search

ContainerSolutions / externalsecret-operator

An operator to fetch secrets from cloud services and inject them in Kubernetes
Apache License 2.0
189 stars 28 forks source link

Azure backend #141

Closed sebagomez closed 3 years ago

sebagomez commented 3 years ago

Azure Key Vault now available!

Closes #128

codecov[bot] commented 3 years ago

Codecov Report

Merging #141 (3b97575) into master (28fcb8e) will decrease coverage by 7.07%. The diff coverage is 17.14%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #141      +/-   ##
==========================================
- Coverage   87.93%   80.85%   -7.08%     
==========================================
  Files           8        9       +1     
  Lines         315      350      +35     
==========================================
+ Hits          277      283       +6     
- Misses         25       53      +28     
- Partials       13       14       +1
Impacted Files Coverage Δ
pkg/akv/backend.go 17.14% <17.14%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 28fcb8e...cba821c. Read the comment docs.

tesharp commented 3 years ago

Great with Azure Key Vault support.. but it really needs managed identity support (using aad-pod-identity).

sebagomez commented 3 years ago

Thanks for the suggestion @tesharp The External Secret Operator could be running anywhere, and it will get your secrets from the different resources (backends). It does make sense though, that if you have your secrets in Azure Key Vault and your cluster running on Azure Kubernetes Services, you will want to use a managed identity. I'll take a look at it.