Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-21495

Deploy bitnami-labs/sealed-secrets for Roundtable

    Details

      Description

      sealed-secrets provides a way of encrypting secrets with a private key that's only available from the Kubernetes cluster. This provides an easy way to securely commit secret resources for a Kubernetes deployment into a Git repository (such as for Roundtable's Argo CD-based workflow). This is similar to how Travis CI lets you encrypt secrets and commit those encrypted secrets into the repo's .travis.yml file.

      Note that a better alternative is to use LSST's centralized Vault, but at the moment we haven't figured out the right workflow for Roundtable-based apps to use Vault.

        Attachments

          Issue Links

            Activity

            Hide
            jsick Jonathan Sick added a comment -

            The sealed-secrets app is deployed and has been used; need to finish the user-facing docs.

            Show
            jsick Jonathan Sick added a comment - The sealed-secrets app is deployed and has been used; need to finish the user-facing docs.
            Show
            jsick Jonathan Sick added a comment - User docs for Sealed Secrets: https://roundtable.lsst.io/app-guide/using-sealed-secrets.html Deployment for Sealed Secrets: https://github.com/lsst-sqre/roundtable/tree/master/deployments/sealed-secrets

              People

              • Assignee:
                jsick Jonathan Sick
                Reporter:
                jsick Jonathan Sick
                Watchers:
                Jonathan Sick
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: