Kubernetes controller written in Rust for automatically generating and updating secrets

Overview

Secret Generator

Declarative secret generator operator

TODOs

Must-have items:

  • Simple secret generator operator
  • Add Docker build
  • Add Kubernetes manifest
  • Add Vault support
  • Update document
  • Makefile
  • Add tests

Nice-to-have items:

  • More schema validations
  • Add expiration field
  • Refactor status field with sync and re-new statuses
  • Add Azure Key Vault support
  • Refactor code
You might also like...
shavee is a Program to automatically decrypt and mount ZFS datasets using Yubikey HMAC as 2FA or any USB drive with support for PAM to auto mount home directories.

shavee is a simple program to decrypt and mount encrypted ZFS user home directories at login using Yubikey HMAC or a Simple USB drive as 2FA written in rust.

Automatically assess and score software repositories for supply chain risk.

Hipcheck Hipcheck scores risks for software projects; yours and your dependencies. It analyzes repositories to assess risks, review development practi

deductive verification of Rust code. (semi) automatically prove your code satisfies your specifications!
deductive verification of Rust code. (semi) automatically prove your code satisfies your specifications!

Le marteau-pilon, forges et aciéries de Saint-Chamond, Joseph-Fortuné LAYRAUD, 1889 About Creusot is a tool for deductive verification of Rust code. I

Release complex cargo-workspaces automatically with changelog generation, used by `gitoxide`

cargo smart-release Fearlessly release workspace crates and with beautiful semi-handcrafted changelogs. Key Features zero-configuration cargo smart-re

An open source Rust high performance cryptocurrency trading API with support for multiple exchanges and language wrappers. written in rust(🦀) with ❤️

Les.rs - Rust Cryptocurrency Exchange Library An open source Rust high performance cryptocurrency trading API with support for multiple exchanges and

Rusty Hog is a secret scanner built in Rust for performance, and based on TruffleHog which is written in Python.
Rusty Hog is a secret scanner built in Rust for performance, and based on TruffleHog which is written in Python.

Rusty Hog is a secret scanner built in Rust for performance, and based on TruffleHog which is written in Python. Rusty Hog provides the following bina

Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.

foundry Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust. Foundry consists of: Forge: Ethe

A lightning-fast password generator and manager written in Rust
A lightning-fast password generator and manager written in Rust

Passlane A lightning-fast password manager for the command line Features Generate passwords Place the generated password into the clipboard Save previ

An efficient, robust, and generalized batch submission service for rollup stacks written in pure rust.
An efficient, robust, and generalized batch submission service for rollup stacks written in pure rust.

archon is an efficient, robust, and generalized batch submission service for rollup stacks written in pure rust. Note Archon is primarily tested again

Comments
  • Provide Hashicorp Vault support

    Provide Hashicorp Vault support

    Currently, the controller just reconciles SecretGenerator into Kubernetes secret, we will need to:

    • Add the spec for Vault client (auth with root token or service account)
    • Initialize the Vault client
    • Split the reconcile handler to handle multiple cases (kubernetes, vault and more)

    The current libraries don't seem very promising though:

    • https://github.com/lawliet89/vault-rs (+1)
    • https://github.com/Metaswitch/vault-client
    • https://github.com/ChrisMacNaughton/vault-rs
    opened by locmai 0
Owner
Loc Mai
Site Reliability Engineer
Loc Mai
age-encrypted secrets for NixOS; drop-in replacement for agenix

ragenix ragenix provides age-encrypted secrets for NixOS systems which live in the Nix store and are decrypted on system activation. Using ragenix to

YAXI 91 Jan 8, 2023
A mini CLI tool to detect secrets & credentials in source code

Fencer Fencer is a mini-CLI tool that can used to scan various kind of secrets/credentials that are hardcoded into a project source code files Feature

Naresh Balaji 17 Aug 23, 2022
Distributed Vault For Your Secrets

https://meta-secret.github.io Application Design Activity Diagram graph TD User --> |split password| MSS{MetaSecret} MSS --> |split| Hash1

Meta Secret 4 Nov 9, 2022
A simple command-line application to securely store secrets using encryption

rust-secret-vault A simple yet robust command-line tool designed to safely encrypt and store your sensitive information. Harnessing the power of AES-2

Luis Soares 4 Nov 22, 2023
A fast, simple and powerful open-source cross platform utility tool for generating strong, unique and random passwords

password-generator-pro A fast, simple and powerful open-source cross platform utility tool for generating strong, unique and random passwords. Feature

Sebastien Rousseau 3 Dec 16, 2022
Lockbox is a command-line tool for generating and managing passwords

Lockbox is a command-line tool for generating and managing passwords. It uses strong encryption algorithms to securely store your passwords, so you can be sure that your data is safe.

Sonu Bardai 15 Oct 9, 2023
Library and CLI tool for generating Radix Babylon Accounts.

Wallet Compatible Derivation This repo is a package containing two crates - a library named wallet_compatible_derivation and binary named wallet_compa

Radix DLT 3 Feb 28, 2024
A Rust library for generating cryptocurrency wallets

Table of Contents 1. Overview 2. Build Guide 2.1 Install Rust 2.2a Build from Homebrew 2.2b Build from Crates.io 2.2c Build from Source Code 3. Usage

Aleo 552 Dec 29, 2022
tool for generating wordlists or extending an existing one using mutations.

gorilla gorilla is the ultimate wordlist tool packing a lot of amazing utilities like: building wordlists based on patterns (like crunch) building wor

andrei 348 Jan 3, 2023
Common protocol for generating ZK proofs for blocks on different blockchains.

Proof Protocol Decoder A flexible protocol that clients (eg. full nodes) can use to easily generate block proofs for different chains. Specification I

Polygon Zero 3 Oct 5, 2023