ContainerSolutions / externalsecret-operator

An operator to fetch secrets from cloud services and inject them in Kubernetes
Apache License 2.0
189 stars 28 forks source link

Gitlab Backend #90

Closed frankscholten closed 3 years ago

frankscholten commented 4 years ago

For an internal application I currently have to write gitlab-ci.yaml code to copy secrets from Gitlab into Kubernetes. If there is a Gitlab backend for the ESO these secrets can be synced automatically and they can be managed via the Gitlab UI.

Describe the solution you'd like Support gilab CI variables/secrets as a backend for our external secret.

What is the added value? Having new backends increases chances for adoption and broadens the operator use cases. Gitlab is used by us, but some clients, and it is also nice to have kind of a pull strategy instead of pushing secrets into the cluster.

Give us examples of the outcome


apiVersion: store.externalsecret-operator.container-solutions.com/v1alpha1
kind: SecretStore
metadata:
  name: secretstore-sample
spec:
  controller: staging
  # Sample store types
  #
  # Gitlab  
  store:
    type: gitlab
    auth: 
      secretRef: 
        name: externalsecret-operator-credentials-gitlab
        namespace: externalsecret-operator-system
    parameters:
#### TODO: not sure about parameters here. Please update who takes this on so we can discuss further
#### ...

Observations (Constraints, Context, etc):

jonathangold commented 4 years ago

:raised_hands: I'd like to pick this one up, if there's still interest.

knelasevero commented 3 years ago

@jonathangold would be great to have this :)

I think that we just need to merge a PR that is introducing some big changes, and we can get back to working on supporting new Backends

knelasevero commented 3 years ago

@jonathangold we are merging the new CRD structure today. If you wanna take this one, go ahead! :D

Also, there is this old PR https://github.com/ContainerSolutions/externalsecret-operator/pull/16 about adding a git backend. Not sure if it is interesting for you, but I thought that maybe you would want to have a look as well (?)

Please let me know what you think! :smiley:

jonathangold commented 3 years ago

Cool, I'll dig into it this week when I have a little bandwidth.