Spruce
Vault
Spruce | Vault | |
---|---|---|
3 | 160 | |
405 | 29,693 | |
- | 0.6% | |
3.2 | 10.0 | |
8 months ago | about 24 hours ago | |
Go | Go | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Spruce
-
Working with JSON in vim
jq is great. I use spruce as well. https://github.com/geofffranks/spruce
-
How do you manage sensitive keys when using foreign developers?
The CI/CD has a service account with permissions to all envs, and during deployment it renders the config files and inserts the "real" values by pulling it from Vault/KMS. Something very simple is Spruce, which is actually a powerful general templating tool but I've seen it only used for vault secrets so far.
-
A list of new(ish) command line tools – Julia Evans
I use spruce for many thing but it's ability to merge y'all files smartly is very useful. Think global yaml merged with one of [prod, staging, dev].yaml, merged with override.yaml creating a deployment yaml. https://github.com/geofffranks/spruce
Vault
- Terraform & HashiCorp Vault Integration: Seamless Secrets Management
-
Top Secrets Management Tools for 2024
HashiCorp Vault
-
Keep it cool and secure: do's and don'ts for managing Web App secrets
For a more comprehensive and robust secret management solution, get your hands on tools like GCP Secret Manager, or HashiCorp Vault. They're like the security guards of your secrets, providing a safe house, access control, and keeping logs of who’s been snooping around.
-
Kubernetes Secret Management
HashiCorp Vault is a popular tool for managing secrets in Kubernetes clusters. It offers advanced features such as secure storage, encryption, dynamic secrets generation, and integration with Kubernetes through its Kubernetes authentication method.
-
Champion Building - How to successfully adopt a developer tool
So you've just bought a new platform tool? Maybe it's Hashicorp Vault? Snyk? Backstage? You’re excited about all of the developer experience, security and other benefits you're about to unleash on your company—right? But wait…
-
AWS Secrets Manager for on-premise and other cloud accounts scaled architecture
You seem to be looking for a cross-platform solution, and https://www.vaultproject.io/ provides just that. If everything was in AWS, AWS Secret Manager might be great, but imo Vault provides much better platform-agnostic capabilities.
-
Show HN: Anchor – developer-friendly private CAs for internal TLS
https://github.com/openwrt/luci/blob/master/applications/luc...
https://developer.hashicorp.com/vault/tutorials/secrets-mana... https://github.com/hashicorp/vault :
> Refer to Build Certificate Authority (CA) in Vault with an offline Root for an example of using a root CA external to Vault.
-
The Complete Microservices Guide
Secret Management: Securely stores sensitive configuration data and secrets using tools like AWS Secrets Manager or HashiCorp Vault. Avoid hardcoding secrets in code or configuration files.
-
Horcrux: Split your file into encrypted fragments
The author of this tool basically took the Shamir code from Hashicorp Vault, which is pretty mainstream. If you're looking for a solid implementation, I would start there[0]. I wouldn't use the Shamir code from this repo, as it's an old version of the vault code using field arithmetic that doesn't run in constant time.
[0]: https://github.com/hashicorp/vault/blob/main/shamir/shamir.g...
-
OpenTF Announces Fork of Terraform
Out of curiosity, what do you mean by this? cross-cluster? they already have HA: https://github.com/hashicorp/vault/blob/v1.14.1/website/cont...
while digging up that link, I also saw one named replication: https://github.com/hashicorp/vault/blob/v1.14.1/website/cont...
What are some alternatives?
kubernetes - Production-Grade Container Scheduling and Management
Keycloak - Open Source Identity and Access Management For Modern Applications and Services
Cloud Foundry - Deprecated: Cloud Foundry Release
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
SaltStack - Software to automate the management and configuration of any infrastructure or application at scale. Get access to the Salt software package repository here:
sops - Simple and flexible tool for managing secrets
Juju - Orchestration engine that enables the deployment, integration and lifecycle management of applications at any scale, on any infrastructure (Kubernetes or otherwise).
etcd - Distributed reliable key-value store for the most critical data of a distributed system
MCollective - MCollective Server and Client Puppet Module
OPA (Open Policy Agent) - Open Policy Agent (OPA) is an open source, general-purpose policy engine.
consul - Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
bitwarden_rs - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs [Moved to: https://github.com/dani-garcia/vaultwarden]