New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
hc-vault: Support for kubernetes auth #1459
Comments
As a workaround I created simple helm wrapper shell script which I ship with custom If someone needs similar solution feel free to use it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
There are code examples here: https://developer.hashicorp.com/vault/docs/auth/kubernetes#code-example
argocd-vault-plugin
can already use it and it would be the best possible KMS alternative for on-premise usagehttps://argocd-vault-plugin.readthedocs.io/en/stable/backends/#kubernetes-authentication
I personally prefer sops with helm-secrets than AVP as it's visible in git tree when secret changes and you can actually follow the changes later. Not talking about encrypting with spare key (eg. GPG) for some disaster case.
This allows usage of sops with helm-secrets in argocd-repo-server without providing any token to HC Vault, just using ServiceAccount.
Probably more usecases can be found, but IMO this one is major and it's actually my usecase.
The text was updated successfully, but these errors were encountered: