not use secrets [Moved to: https://github.com/OWASP/wrongsecrets]
nomad - CircleCI fork of nomad - use circleci/main branch
conjur - CyberArk Conjur automatically secures secrets used by privileged users and machine identities