OpenBao
Replies: 2 comments 1 reply
-
|
\o hey @dragetd -- we had discussed this a bit in #339 but I think the general points still stand: until upstream is unwilling to merge net-new features to the provider and/or OpenBao diverges too far in new functionality, my gut says we should probably keep encouraging collaboration with them on some of this common infra & tooling. That said, if that doesn't occur or we find we've added enough new functionality that we think we could take advantage of, I'm happy to entertain blessing a fork. What's your thoughts? |
Beta Was this translation helpful? Give feedback.
-
|
Oh, actually it did not occur to me that the vault provider might just work, as the API is still in place! Yes, unless the feature-set diverges noticeably, there is not really a point in investing that work right now. Focus should be on polishing it up as it's own project. I'll see what happens if I spin up openbao instead of my vault and throw my tofu against it. More food for my infrastructure. xD |
Beta Was this translation helpful? Give feedback.
-
|
Enough to make one hungry! :D good luck, and let us know if you encounter anything! |
Beta Was this translation helpful? Give feedback.
-
A big strength of a secret management engine beyond simple password managers is the IaC approach of managing them. So generating infrastructure and putting the secrets into the secret store via tofu for example.
Vault had a provider that would allow this. I am pretty sure some OpenBAO provider will eventually pop up, but are there any plans to make it officially part of the project? (With implications like some time in the future releases waiting on each other to ensure compatibility or even inclusion in tests etc.)?
Beta Was this translation helpful? Give feedback.
All reactions