onepassword-operator
kubernetes-external-secrets
| onepassword-operator | kubernetes-external-secrets | |
|---|---|---|
| 4 | 26 | |
| 509 | 2,584 | |
| 1.2% | - | |
| 6.1 | 7.7 | |
| about 2 months ago | almost 2 years ago | |
| Go | JavaScript | |
| MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
onepassword-operator
-
Show HN: Infisical – open-source secret management platform
For one password you will need to create a kind called `OnePasswordItem` as described here https://github.com/1Password/onepassword-operator. This is similar to the `InfisicalSecret` you need to create with us https://infisical.com/docs/integrations/platforms/kubernetes
- Anything on par with HashiCorp Vault
-
1Password Has Raised $620M
I think you are on the money here. I hadn’t spotted this but they have a k8s plugin for example:
https://github.com/1Password/onepassword-operator
This solves the “restart pods when my secret is updated” issue which suggests to me that they are not just paying lip service with these integrations.
kubernetes-external-secrets
- aws secrets with eks ,Teffarorm & helm
-
Securing Kubernetes Secrets with HashiCorp Vault
$ helm repo add external-secrets https://external-secrets.github.io/kubernetes-external-secrets/ "external-secrets" has been added to your repositories $ helm install k8s-external-secrets external-secrets/kubernetes-external-secrets -f values.yaml NAME: k8s-external-secrets LAST DEPLOYED: Wed Mar 23 22:50:35 2022 NAMESPACE: default STATUS: deployed REVISION: 1 TEST SUITE: None NOTES: The kubernetes external secrets has been installed. Check its status by running: $ kubectl --namespace default get pods -l "app.kubernetes.io/name=kubernetes-external-secrets,app.kubernetes.io/instance=k8s-external-secrets" Visit https://github.com/external-secrets/kubernetes-external-secrets for instructions on how to use kubernetes external secrets
-
SimpleSecrets: A self-hosted K8S Secrets Manager Operator
I’m reading above that you weren’t aware of sealed-secrets. So I guess that you are not familiar with ExternalSecrets secrets neither. Very solid project
- Managing json config files for apps deployed to k8s at scale
-
1Password Has Raised $620M
They probably should merge with https://github.com/external-secrets/kubernetes-external-secr...
- Recommended way of securing AWS secret key and id in K8s secrets for pulling images from AWS ECR
-
Do you have a TODO checklist when creating clusters from scratch?
I do not recommend vault if you are not experienced. It is a heavy infra to manage. I suggest looking into https://github.com/external-secrets/kubernetes-external-secrets and selecting the tool offered by your cloud providers.
-
Secrets usage
This is where things like the vault agent sidecar or projects like external secrets come in and allow you to inject / sync your secrets backend and your Kubernetes workloads :)
-
Cloud password managements
Depending on what platform you are on, you could use the AWS SDK or a tool like external-secrets (for Kubernetes).
-
Kuberentes CI/CD
We don't keep anything sensitive inside of Helm charts. We use AWS Secrets Manager and external-secrets
What are some alternatives?
1password-linux-to-bitwarden - Takes a 1Password 8 export (.1pux) & converts it to Bitwarden importable JSON. (Linux / macOS / Windows)
argocd-vault-plugin - An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets
MacPass - A native macOS KeePass client
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
vault-plugin-secrets-onepassword - Hashicorp Vault plugin integrates with 1Password Connect to allow for the retrieval, creation, and deletion of items stored in 1Password.
vault-secrets-operator - Create Kubernetes secrets from Vault for a secure GitOps based workflow.
kubernetes-external-secr
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
bitwarden - Bitwarden client applications (web, browser extension, desktop, and cli) [Moved to: https://github.com/bitwarden/clients]
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
vaultwarden - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
Reloader - A Kubernetes controller to watch changes in ConfigMap and Secrets and do rolling upgrades on Pods with their associated Deployment, StatefulSet, DaemonSet and DeploymentConfig – [✩Star] if you're using it!