vault-secrets-operator
Create Kubernetes secrets from Vault for a secure GitOps based workflow. (by ricoberger)
argocd-vault-plugin
An Argo CD plugin to retrieve secrets from Secret Management tools and inject them into Kubernetes secrets (by argoproj-labs)
Our great sponsors
| vault-secrets-operator | argocd-vault-plugin | |
|---|---|---|
| 5 | 9 | |
| 609 | 760 | |
| - | 2.6% | |
| 7.9 | 7.3 | |
| 7 days ago | 1 day ago | |
| Go | Go | |
| MIT License | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vault-secrets-operator
Posts with mentions or reviews of vault-secrets-operator.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-10-12.
- Toyota Accidently Exposed A Secret Key Publicly On GitHub For Five Years
-
Learning with K3s at home. Is it "better" to store secrets encrypted in the git repo (e.g., sealed-secrets) or in a separately managed secret database (e.g., vault)?
For home use, I wouldn't bother with Vault unless that's really what you want to learn. Then it's worth looking into setting something up where you could use vault secrets, using one of the available options (I haven't seen the vault-secrets-operator being mentioned).
-
Hashicorp Vault integration with Secret objects
It is but it affects vault-secrets-operator too, see https://github.com/ricoberger/vault-secrets-operator/issues/104 (and no, I’ve only use vault-secrets-operator)
-
Automation assistants: GitOps tools in comparison
If you are using an external KMS in any case, then there are other options, such as the kubernetes-external-secrets operator that was originally started by GoDaddy and the externalsecret-operator from Container Solutions. If you use HashiCorp Vault, you also have the option of using the Vault Secrets operator. This works similarly to the Sealed Secrets Operator, but instead of managing its own key material, it retrieves the secrets from Vault. The CNCF Technology Radar from January 2021 provides an overview of the types of tools that are available for secrets management.
argocd-vault-plugin
Posts with mentions or reviews of argocd-vault-plugin.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-01-18.
-
GitOps and Kubernetes – Secure Handling of Secrets
ArgoCD supports SOPS with the vault Plugin.
-
Injecting secrets from Vault into Helm charts with ArgoCD
repoServer: rbac: - verbs: - get - list - watch apiGroups: - '' resources: - secrets - configmaps initContainers: - name: download-tools image: registry.access.redhat.com/ubi8 env: - name: AVP_VERSION value: 1.11.0 command: [sh, -c] args: - >- curl -L https://github.com/argoproj-labs/argocd-vault-plugin/releases/download/v$(AVP_VERSION)/argocd-vault-plugin_$(AVP_VERSION)_linux_amd64 -o argocd-vault-plugin && chmod +x argocd-vault-plugin && mv argocd-vault-plugin /custom-tools/ volumeMounts: - mountPath: /custom-tools name: custom-tools extraContainers: - name: avp-helm command: [/var/run/argocd/argocd-cmp-server] image: quay.io/argoproj/argocd:v2.4.8 securityContext: runAsNonRoot: true runAsUser: 999 volumeMounts: - mountPath: /var/run/argocd name: var-files - mountPath: /home/argocd/cmp-server/plugins name: plugins - mountPath: /tmp name: tmp-dir - mountPath: /home/argocd/cmp-server/config name: cmp-plugin - name: custom-tools subPath: argocd-vault-plugin mountPath: /usr/local/bin/argocd-vault-plugin volumes: - configMap: name: cmp-plugin name: cmp-plugin - name: custom-tools emptyDir: {} - name: tmp-dir emptyDir: {} # If you face issue with ArgoCD CRDs installation, then uncomment below section to disable it #crds: # install: false
- K8s and HIPPA/PHI compliant systems - Need advice!
-
Learning with K3s at home. Is it "better" to store secrets encrypted in the git repo (e.g., sealed-secrets) or in a separately managed secret database (e.g., vault)?
argoproj-labs/argocd-vault-plugin
-
Best solution to use Argocd with helm and manage secrets ? Don't say flux !
We’re using https://github.com/argoproj-labs/argocd-vault-plugin which allows you to define secrets in git (works with more backends than just hashicorp vault despite the name). The documentation took me a bit to figure out, but so far it works.
-
Best Practices for Argo CD
Argo CD Vault plugin
- Removing replication count, resource, tolerations, pvc when app is onboarded using ArgoCD
- Gotta love gitops
-
Best/Secure way to add a secret for ArgoCD Helm Chart?
I used argocd vault plugin https://github.com/IBM/argocd-vault-plugin
What are some alternatives?
When comparing vault-secrets-operator and argocd-vault-plugin you can also consider the following projects:
sealed-secrets - A Kubernetes controller and tool for one-way encrypted Secrets
kubernetes-external-secrets - Integrate external secret management systems with Kubernetes
kustomize-sops - KSOPS - A Flexible Kustomize Plugin for SOPS Encrypted Resources
sops - Simple and flexible tool for managing secrets
Flux - Successor: https://github.com/fluxcd/flux2
secrets-store-csi-driver - Secrets Store CSI driver for Kubernetes secrets - Integrates secrets stores with Kubernetes via a CSI volume.
helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere
vault-creds - Sidecar container for requesting dynamic Vault database secrets
atlantis - Terraform Pull Request Automation
argocd-image-updater - Automatic container image update for Argo CD
vault-secrets-operator vs sealed-secrets
argocd-vault-plugin vs kubernetes-external-secrets
vault-secrets-operator vs kubernetes-external-secrets
argocd-vault-plugin vs kustomize-sops
vault-secrets-operator vs sops
argocd-vault-plugin vs sealed-secrets
vault-secrets-operator vs Flux
argocd-vault-plugin vs secrets-store-csi-driver
vault-secrets-operator vs helm-secrets
argocd-vault-plugin vs vault-creds
vault-secrets-operator vs atlantis
argocd-vault-plugin vs argocd-image-updater